3D053 CDC Edit 02 Vol 2

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Rediculous
R
Rediculous
Community Contributor
Quizzes Created: 2 | Total Attempts: 1,188
| Attempts: 531
SettingsSettings
Please wait...
  • 1/100 Questions

    Which port is used for hypertext transfer protocol (HTTP)?

    • 21
    • 22
    • 60
    • 80
Please wait...
About This Quiz

The is the URE's from vol 2, edit code 02 which became active after 4 April 2013

CDC Quizzes & Trivia

Quiz Preview

  • 2. 

    Which port range constitutes well-known ports?

    • 0–1023.

    • 1024–23535.

    • 23536–49151.

    • 49152–65535.

    Correct Answer
    A. 0–1023.
    Explanation
    The well-known ports range from 0-1023. These ports are reserved for specific services and protocols that are commonly used and recognized. They include ports for popular services like HTTP (port 80), FTP (port 21), and SSH (port 22). These ports are standardized and widely known, making them easily identifiable and accessible for network communication.

    Rate this question:

  • 3. 

    What should you do with unused ports?

    • Monitor ports.

    • Keep ports open.

    • Keep ports closed.

    • Ensure all ports are used.

    Correct Answer
    A. Keep ports closed.
    Explanation
    The correct answer is to keep ports closed. Keeping ports closed is a security best practice as it helps to prevent unauthorized access and potential attacks on a network. Open ports can be exploited by hackers to gain access to a system or network, so it is important to only open ports that are necessary for the intended use. Monitoring ports is also important, but it is not the primary action to take with unused ports. Ensuring all ports are used is not necessary and can increase the risk of security vulnerabilities.

    Rate this question:

  • 4. 

    An access control list (ACL) is essentially

    • Lists of permissions stating who can access what.

    • Groups of computer names.

    • List of network resources.

    • Groups of users.

    Correct Answer
    A. Lists of permissions stating who can access what.
    Explanation
    An access control list (ACL) is a mechanism used in computer systems to define permissions and restrictions on who can access specific resources or perform certain actions. It is not related to computer names, network resources, or groups of users. Instead, an ACL consists of lists of permissions that determine which users or groups are allowed or denied access to specific files, folders, or other resources. These permissions can include actions such as read, write, execute, or delete, and they specify who can perform these actions and on which resources.

    Rate this question:

  • 5. 

    What should security policies encompass to help mitigate the threat of convergence?

    • Data networks only.

    • Voice networks only.

    • Both voice and data networks.

    • Neither voice nor data networks.

    Correct Answer
    A. Both voice and data networks.
    Explanation
    Security policies should encompass both voice and data networks to help mitigate the threat of convergence. Convergence refers to the merging of voice and data networks, which can introduce new security risks. By including both voice and data networks in security policies, organizations can ensure that they have comprehensive measures in place to protect against potential threats and vulnerabilities that may arise from the convergence of these networks. This approach allows for a holistic and coordinated approach to security, addressing the unique challenges and requirements of both voice and data networks.

    Rate this question:

  • 6. 

    The disadvantage of a host-based intrusion detection system (HIDS) is that it

    • Can analyze any encrypted data if it is decrypted before reaching the target host

    • Consumes resources on the host it resides on and slows that device down.

    • Monitors log files for inadvisable settings or passwords.

    • Monitors traffic on the host on which it is installed.

    Correct Answer
    A. Consumes resources on the host it resides on and slows that device down.
    Explanation
    A host-based intrusion detection system (HIDS) consumes resources on the host it resides on and slows that device down. This is because the HIDS needs to continuously monitor and analyze the activities and behaviors of the host in order to detect any potential intrusions or malicious activities. This constant monitoring and analysis can put a strain on the host's resources, such as CPU and memory, leading to decreased performance and slower operation of the device.

    Rate this question:

  • 7. 

    Network security starts with

    • A mindset.

    • Configuring firewalls

    • Activation of host-based intrusion detection system (HIDS).

    • Activation of network-based intrusion detection system (NIDS).

