If you see a /16 in the header of a snort rule, what does it mean?
the subnet mask is 255.255.0.0
Which of the following is true about an NIDPS versus an HIDPS?
an HIDPS can detect attacks not caught by an NIDPS
Which of the following is NOT a typical IDPS component?
A hybrid IDPS combines aspects of NIDPS and HIDPS configurations.
The period of time during which an IDPS monitors network traffic to observe what constitutes normal network behavior is referred to as which of the following?
Which type of IDPS can have the problem of getting disparate systems to work in a coordinated fashion?
What is an advantage of the anomaly detection method?
system can detect attacks from inside the network by people with stolen accounts
Where is a host-based IDPS agent typically placed?
on a workstation or server
A weakness of a signature-based system is that it must keep state information on a possible attack
Which approach to stateful protocol analysis involves detection of the protocol in use, followed by activation of analyzers that can identify applications not using standard ports?
Dynamic Application layer protocol analysis
What are the two standard ports used by FTP along with their function?
TCP 21 control, TCP 20 data
Which of the following is a general practice for a rule base?
permit access to public servers in the DMZ
What is a suggested maximum size of a rule base?
Which of the following is NOT among the common guidelines that should be reflected in the rule base to implement an organization’s security policy?
employees can use instant-messaging only with external network users
Software firewalls are usually more scalable than hardware firewalls.
At what layer of the OSI model do proxy servers generally operate?
The Cisco PIX line of products is best described as which of the following?
Which of the following is a typical drawback of a free firewall program?
cannot monitor traffic in real time
Which of the following is a method for supporting IPv6 on IPv4 networks until IPv6 is universally adopted?
Which of the following is an advantage of hardware firewalls?
not dependent on a conventional OS
Which of the following best describes a DMZ?
a subnet of publicly accessible servers placed outside the internal network
Where should network management systems generally be placed?
out of band
What do you call a firewall that is connected to the Internet, the internal network, and the DMZ?
What should you consider installing if you want to inspect packets as they leave the network?
What is a step you can take to harden a bastion host?
remove unnecessary services
Which type of firewall configuration protects public servers by isolating them from the internal network?
screened subnet DMZ
In what type of attack are zombies usually put to use?
Which type of NAT is typically used on devices in the DMZ?
Which type of security device can speed up Web page retrieval and shield hosts on the internal network?
Which of the following is true about private IP addresses?
they are not routable on the Internet
Which of the following is true about SSL?
it uses sockets to communicate between client and server
What was created to address the problem of remote clients not meeting an organization’s VPN security standards?
Which of the following is an improvement of TLS over SSL?
adds a hashed message authentication code
What are the two modes in which IPsec can be configured to run?
tunnel and transport
Which of the following is true about software VPNs?
more cost-effective than hardware VPNs
Which VPN protocol leverages Web-based applications?
Which VPN protocol works at Layer 3 and can encrypt the entire TCP/IP packet?
Which of the following is a type of VPN connection?
Which of the following is NOT an essential element of a VPN?
Which of the following is true about using VPNs?
can use an existing broadband connection
Need essay sample on "CTC 452-01 TEST 2"? We will write a custom essay sample specifically for you for only $ 13.90/page