Term
________ is a worldwide system of connected computer networks. Connected computers use the _______ protocol suite. |
|
Definition
Internet
TCP/IP
The internet is the largest WAN in the world. |
|
|
Term
________ is a private computer network that an organization implements to share data with employees. |
|
Definition
|
|
Term
________ is a private computer network that extends to users outside a company in order to share data. |
|
Definition
|
|
Term
________ a connection between two or more computers or devices that are not on the same private network. In effect creating a tunnel through LANs and WANs connecting the 2 devices together. |
|
Definition
VPN (Virtual Private Network) |
|
|
Term
________ are primarily used to protect one network from another, often the first line of defense in network security. Used to protect a network from malicious attack and unwanted intrusion. |
|
Definition
Firewalls
Some run as software on server computers, some as stand-alone dedicated appliances. They are commonly implemented between the LAN and the internet. |
|
|
Term
________ has widespread support with nearly all versions of Windows. It uses the Microsoft Point‐to‐Point Encryption (MPPE) protocol with RC4 (128‐bit key) to protect data that is in transit. |
|
Definition
Point‐to‐Point Tunneling Protocol (PPTP)
PPTP provides confidentiality, it prevents data from being viewed, but does not provide data integrity. It doesn't protect the packet from being intercepted and modified. |
|
|
Term
________, is a type of tunneling protocol that requires that the computers mutually authenticate themselves to each other. |
|
Definition
Layer 2 Tunneling Protocol over IPsec (L2TP/IPsec)
Uses port 1701 |
|
|
Term
_________, is a type of tunneling protocol that works by sending PPP or L2TP traffic through an SSL 3.0 channel |
|
Definition
Secure Socket Tunneling Protocol (SSTP) |
|
|
Term
VPN Reconnect also known as ________, is a feature introduced with Routing and Remote Access Service (RRAS) in Windows Server 2008 R2 and Windows 7. |
|
Definition
Internet Key Exchange version 2 (IKEv2)
It differs from other VPN protocols in that it will not drop the VPN tunnel associated with the session. Instead, it keeps the connection alive for 30 minutes. This allows you to reconnect automatically without having to authenticate yourself again. |
|
|
Term
________, also known as pure packet filtering, does not retain memory of packets that have passed through the firewall. Due to this it can be vulnerable to IP spoofing attacks. |
|
Definition
|
|
Term
A firewall running ________, is normally not vulnerable to IP Spoofing because it keeps track of the state of network connections by examining the header in each packet. |
|
Definition
Stateful Packet Inspection (SPI)
This function operates at the Network Layer of the OSI model. |
|
|
Term
_______, filters traffic per ports (TCP or UDP). This can be done in three ways: by way of basic endpoint connections, by matching incoming traffic to the corresponding outbound IP address connection, or by matching incoming traffic to the corresponding IP address AND port |
|
Definition
|
|
Term
________, supports address and port translation and checks if they type of application traffic is allowed. |
|
Definition
Application-level Gateway (ALG)
Example: FTP traffic may be allowed through the firewall, but Telnet traffic may be disabled. |
|
|
Term
________ works at the Session Layer of the OSI model, when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking. |
|
Definition
Circuit-level Gateway
Circuit‐level gateways hide information about the private network, but they do not filter individual packets. |
|
|
Term
__________ acts as an intermediary between the LAN and the Internet. Can also cache pages in order to increase speed of commonly accessed websites. |
|
Definition
|
|
Term
________ attempts to detect malicious network activities, for example port scans and DoS attacks, by constantly monitoring network traffic, then reports any issues that it finds to a network administrator as long as it is configured properly. |
|
Definition
Network Intrusion Detection System (NIDS) |
|
|
Term
_________ is designed to inspect traffic and based on the configuration or security policy, it can remove, detain, or redirect malicious traffic in addition to simply detecting it. |
|
Definition
Network Intrusion Prevention System (NIPS) |
|
|
Term
When setting up a VPN that allows connections on inbound port 1723, which of the following tunneling protocols should be used?
A. PPTP B. PPP C. L2TP D. TCP/IP |
|
Definition
|
|
Term
A company wants to set up a VPN server. Which of the following services in Windows Server 2016 should be used?
A. FTP B. DNS C. RRAS D. IIS |
|
Definition
C. RRAS
Routing and Remote Access Service is a suite of network services that enable a server to perform the services of a conventional router. |
|
|
Term
An issue with one of the ports on the firewall is suspected. Which of the following is the appropriate tool to use to scan the ports?
A. PPTP B. Protocol analyzer C. NMAP D. NIDS |
|
Definition
C. NMAP
Network Mapper is a scanner used to discover hosts and services on a computer network by sending packets and analyzing the responses. Host Discovery and Port Scanning are two of its many features. |
|
|
Term
A manager wants to set up an area that is not on the LAN but not quite on the Internet. This area will house servers that will serve requests to users connecting to the intranet. Which type of network area or zone should be set up?
A. DMZ B. Extranet C. FTP D. VPN |
|
Definition
|
|
Term
A client wants to install a VPN server that can offer unencrypted tunnels by default or encrypted tunnels by using IPsec. Which of the following services should be used?
A. DNS B. L2TP C. WINS D. IPsec |
|
Definition
|
|