    Correct Answer
    A. A mindset.
    Explanation
    The correct answer is "a mindset." This is because network security is not just about implementing technical measures like configuring firewalls or activating intrusion detection systems. It requires individuals to have a proactive and vigilant mindset towards identifying and addressing potential security risks. This mindset involves understanding the importance of security, staying updated with the latest threats, following best practices, and being cautious while handling sensitive information. Without this mindset, even the most advanced security technologies may not be effective in protecting a network.

    Rate this question:

  • 8. 

    What is the function in which certain pieces of data from a web page are stored in the firewall to facilitate faster future requests for the same information?

    • Zoning

    • Caching

    • Proxy service.

    • Firewall service

    Correct Answer
    A. Caching
    Explanation
    Caching is the function in which certain pieces of data from a web page are stored in the firewall to facilitate faster future requests for the same information. This means that when a user requests the same information again, instead of fetching it from the original source, the firewall can provide the cached version, resulting in quicker response times. Caching helps to reduce the load on the network and improves overall performance by serving frequently accessed content from a local cache.

    Rate this question:

  • 9. 

    What provides protection of the base network perimeter using a protection device or system of devices?

    • Network assurance.

    • Network protection.

    • Boundary protection.

    • Information assurance.

    Correct Answer
    A. Boundary protection.
    Explanation
    Boundary protection refers to the practice of securing the base network perimeter using a protection device or system. This involves implementing measures such as firewalls, intrusion detection systems, and access control mechanisms to prevent unauthorized access and attacks from external sources. By establishing a clear boundary between the internal network and external networks, boundary protection helps to safeguard sensitive information and resources from potential threats.

    Rate this question:

  • 10. 

    How many Integrated Network and Operation Security Centers (INOSC) does the Air Force have?

    • One.

    • Two.

    • Three.

    • Four.

    Correct Answer
    A. Two.
    Explanation
    The correct answer is Two. This suggests that the Air Force has two Integrated Network and Operation Security Centers (INOSC).

    Rate this question:

  • 11. 

    Which is not a common service?

    • File transfer protocol (FTP).

    • Domain name service (DNS).

    • Hypertext transfer protocol (HTTP).

    • Open system interconnection (OSI).

    Correct Answer
    A. Open system interconnection (OSI).
    Explanation
    The Open System Interconnection (OSI) is not a common service. It is actually a conceptual framework that standardizes the functions of a communication system. It defines a set of protocols and specifications to enable different systems to communicate with each other. In contrast, FTP, DNS, and HTTP are all common services used in computer networks. FTP is used for transferring files between systems, DNS is used for translating domain names into IP addresses, and HTTP is used for transmitting web pages and other resources on the internet.

    Rate this question:

  • 12. 

    Integration of the capabilities of personnel, operations, and technology, and supports the evolution to network centric warfare best describes which concept?

    • Firewalls.

    • Security tools.

    • Defense-in-depth.

    • Information condition (INFOCON).

    Correct Answer
    A. Defense-in-depth.
    Explanation
    The concept that best describes the integration of the capabilities of personnel, operations, and technology, and supports the evolution to network centric warfare is defense-in-depth. Defense-in-depth is a strategy that involves layering multiple security measures to protect a network or system. It combines various security tools, firewalls, and information condition (INFOCON) to create a comprehensive defense system. This approach ensures that even if one layer is breached, there are multiple layers of defense to prevent further attacks and minimize the impact of any potential breach.

    Rate this question:

  • 13. 

    What are attempts to gain access to a switch system by posing as an authorized user?

    • Toll fraud.

    • War dialing.

    • Masquerades.

    • Denial of service (DoS).

    Correct Answer
    A. Masquerades.
    Explanation
    Masquerades refer to the attempts made by unauthorized individuals to gain access to a switch system by posing as an authorized user. This involves pretending to be someone else in order to deceive the system and gain unauthorized access. It is a form of social engineering where the attacker tries to exploit trust and bypass security measures. Masquerades can be a serious security threat as they can lead to unauthorized access to sensitive information and potential harm to the system.

    Rate this question:

  • 14. 

    Which is not a primary focus of intrusion detection and prevention systems (IDPS)?

    • Reporting incidents to security administrators.

    • Reconfiguring equipment after an incident.

    • Identifying possible incidents.

    • Attempting to stop incidents.

