Chapter 06

Chapter 06 - 06 True/False Indicate whether the statement...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
06 True/False Indicate whether the statement is true or false. ____ 1. Firewalls can be categorized by processing mode, development era, or structure. ____ 2. The firewall can often be deployed as a separate network containing a number of supporting devices. ____ 3. Packet filtering firewalls scan network data packets looking for compliance with or violation of the rules of the firewall’s database. ____ 4. A packet’s content is independent from the nature of the packet. ____ 5. The ability to restrict a specific service is now considered standard in most routers and is invisible to the user. ____ 6. The application firewall runs special software that acts as a proxy for a service request. ____ 7. The Web server is often exposed to higher levels of risk when placed in the DMZ than when it is placed in the un-trusted network. ____ 8. Circuit gateway firewalls usually look at data traffic flowing between one network and another. ____ 9. On the client end, a user with Windows 2000 or XP can establish a VPN by configuring his or her system to connect to many widely used VPN servers. ____ 10. A VPN allows a user to use the Internet as if it were a private network. ____ 11. If Kerberos servers are subjected to denial-of-service attacks, a client can request additional services. ____ 12. The extended TACACS version uses dynamic passwords and incorporates two-factor authentication. ____ 13. Internet connections via dial-up and leased lines are becoming more popular. ____ 14. A content filter is technically a firewall. ____ 15. A content filter is essentially a set of scripts or programs that restricts user access to certain networking proto- cols and Internet locations. ____ 16. When Web services are offered outside the firewall, HTTP traffic should be denied from reaching the internal networks through the use of some form of proxy access or DMZ architecture. ____ 17. Telnet, although not always considered secure, is still considered useful to systems administrators of Unix/Linux systems ____ 18. It is important that e-mail traffic reach your e-mail server and only your e-mail server. ____ 19. A best practice for firewall rule configuration states that all routine HTTP traffic from outside the network is allowed in. ____ 20. Firewall Rule Set 1 states that responses to internal requests are not allowed. ____ 21. Some firewalls can filter packets by the name of a particular protocol. ____ 22. Good policy and practice dictate that each firewall device, whether a filtering router, bastion host, or other firewall implementation, must have its own set of configuration rules that regulate its actions. ____ 23. The screened subnet protects the DMZ systems and information from outside threats by providing a network of intermediate security.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
____ 24. The DMZ cannot be a dedicated port on the firewall device linking a single bastion host. ____ 25.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/09/2011 for the course COM 308 taught by Professor E.bautista during the Fall '10 term at St. Leo.

Page1 / 11

Chapter 06 - 06 True/False Indicate whether the statement...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online