A True B False Answer B MULTICHOICE 55 access control is a form of access

_________________________ (A) True (B) False Answer : (B)

MULTICHOICE 55. __________ access control is a form of __________ access control in which users are assigned a matrix of authorizations for particular areas of access. (A) lattice-based, discretionary (B) arbor-based, nondiscretionary (C) arbor-based, discretionary (D) lattice-based, nondiscretionary Answer : (D) 56. Which of the following is not a major processing mode category for firewalls? (A) Packet-filtering firewalls (B) Application gateways (C) Circuit gateways (D) Router passthru Answer : (D) 57. __________ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information. (A) Packet-filtering (B) Application gateway (C) Circuit gateway (D) MAC layer Answer : (A) 58. The restrictions most commonly implemented in packet-filtering firewalls are based on __________. (A) IP source and destination address (B) Direction (inbound or outbound) (C) TCP or UDP source and destination port requests (D) All of the above

Answer : (D) 59. __________ filtering requires that the firewall's filtering rules for allowing and denying packets are developed and installed with the firewall. (A) Dynamic (B) Static (C) Stateful (D) Stateless Answer : (B) 60. A __________ filtering firewall can react to an emergent event and update or create rules to deal with the event. (A) dynamic (B) static (C) stateful (D) stateless Answer : (A) 61. __________ inspection firewalls keep track of each network connection between internal and external systems. (A) Static (B) Dynamic (C) Stateful (D) Stateless Answer : (C) 62. The application layer proxy firewall is also known as a(n) __________. (A) application firewall (B) client firewall (C) proxy firewall (D) All of the above

Answer : (A) 63. The proxy server is often placed in an unsecured area of the network or is placed in the __________ zone. (A) fully trusted (B) hot (C) demilitarized (D) cold Answer : (C) 64. The __________ is an intermediate area between a trusted network and an untrusted network. (A) perimeter (B) DMZ (C) domain (D) firewall Answer : (B) 65. __________ firewalls are designed to operate at the media access control sublayer of the data link layer of the OSI network model. (A) MAC layer (B) Circuit gateway (C) Application gateway (D) Packet-filtering Answer : (A) 66. Because the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the __________ host. (A) trusted (B) domain (C) DMZ (D) sacrificial

Answer : (D) 67. The dominant architecture used to secure network access today is the __________ firewall. (A) static (B) bastion (C) unlimited (D) screened subnet Answer : (D) 68. Configuring firewall policies is viewed as much as a(n) __________ as it is a(n) __________. (A) art, science (B) philosophy, skill (C) skill, science (D) pain, necessity Answer : (A) 69. Telnet protocol packets usually go to TCP port __________, whereas SMTP packets go to port __________. (A) 23, 52 (B) 80, 52 (C) 80, 25 (D) 23, 25 Answer : (D) 70. Known as the ping service, ICMP is a(n) __________ and should be ___________.