    Correct Answer
    A. Reconfiguring equipment after an incident.
    Explanation
    Intrusion detection and prevention systems (IDPS) are primarily designed to identify possible incidents and attempt to stop them. They focus on detecting and preventing unauthorized access or malicious activities within a network or system. Reporting incidents to security administrators is also an important function of IDPS as it allows for timely response and mitigation. However, reconfiguring equipment after an incident is not a primary focus of IDPS. While it may be necessary to make changes to the system to prevent future incidents, the main goal of IDPS is to detect and prevent intrusions rather than reconfigure equipment.

    Rate this question:

  • 15. 

    Which type of attack causes the connection queues on the router or switch to fill up and deny service to legitimate transmission control protocol (TCP) traffic?

    • TCP message attack.

    • Inbound traceroute attack.

    • Local area network attack.

    • TCP Synchronous (SYN) attack.

    Correct Answer
    A. TCP Synchronous (SYN) attack.
    Explanation
    A TCP Synchronous (SYN) attack causes the connection queues on the router or switch to fill up and deny service to legitimate TCP traffic. In this type of attack, the attacker sends a large number of SYN requests to the target system, but does not complete the handshake process by sending the final ACK packet. This causes the target system to keep the connection queues occupied, preventing legitimate TCP traffic from being processed and effectively denying service to legitimate users.

    Rate this question:

  • 16. 

    A logical connection point for the transmission of information packets is known as a

    • Entrance point.

    • Service point.

    • Protocol.

    • Port.

    Correct Answer
    A. Port.
    Explanation
    A port is a logical connection point for the transmission of information packets. It serves as an interface between the computer and external devices or networks, allowing data to be sent and received. Ports are essential for establishing communication and facilitating the exchange of information between different systems or devices.

    Rate this question:

  • 17. 

    Which port is used for telnet?

    • 7

    • 20

    • 23

    • 53

    Correct Answer
    A. 23
    Explanation
    Port 23 is used for telnet. Telnet is a network protocol that allows users to remotely access and control devices or computers over a network. It provides a virtual terminal connection to the remote device, allowing users to execute commands and manage the device as if they were physically present. Port 23 is specifically designated for telnet communication, enabling the establishment of a connection between the local and remote devices for remote management and control purposes.

    Rate this question:

  • 18. 

    What is the default read community string of a simple network management protocol (SNMP) agent?

    • SECURE.

    • PUBLIC.

    • PRIVATE.

    • UNSECURE.

    Correct Answer
    A. PUBLIC.
    Explanation
    The default read community string of a Simple Network Management Protocol (SNMP) agent is "PUBLIC." The read community string is used for read-only access to SNMP devices and allows users to retrieve information from the agent. The "PUBLIC" community string is widely known and used as the default value in many SNMP agents, but it is recommended to change it to a more secure string to prevent unauthorized access to the SNMP agent.

    Rate this question:

  • 19. 

    A domain name server (DNS) maintains the cross-reference between domain names and their corresponding

    • Internet protocol (IP) address.

    • Access control list (ACL) entries.

    • Router ACL configuration settings.

    • Media access control (MAC) address.

    Correct Answer
    A. Internet protocol (IP) address.
    Explanation
    A domain name server (DNS) is responsible for translating domain names into their corresponding IP addresses. This allows users to access websites and other online resources by using easy-to-remember domain names instead of having to remember the numerical IP addresses associated with them. Therefore, the correct answer is "Internet protocol (IP) address."

    Rate this question:

  • 20. 

    What is used to import and manage phone numbers in the voice protection system (VPS)?

    • Administrative manager.

    • Performance manager

    • Directory manager

    • System console.

    Correct Answer
    A. Directory manager
    Explanation
    The directory manager is used to import and manage phone numbers in the voice protection system (VPS). This role is responsible for maintaining the directory of phone numbers, adding new numbers, updating existing numbers, and ensuring the accuracy and integrity of the phone number database. The directory manager has the necessary permissions and tools to perform these tasks efficiently and effectively.

    Rate this question:

  • 21. 

    When the cached information is verified to be up-to-date, the proxy has ensured information

    • Currency.

    • Freshness.

    • Timeliness.

    • Authenticity

    Correct Answer
    A. Freshness.
    Explanation
    The term "freshness" refers to the up-to-dateness or recentness of the cached information. In this context, when the cached information is verified to be up-to-date, it means that the information is current and has not expired. The proxy ensures that the information it serves is fresh and reflects the latest updates or changes. Therefore, freshness is the most appropriate term to describe this situation.

