Question
Network Security fundamentals( Computer Science major)
multiple choice question. posting more soon.
CST 3610- Network Security Fundamentals Midterm Exam October 22, 2014 Computer Systems Technology Department A. Layered security, controlling access, role-specific security, user awareness, monitoring, and keeping systems patched. B. Single point of defense, limited control on devices, individual user id based security policy, limited user knowledge regarding security, limited monitor on servers and limited implementation of patches. c. single perimeter of defense, very limited role based security setup, only monitoring of servers, limited operating system patch implementation, keep user community isolated from security flaws, single point of contact for security breaches and limited restriction on ports at workgroup router All of the above D. 36. Which type of device typically performs a stateful packet inspection? What type of packet header is analyzed and what is its importance? A. Router, it monitor the TCP header for information to track the TTL value B. Firewall, it monitors the IP header information to track the status of a connection C. Network Switch, it monitors network packets and track malicious threats D. Server, it monitor HTTP packets and track malicious 5SL traffic E. None of above 37. What are some of limitations of stateful packet inspection (SPI? A spi not abl to coP Layer traffic because it cannot determine if a pack for internal or external network. B. SPI is limited in its capability because it's not able to inspects arriving packets header information flags set such as SYN, ACK, FIN, RST, C SPI is not able to decipher source and destination ports, D. SPI cannot inspection or track every type of packet; for example, ICMP and UDP are not stateful or no application-level inspection above layer 4 E. All of the above Address? 38. Which is the best definition of the Public & Private IP ivate IP A. Public IP address are for addressing host on internal corporate network and Pr are isolated to internal workstation addresses Private IP address are for internal, non-public Internet use. Public IP addresses are utilized on Hosts on the public Internet. 8. C Public sddress are also known as the loopback adapter address (127.0.0.1) and Private o. Public iP address are dynamicaly assigned via DHCP servers and Private iP are configured vi routers E All of the above. Which best defines split-tunneling functionality that works within a corporate VPN
Explanation / Answer
Statefull Packet inspectioin :
It is the process of monitoring the state of active connections and uses the informatioin to decide which packets to allow through the file.
A. Router monitoring the TCP header to calculate TTL .
TTL is the value that decides the life of the packet.
Each time it passes a router TTL is decremented when it becomes zero it is discarded.
So it is nothing to deal with stateful packet inspection.
B.Firewall
Statefull inspection is actually a firewall technology. It monitors the packets and active connectioins and determines which packet to allow through the firewall.
C.Network switch
A network switch basically switches the packets in a network. It does not implement the Statefull Packet Inspection.
D. Server.
A server itself independent of firewall doesn't implement a Statefull Packet Inspection. It has to take the help of a firewall. A server the requests from the client that's it.
So the answer will be Firewall (B).
/* thank you*/
/* if any queries please ccomment */