Quiz: Module 09 Infrastructure Security

0.0(0)

Learn

Practice Test

Spaced Repetition

Match

Flashcards

Card Sorting

1/19

There's no tags or description

Looks like no tags are added yet.

Study Analytics

Name	Mastery	Learn	Test	Matching	Spaced

No study sessions yet.

20 Terms

New cards

Which of the following is NOT true about VPNs?

a. It encrypts all data that is transmitted between the remote endpoint and the network.

b. A remote access VPN is a user-to-LAN connection.

c. A full tunnel routes only some traffic over the secure VPN.

d. There are a variety of protocols that can be used for VPNs.

c. A full tunnel routes only some traffic over the secure VPN.

New cards

Which firewall rule action implicitly denies all other traffic unless explicitly allowed?

a. Force Allow

b. Force Deny

c. Bypass

d. Allow

New cards

Which of the following is NOT true about zero trust?

a. Zero trust assumes that networks have already been infiltrated by threat actors.

b. Zero trust is designed to make a system trusted.

c. The motto of zero trust is "Never trust, always verify."

d. Zero trust acknowledges that implicit trust is a vulnerability.

b. Zero trust is designed to make a system trusted.

New cards

Maya is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Maya consider purchasing that supports her need?

a. content/URL filtering firewall

b. policy-based firewall

c. hardware firewall

d. proprietary firewall

b. policy-based firewall

New cards

Astri is reviewing a log file of a new firewall. She notes that the log indicates packets are being dropped for incoming packets for which the internal endpoint did not initially create the request. What kind of firewall is this?

a. stateful packet filtering

b. connection-aware firewall

c. proxy firewall

d. packet filtering firewall

a. stateful packet filtering

New cards

What is a virtual firewall?

a. a firewall that runs in the cloud

b. a firewall that runs in an OS contained as part of an appliance

c. a firewall that runs in a sandbox

d. a firewall appliance that runs on a LAN

a. a firewall that runs in the cloud

New cards

Which of these appliances provides the broadest protection by combining several security functions?

a. NAT

b. UTM

c. WAF

d. NGFW

b. UTM

New cards

Which firewall allows for the most advanced traffic filtering?

a. Layer 4 firewall

b. Layer 5 firewall

c. Layer 6 firewall

d. Layer 7 firewall

New cards

Ada is researching DDoS mitigations for her company. Which of the following should Ada consider?

a. DDoS Prevention System (DPS)

b. DNS sinkhole

c. MAC pit

d. IP denier

b. DNS sinkhole

New cards

Which of the following devices routes requests coming from an external network to the correct internal server?

a. forward proxy server

b. reverse proxy server

c. lateral proxy server

d. neutral proxy server

b. reverse proxy server

New cards

Iben is preparing a presentation about DMZs. Which of the following would NOT be a true statement regarding a DMZ?

a. It can be configured to have one or two firewalls.

b. It contains servers that are used only by trusted internal users.

c. It typically includes an email or web server.

d. It provides an extra degree of security.

b. It contains servers that are used only by trusted internal users.

New cards

Tuva is documenting the different types of web filtering software her organization is using for scanning. Which of the following is NOT a type of web filtering scanning she would document?

a. cloud scanning

b. decentralized proxy scanning

c. agent-based scanning

d. browser scanning

b. decentralized proxy scanning

New cards

Which of the following is NOT an example of infrastructure security hardware that can be used for protecting a network?

a. IPS

b. Proxy server

c. NGFW

d. Switch

New cards