    Rate this question:

  • 22. 

    Host-based intrusion detection systems (HIDS) are

    • Active only.

    • Passive only.

    • Passive and active.

    • Neither passive nor active.

    Correct Answer
    A. Passive and active.
    Explanation
    Host-based intrusion detection systems (HIDS) are considered both passive and active because they have the capability to monitor and analyze activities occurring on a specific host or system. The passive aspect involves the system's ability to passively monitor and collect data about events and behaviors on the host, such as log files, system calls, and network traffic. On the other hand, the active aspect refers to the system's ability to take actions in response to detected threats, such as sending alerts, blocking traffic, or initiating countermeasures. Therefore, HIDS can both passively observe and actively respond to potential intrusions.

    Rate this question:

  • 23. 

    An active intrusion detection system (IDS) is normally incorporated into

    • Switches.

    • Firewalls.

    • Routers.

    • Servers.

    Correct Answer
    A. Firewalls.
    Explanation
    An active intrusion detection system (IDS) is normally incorporated into firewalls. Firewalls act as a barrier between a trusted internal network and an untrusted external network, monitoring and controlling incoming and outgoing network traffic. By incorporating an IDS into firewalls, it allows for real-time monitoring and detection of any suspicious or malicious activities, providing an additional layer of security to the network. Switches, routers, and servers also play important roles in network security, but they do not typically include IDS functionality.

    Rate this question:

  • 24. 

    When using an intrusion detection system (IDS), remember to

    • Deploy one IDS for the entire network.

    • Deploy IDS on 50 percent of the network segments.

    • Consider using only a network-based IDS or host-based IDS.

    • Use a centralized management console for system management.

    Correct Answer
    A. Use a centralized management console for system management.
    Explanation
    Using a centralized management console for system management is recommended when using an intrusion detection system (IDS). This allows for easier and more efficient management of the IDS across the entire network. It provides a single interface to monitor and control the IDS, making it easier to detect and respond to potential intrusions. By centralizing the management, it also ensures consistency in policies and configurations across the network, reducing the risk of oversight or misconfiguration.

    Rate this question:

  • 25. 

    One advantage of a network-based intrusion detection system (NIDS) is that it

    • Can decrypt data

    • Uses very few network resources

    • Monitors logs for policy violations.

    • Can analyze encrypted network traffic.

    Correct Answer
    A. Uses very few network resources
    Explanation
    A network-based intrusion detection system (NIDS) that uses very few network resources is advantageous because it minimizes the impact on the network's performance and bandwidth. By efficiently utilizing network resources, the NIDS can effectively monitor and analyze network traffic without causing significant disruptions or slowing down the network. This enables continuous monitoring and detection of potential intrusions without negatively impacting the network's functionality.

    Rate this question:

  • 26. 

    In which type of port scan does the scanner attempt to connect to all ports?

    • Sweep scan.

    • Vanilla scan.

    • Fragment packet scan.

    • File transfer protocol (FTP) bounce scan.

    Correct Answer
    A. Vanilla scan.
    Explanation
    A vanilla scan is a type of port scan where the scanner attempts to connect to all ports. This scan is called "vanilla" because it is a basic and straightforward approach to scanning. In a vanilla scan, the scanner sends connection requests to each port on the target system to determine which ports are open and available for communication. This type of scan is commonly used by network administrators and security professionals to assess the security of a network and identify any potential vulnerabilities.

    Rate this question:

  • 27. 

    Which firewall management interface menu option tests interface connectivity?

    • Ping host.

    • Domain name server lookup.

    • Address resolution protocol (ARP).

    • Transmission control protocol dump.

    Correct Answer
    A. Ping host.
    Explanation
    The correct answer is "Ping host." The ping host option in the firewall management interface menu is used to test the connectivity of an interface. It sends a ping request to a specified host and waits for a response. If a response is received, it indicates that the interface is able to communicate with the host, thus confirming connectivity.

    Rate this question:

  • 28. 

    How many domain name server (DNS) name server(s) are registered as authoritative for each Integrated Network Operation and Security Center (INOSC)?

