Objective Questions:-

1.

A firewall needs to be ____ so that it can grow with the network it protects.

A. B. C. D.

robust expensive fast scalable

2.

A(n) ____ is a fancy term for a computer that has two network interfaces.

A. B. C. D.

proxy gateway duel-homed host routing workstation NAT server

3.

A(n) ____ host is sometimes called a dual-homed gateway or bastion host.

A. B. C. D.

proxy stub sceened blocked

4.

The ____ server in the DMZ needs only list a limited number of public IP addresses.

A. B. C. D.

DNS NAT proxy firewall

5.

A(n) ____ server is a server that creates a secure tunnel connection.

A. B. C. D.

RADIUS VPN tunnel authentication

6.

What is one advantage of setting up a DMZ with two firewalls?

A. B. C. D.

You can control where traffic goes in the three networks You can do stateful packet filtering You can do load balancing Improved network performance

7. The use of the Internet or other electronic means to stalk or harass an invidual, a group of individuals, or an organisation is termed: (a)Cyberspace (b)Cyberstalking (c)Pornography (d)None of these

8. A system that monitors traffic into and out of a network and automatically alerts personnel when suspicious traffic patterns occur, indicating a possible

unauthorized intrusion attempt is called a(n) __________________.

A. B. C. D.

IDS firewall router anit-virus software

9. In an IP packet header, the ____ is the address of the computer or device that is to receive the packet.

A. B. C. D.

source address flag destination address total length

10. In an IP packet header, the ____ describes the length of the header in 32-bit words and is a 4-bit value.

A. B. C. D.

Internet header length fragment offset total length header checksum

11.

What tells a firewall how to reassemble a data stream that has been divided into packets?

A. B. C. D.

The source routing feature The number in the header's identification field The destination IP address The header checksum field in the packet header

12.

What is the most effective security approach for a stateless packet filter?

A. B. C. D.

Deny all except specified hosts Allow all except specified hosts Allow access to only specified destination servers Deny access to all destinations except specified servers

13.

What TCP port is used by Telnet?

A. B. C. D.

80 110 23 72

14.

What TCP port is used to filter out Web traffic?

A.

25

B. C. D.

21 23 80

15. Some ____ firewalls are able to examine the contents of packets as well as the headers for signs that they are legitimate.

A. B. C. D.

boundary stateful stateless personal

16.

What is the most common command to use ICMP?

A. B. C. D.

Ping Trace Netstat NBTstat

17.

What port does secure HTTP use?

A. B. C. D.

8080 224 442 443

18.

What port does DNS use for connection attempts?

A. B. C. D.

68 21 53 56

19.

FTP uses port ____ for the control port.

A. B. C. D.

20 21 22 23

20.

A datagram is called ______ at the physcial layer of OSI.

A. B. C. D.

bits segments frames packets

21.

A datagram is called ______ at the network layer of OSI.

A. B.

bits segments

C. D.

frames packets

22.

Which of the following is a cyber crime?

(a)Hacking (b)Worm attack (c)Virus attack (d)All of these

23.

A ________-level proxy provides protection at the session layer of OSI.

A. B. C. D.

application circuit proxy server

24.

Ports up to _______ are called well-known ports.

A. B. C. D.

1500 255 1023 1025

25.

A stateful firewall maintains a ___________, which is a list of active connections.

A. B. C. D.

routing table bridging table state table connection table

26. _______________ is an error-checking procedure performed in the trailer section of an IP packet.

A. B. C. D.

CRC ACK FQDN FIN

27. This 8-bit value identifies the maximum time the packet can remain in the system before it is dropped.

A. B. C. D.

fragment time to live protocol checksum

28.

Zone Alarm is an example of a ________ firewall.

A. B.

personal corporate

C. D.

IDS none of the above

29.

___________ is another term for a packet of digital information.

A. B. C. D.

footer header data datagram

30. The practice of designing operational aspects of a system to work with a minimal amount of system privilege is called _____________.

A. B. C. D.

least privilege failover firewall IP forwarding access denied