10/12/2015 TheAceStudent: Saint COm530 quiz 3 module 8 (Perfect Answer)

data:text/html;charset=utf­8,%3Ch3%20class%3D%22post­title%20entry­title%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B… 1/3

Saint COm530 quiz 3 module 8 (Perfect Answer)

Question 1.1.What should a company consider installing on the network perimeter to prevent directconnections between the internal network and the Internet to help protect its data warehouses andemployee privacy?(Points : 4)RouterVPN serverICMP monitorProxy serverQuestion 2.2.The Cisco PIX line of products is best described as which of the following? (Points : 4)software firewallPC with firewall installedfirewall applianceVPN gatewayQuestion 3.3. Which of the following is a typical drawback of a free firewall program? (Points : 4)cannot monitor traffic in real timeoversimplified configurationhave centralized managementmore expensive than hardware firewallsQuestion 4.4. Which of the following is an advantage of hardware firewalls? (Points : 4)not scalable compared to software firewallsnot dependent on a conventional OSless expensive than software firewallseasy to patchQuestion 5.5. What are the two standard ports used by FTP along with their function? (Points : 4)UDP 23 control, TCP 20 dataUDP 20 data, TCP 21 controlTCP 21 control, TCP 20 dataTCP 23 data, TCP 21 controlQuestion 6.6. Which of the following is true about private IP addresses? (Points : 4)they are assigned by the IANAthey are not routable on the Internetthey are targeted by attackersNAT was designed to conserve themQuestion 7.7. Which type of security device can speed up Web page retrieval and shield hosts onthe internal network? (Points : 4)caching firewallproxy servercaching­only DNS serverDMZ intermediaryQuestion 8.8. Which of the following is true about a dual­homed host? (Points : 4)serves as a single point of entry to the networkits main objective is to stop worms and virusesuses a single NIC to manage two network connectionsit is used as a remote access server in some configurations

Saint COm530 quiz 3 module 8 (Perfect Answer)

10/12/2015 TheAceStudent: Saint COm530 quiz 3 module 8 (Perfect Answer)

data:text/html;charset=utf­8,%3Ch3%20class%3D%22post­title%20entry­title%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B… 2/3

Question 9.9. Which type of translation should you use if you need 50 computers in the corporatenetwork to be able to access the Internet using a single public IP address? (Points : 4)one­to­one NATport address translationone­to­many NATDMZ proxy translationQuestion 10.10. Which of the following is a disadvantage of using a proxy server? (Points : 4)shields internal host IP addressesslows Web page accessmay require client configurationcan’t filter based on packet contentQuestion 11.11. Which of the following is a type of VPN connection? (Points : 4)site­to­serverclient­to­siteserver­to­clientremote gatewayQuestion 12.12. Which of the following is NOT a factor a secure VPN design should address?(Points : 4)EncryptionAuthenticationNonrepudiationperformanceQuestion 13.13. Which IPsec component authenticates TCP/IP packets to ensure data integrity?(Points : 4)AHESPIKEISAKMPQuestion 14.14. Which of the following is NOT an essential element of a VPN? (Points : 4)VPN serverTunnelVPN clientauthentication serverQuestion 15.15. Which of the following is NOT true about a hardware VPN? (Points : 4)should be the first choice for fast­growing networkscan handle more traffic than software VPNshave more security vulnerabilities than software VPNscreate a gateway­to­gateway VPNQuestion 16.16. Which of the following is true about the Internet? (Points : 4)it is the same as the World Wide Webit was established in the mid­1960sit was developed by a network of banks and businessesit was originally built on an extended star topologyQuestion 17.17. Which of the following is a highly secure public facility in which backbones haveinterconnected data lines and routers that exchange routing and traffic data? (Points : 4)ISPPOPNAPNSF

10/12/2015 TheAceStudent: Saint COm530 quiz 3 module 8 (Perfect Answer)

data:text/html;charset=utf­8,%3Ch3%20class%3D%22post­title%20entry­title%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B… 3/3

Question 18.18. What makes IP spoofing possible for computers on the Internet? (Points : 4)network address translationthe lack of authenticationthe 32­bit address spacethe DNS hierarchyQuestion 19.19. What type of attack displays false information masquerading as legitimate data?(Points : 4)Java appletPhishingBuffer overflowSQL injectionQuestion 20.20. Which of the following best describes ROI? (Points : 4)the chance that a threat will result in lost moneyhow long before an investment will pay for itselfthe cost of mitigating a threatthe benefits of setting security prioritiesQuestion 21.21. What is considered the first step in formulating a security policy? (Points : 4)risk analysiselimination of threatsrisk reductionsystem monitoringQuestion 22.22. Which of the following best describes a Monte Carlo simulation? (Points : 4)a technique for simulating an attack on a systema formula that estimates the cost of countermeasuresa procedural system that simulates a catastrophean analytical method that simulates a real­life system for risk analysisQuestion 23.23. Which of the following is a security­related reason for monitoring and evaluatingnetwork traffic? (Points : 4)to determine if your IDPS signatures are working wellto create substantial data to analyzeto optimize your router and switch protocolsto see how many files employees download form the InternetQuestion 24.24. Which of the following is NOT typically an aspect of a security event managementprogram? (Points : 4)monitoring eventsmanaging IDPS firmwaremanaging data from sensorsmanaging changeQuestion 25.25. What should an outside auditing firm be asked to sign before conducting a securityaudit? (Points : 4)subpoenanondisclosure agreementsearch and seizure contractsocial engineering covenant

Saint COm530 quiz 3 module 8 (Perfect Answer)