    • One

    • Two

    • Three

    • Four

    Correct Answer
    A. Two
    Explanation
    There are two domain name server (DNS) name servers registered as authoritative for each Integrated Network Operation and Security Center (INOSC). This means that there are two DNS servers responsible for providing the IP address associated with a specific domain name within an INOSC.

    Rate this question:

  • 29. 

    Which message type should not be allowed for inbound Internet control message protocol (ICMP) traffic?

    • Traceroute.

    • Time exceeded.

    • Parameter problem.

    • Destination unreachable.

    Correct Answer
    A. Traceroute.
    Explanation
    Traceroute is the correct answer because it is a message type that is used to trace the route that packets take from the source to the destination. It is not necessary for inbound ICMP traffic as it is primarily used for troubleshooting and network analysis purposes. The other message types - Time exceeded, Parameter problem, and Destination unreachable - are all valid and necessary for ICMP traffic to function properly.

    Rate this question:

  • 30. 

    What can an attacker use to create a map of the protected network behind the router or firewall?

    • Ping.

    • Traceroute.

    • Echo reply.

    • Domain name server (DNS) lookup.

    Correct Answer
    A. Traceroute.
    Explanation
    Traceroute is a network diagnostic tool that allows an attacker to trace the path that packets take from their computer to the target network. By sending packets with incrementally increasing Time to Live (TTL) values, the attacker can determine the routers and their IP addresses along the path. This information can then be used to create a map of the protected network behind the router or firewall, providing valuable information for potential attacks. Ping, Echo reply, and DNS lookup do not provide the same level of detailed information about the network topology.

    Rate this question:

  • 31. 

    What does packet capture software do with the packet information it captures?

    • Immediately analyzes information.

    • Stores packets for later viewing and analysis.

    • Immediately sends the information to the firewall.

    • Stores packets until a filter is ready to receive the information.

    Correct Answer
    A. Stores packets for later viewing and analysis.
    Explanation
    Packet capture software captures and stores packets for later viewing and analysis. This software is used to capture network traffic and record it for further examination. By storing the packets, the software allows users to review and analyze the captured data at a later time. This can be helpful for troubleshooting network issues, analyzing network performance, or investigating security incidents. The software does not immediately analyze the information or send it to the firewall, nor does it store packets until a filter is ready to receive the information.

    Rate this question:

  • 32. 

    Which type of scan is also known as a half open scan?

    • Fragment packets.

    • Synchronous (SYN) scan.

    • User datagram protocol (UDP) scan.

    • Transmission control protocol (TCP) scan.

    Correct Answer
    A. Synchronous (SYN) scan.
    Explanation
    A synchronous (SYN) scan is also known as a half open scan because it involves sending a SYN packet to the target host and waiting for a response. If the host responds with a SYN-ACK packet, it means the port is open. However, instead of completing the handshake by sending an ACK packet, the scanner sends a RST packet to reset the connection. This approach allows the scanner to determine if a port is open without fully establishing a connection, making it a half open scan.

    Rate this question:

  • 33. 

    To limit the risks associated with using simple network management protocol (SNMP)

    • Keep devices requiring SNMP together with those that do not pass through virtual local area networks (VLAN).

    • Use access control lists on SNMP agents to accept SNMP messages from all SNMP managers.

    • Disable all SNMP devices/services if not required.

    • Enable the set community strings if possible.

    Correct Answer
    A. Disable all SNMP devices/services if not required.
    Explanation
    Disabling all SNMP devices/services if not required is the correct answer because it helps to limit the risks associated with using SNMP. By disabling SNMP on devices that do not require it, potential vulnerabilities and attack vectors are eliminated. This reduces the potential for unauthorized access, data breaches, and other security risks. Disabling unnecessary SNMP devices/services is a proactive measure to enhance network security and protect sensitive information.

    Rate this question:

  • 34. 

    Which is considered the workhorse of the Enterprise Security Manager (ESM) system?

    • ESM agent.

    • ESM manager.

    • ESM administrator.

    • ESM graphical user interface (GUI) console.

