Candidate: Zemas Howard (zmshoward) Date: 1/7/2022 7:40:13 am • Time spent: 03: Show Score: 100% Passing Score: 80% Question 1: Correct Where should an organization's web server be placed? EXPLANATION A web server should be placed in the demilitarized zone (DMZ). The DMZ is a network that contains publicly accessible resources. The DMZ is located between the private network and an untrusted network (such as the internet) and is protected by a firewall. An intranet is a private network (LAN) that employs internet information services for internal use only. Since a website should be publicly available, its server should not be placed on the intranet. An extranet is a privately controlled network that is distinct from the intranet. An extranet is located between the internet and a private LAN. An extranet is often used to grant resource access to business partners, suppliers, and even customers outside of an organization. The web server shouldn't be placed here. A honeynet is a special network created to trap potential attackers. A web server would not be placed in a honeynet. Intranet Extranet Honeynet DMZ Question 2: Correct Which of the following is a privately controlled portion of a network that is accessible to some specific external entities? EXPLANATION An extranet is a privately controlled portion of a network that is accessible to some specific external entities. Often, those external entities are business partners, suppliers, distributors, vendors, or customers. An intranet is a LAN that employs the technology of the internet (namely, TCP/IP, web servers, and email). The internet is the global TCP/IP-based network that supports most web and email communications. A metropolitan area network (MAN) is a LAN that is spread across several city blocks, across a business park, or across a campus. Extranet Internet Intranet MAN Question 4: Correct A honeypot is used for which purpose? EXPLANATION A honeypot is used to delay intruders in order to gather auditing data. A honeypot is a fake network or system that hosts false information but responds as a real system should. Honeypots usually entice intruders to spend considerable time on the system and allow extensive logging of the intruder's activities. A honeypot often allows companies to discover and even prosecute intruders. Honeypots should not be used to entrap intruders. Entrapment is an illegal activity. Honeypots are not direct countermeasures to preventing unwanted access. Rather, they are an enticement to prevent intruders from getting into the private network in the first place. Honeypots rarely take offensive action against intruders. They may prevent malicious activities from being launched by an intruder, but they do not direct attacks at him or her. To prevent sensitive data from being accessed To entrap intruders To disable an intruder's system To delay intruders in order to gather auditing data Question 5: Correct Which of the following devices can apply quality of service and traffic-shaping rules based on what created the network traffic? EXPLANATION An application-aware device can analyze and manage network traffic based on the Application layer protocol that created it. Some of these devices can also apply quality of service (QoS) and traffic- shaping rules based on the application that created network traffic. All-in-one security appliances combine many security functions into a single device. All-in-one security appliances are also known as unified threat security devices or web security gateways. Network access control (NAC) controls access to the network by not allowing computers to access network resources unless they meet certain predefined security requirements. A proxy server is a type of firewall that stands as an intermediary between clients requesting resources from other servers. All-in-one security appliances Network access control Application-aware devices Proxy server Question 7: Correct You are implementing security at a local high school that is concerned with students accessing inappropriate material on the internet from the library's computers. The students use the computers to search the internet for research paper content. The school budget is limited. Which content filtering option would you choose? EXPLANATION Restricting content based on categories would provide the most protection with the least amount of research and involvement. All other options require research to identify specific content or websites, which could allow access to undesirable websites or prevent access to necessary websites. Question 8: Correct Which of the following BEST describes a honeyfile? EXPLANATION A honeyfile is a single file setup to entice and trap attackers and to figure out what they're trying to do. A token is a device or a file used to authenticate. A honeyfile could be placed in the /etc/security directory. The file would not be a default file in the directory. A digitally signed file is like putting a lock on the document. Block all content except for content you have identified as permissible. Restrict content based on content categories. Block specific DNS domain names. Allow all content except for the content you have identified as restricted. A default file in the /etc/security directory. A file used to authenticate. A file that has been digitally signed. A single file setup to entice and trap attackers. Question 9: Correct Members of the sales team use laptops to connect to the company network. While traveling, they connect their laptops to the internet through airport and hotel networks. You are concerned that these computers could pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless antivirus software and the latest operating system patches are installed. Which solution should you use? EXPLANATION Network access control (NAC) controls access to a network by not allowing computers to access network resources unless they meet certain predefined security requirements. Conditions that can be part of the connection requirements include requiring that computers have: Antivirus software with up-to-date definition files An active personal firewall Specific operating system critical updates and patches A client that is determined healthy by the NAC is given access to the network. An unhealthy client, who has not met all the checklist requirements, is either denied access or can be given restricted access to a remediation network, where remediation servers can be contacted to help the client to become compliant. A demilitarized zone (DMZ) is a buffer network (or subnet) that sits between a private network and an untrusted network (such as the internet). A virtual LAN (VLAN) is a logical grouping of computers based on switch port. VLAN membership is configured by assigning a switch port to a VLAN. An intrusion detection system (IDS) is a special network device that can detect attacks and suspicious activity. A network-based IDS (NIDS) scans network traffic looking for intrusion attempts. NACVLANDMZNIDSWhat is a DMZ and what is it used for?In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet. DMZs are also known as perimeter networks or screened subnetworks.
How does a firewall DMZ work?The goal of a DMZ is to add an extra layer of security to an organization's local area network. A protected and monitored network node that faces outside the internal network can access what is exposed in the DMZ, while the rest of the organization's network is safe behind a firewall.
What is a DMZ in cybersecurity?A DMZ, short for demilitarized zone, is a network (physical or logical) used to connect hosts that provide an interface to an untrusted external network – usually the internet – while keeping the internal, private network – usually the corporate network – separated and isolated form the external network.
What is the main advantage of setting up a DMZ with two firewalls?Explanation: Setting up a DMZ with two firewalls has its own advantages. The biggest advantage that you can do load balancing. A topology with two firewalls also helps in protecting internal services on the LAN from denial of the service attacks on the firewall's perimeter.
|
