FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 6: Security Technology: Access Controls, Firewalls, and Vpns

Show Answer

Share

---

All types

Filters

Study Flashcards

Question 21

True/False

Review LaterAdd Note

Review Later

In order to keep the Web server inside the internal network, direct all HTTP requests to the internal filtering firewall and configure the internal filtering router/firewall to allow only that device to access the internal Web server. _________________________

A) True
B) False

Correct Answer

verified

Show Answer

Question 22

True/False

Review LaterAdd Note

Review Later

When Web services are offered outside the firewall, HTTP traffic should be blocked from internal networks through the use of some form of proxy access or DMZ architecture.

A) True
B) False

Correct Answer

verified

Show Answer

Question 23

True/False

Review LaterAdd Note

The primary disadvantage of stateful packet inspection firewalls is the additional processing required to manage and verify packets against the state table. _________________________

One of the biggest challenges in the use of the trusted computer base (TCB) is the existence of explicit channels. _________________________

Authentication is the process of validating and verifying an unauthenticated entity's purported identity.

The application firewall is also known as a(n) ____________________ server.

​Lattice-based access control is a form of access control in which users are assigned a matrix of authorizations for particular areas of access.

Most current operating systems require specialized software to connect to VPN servers, as support for VPN services is no longer built into the clients.

The presence of external requests for Telnet services can indicate a potential attack. _________________________

Kerberos ticket granting service (TGS), which provides tickets to clients who request services. In Kerberos a ticket is an identification card for a particular client that verifies to the server that the client is requesting services and that the client is a valid member of the Kerberos system and therefore authorized to receive services. The ticket consists of the client's name and network address, a ticket validation starting and ending time, and the session key, all encrypted in the private key of the server from which the client is requesting services.

A VPN, used properly, allows use of the Internet as if it were a private network.

The RADIUS system decentralizes the responsibility for authenticating each user by validating the user's credentials on the NAS server.

The architecture of a(n) ____________________ firewall provides a DMZ.

Authentication is a mechanism whereby unverified entities who seek access to a resource provide a label by which they are known to the system. _________________________

Which of the following is not a major processing mode category for firewalls?

In static filtering, configuration rules must be manually created, sequenced, and modified within the firewall. _________________________

A routing table tracks the state and context of each packet in the conversation by recording which station sent what packet and when. _________________________

Firewalls operate by examining a data packet and performing a comparison with some predetermined logical rules. _________________________

Key Distribution Center (KDC), which generates and issues session keys.

The DMZ can be a dedicated port on the firewall device linking a single bastion host.