Question 6 of 1780

The Chief Information Security Officer (CISO) has mandated that all IT systems with credit card data should be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged.

Which of the following would BEST meet the CISOs requirements?

Answer

Suggested Answer

The suggested answer is C.

The basic purpose of a firewall is to isolate one network from another.
Incorrect Answers:
A: The terms protocol analyzer and packet sniffer are interchangeable. They refer to the tools used in the process of monitoring the data that is transmitted across a network.
B: A network-based IDS (NIDS) watches network traffic in real time. Its reliable for detecting network-focused attacks, such as bandwidth-based DoS attacks.
D: Web proxies are used to forward HTTP requests.
E: Layer 2 switching uses the media access control address (MAC address) from the host's network interface cards (NICs) to decide where to forward frames.
Layer 2 switching is hardware based, which means switches use application-specific integrated circuit (ASICs) to build and maintain filter tables (also known as
MAC address tables or CAM tables).
References:
, 6th Edition, Sybex, Indianapolis, 2014, p. 342
http://en.wikipedia.org/wiki/Intrusion_prevention_system
http://en.wikipedia.org/wiki/LAN_switching
http://en.wikipedia.org/wiki/Proxy_server#Web_proxy_servers
Question 7 of 1780

Which of the following network design elements allows for many internal devices to share one public IP address?

Answer

Suggested Answer

The suggested answer is B.

Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses.
Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP) assigns a single IP address to the home network's router. When Computer
X logs on the Internet, the router assigns the client a port number, which is appended to the internal IP address. This, in effect, gives Computer X a unique address. If Computer Z logs on the Internet at the same time, the router assigns it the same local IP address with a different port number. Although both computers are sharing the same public IP address and accessing the Internet at the same time, the router knows exactly which computer to send specific packets to because each computer has a unique internal address.
Incorrect Answers:
A: Destination network address translation (DNAT) is a technique for transparently changing the destination IP address of an end route packet and performing the inverse function for any replies. Any router situated between two endpoints can perform this transformation of the packet. DNAT is commonly used to publish a service located in a private network on a publicly accessible IP address. This use of DNAT is also called port forwarding. DNAT does not allow for many internal devices to share one public IP address.
C: DNS (Domain Name System) is a service used to translate hostnames or URLs to IP addresses. DNS does not allow for many internal devices to share one public IP address.
D: A DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. A DMZ does not allow for many internal devices to share one public IP address.
References:
http://searchnetworking.techtarget.com/definition/Port-Address-Translation-PAT http://en.wikipedia.org/wiki/Network_address_translation#DNAT http://en.wikipedia.org/wiki/Domain_Name_System http://en.wikipedia.org/wiki/DMZ_(computing)
Question 8 of 1780

Which of the following is the best practice when securing a switch from physical access?

Answer

Suggested Answer

The suggested answer is D.

Disabling unused ports is a best practice when securing a switch from physical access because it prevents unauthorized devices from connecting to the network through an unused port. This limits the opportunity for unauthorized physical connections that could compromise network security. By ensuring that only active and necessary ports are enabled, you minimize the risk of unauthorized access through physical means.

Question 9 of 1780

Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website?

Answer

Suggested Answer

The suggested answer is B.

Load balancing refers to shifting a load from one device to another. A load balancer can be implemented as a software or hardware solution, and it is usually associated with a devicea router, a firewall, NAT appliance, and so on. In its most common implementation, a load balancer splits the traffic intended for a website into individual requests that are then rotated to redundant servers as they become available.
Incorrect Answers:
A: The terms protocol analyzing and packet sniffing are interchangeable. They refer to the process of monitoring the data that is transmitted across a network.
C: A VPN concentrator is a hardware device used to create remote access VPNs. The concentrator creates encrypted tunnel sessions between hosts, and many use two-factor authentication for additional security.
D: One of the newest buzzwords is web security gateway, which can be thought of as a proxy server (performing proxy and caching functions) with web protection software built in. Depending on the vendor, the "web protection" can range from a standard virus scanner on incoming packets to monitoring outgoing user traffic for red flags as well.
References:
, 6th Edition, Sybex, Indianapolis, 2014, pp. 103, 104, 118
Question 10 of 1780

Pete, the system administrator, wishes to monitor and limit users access to external websites.

Which of the following would BEST address this?

Answer

Suggested Answer

The suggested answer is D.

Installing a proxy server would best address the need to monitor and limit users' access to external websites. A proxy server can control and filter web traffic, ensuring that users only access permitted sites while blocking known malicious or restricted sites. Furthermore, proxy servers can provide logging and reporting features essential for monitoring user activity.