    Correct Answer
    A. ESM agent.
    Explanation
    The ESM agent is considered the workhorse of the Enterprise Security Manager (ESM) system because it is responsible for collecting and analyzing security event data from various sources within the network. The ESM agent continuously monitors the network, detects any security threats or anomalies, and sends this information to the ESM manager for further analysis and response. It acts as the main component that performs the essential tasks of data collection and event management in the ESM system.

    Rate this question:

  • 35. 

    At which open systems interconnect (OSI) layer does an application-level firewall operate?

    • 4

    • 5

    • 6

    • 7

    Correct Answer
    A. 7
    Explanation
    An application-level firewall operates at the seventh layer of the OSI model, which is the application layer. This layer is responsible for managing communication between applications and end-users. An application-level firewall can monitor and filter network traffic based on specific application protocols, such as HTTP, FTP, or SMTP. By operating at this layer, the firewall can provide more granular control over network traffic and enforce security policies based on application-specific rules and behaviors.

    Rate this question:

  • 36. 

    A burb can best be defined as a

    • Network stack.

    • Security policy.

    • Set of one or more interfaces.

    • Particular installation of a firewall.

    Correct Answer
    A. Set of one or more interfaces.
    Explanation
    A burb can be best defined as a set of one or more interfaces. In computer networking, a burb refers to a logical or physical grouping of network interfaces. It allows for the segmentation and separation of network traffic based on specific requirements or security policies. By grouping interfaces together, network administrators can manage and control the flow of data more effectively, ensuring that it is directed to the appropriate destinations. Therefore, a burb can be understood as a collection of interfaces that are organized and configured to serve a specific purpose within a network.

    Rate this question:

  • 37. 

    Internet protocol (IP) filters start by blocking

    • No traffic.

    • All traffic.

    • Inbound traffic

    • Outbound traffic.

    Correct Answer
    A. All traffic.
    Explanation
    IP filters start by blocking all traffic. This means that when an IP filter is implemented, it will block all incoming and outgoing traffic by default. This is done as a security measure to prevent any unauthorized access or malicious activities from occurring on the network. By blocking all traffic, the network administrator can then selectively allow certain types of traffic based on specific criteria or rules that have been set. This helps in ensuring the safety and integrity of the network.

    Rate this question:

  • 38. 

    The McAfee Firewall Enterprise simple message transfer protocol (SMTP) proxy is best used as a

    • Rear line defense

    • Frontline defense.

    • Second line defense

    • Front and rear line defense

    Correct Answer
    A. Frontline defense.
    Explanation
    The McAfee Firewall Enterprise SMTP proxy is best used as a frontline defense. This means that it is most effective when deployed as the first line of defense against incoming SMTP traffic. It is designed to analyze and filter incoming email messages, protecting the network from potential threats such as spam, viruses, and other malicious content. By acting as a frontline defense, the SMTP proxy can help prevent these threats from entering the network and causing harm.

    Rate this question:

  • 39. 

    The vulnerabilities of voice and data converged networks were highlighted in a report released by the

    • President’s National Security Telecommunications Advisory Committee.

    • Air Force Information Warfare Battle Lab.

    • Air Force Network Integration Center (AFNIC).

    • Cryptographic Systems Group.

    Correct Answer
    A. President’s National Security Telecommunications Advisory Committee.
    Explanation
    The correct answer is the President’s National Security Telecommunications Advisory Committee. This committee released a report that highlighted the vulnerabilities of voice and data converged networks. The report likely discussed the potential risks and threats to these networks, emphasizing the importance of ensuring their security.

    Rate this question:

  • 40. 

    What is the primary intrusion/misuse tool used in the Air Force Enterprise Network (AFEN)?

    • Firewall.

    • Proxy server.

    • Intrusion detection system (IDS) software.

    • Automated security incident measurement (ASIM).

    Correct Answer
    A. Automated security incident measurement (ASIM).
    Explanation
    Automated security incident measurement (ASIM) is the primary intrusion/misuse tool used in the Air Force Enterprise Network (AFEN). ASIM is a software system that monitors and analyzes network traffic to detect and respond to security incidents. It provides real-time visibility into network activity, identifies potential threats, and helps in preventing unauthorized access or misuse of the network. ASIM plays a crucial role in maintaining the security and integrity of the AFEN by continuously monitoring and analyzing network traffic for any suspicious or malicious activity.

    Rate this question:

  • 41. 

    Over what transmission control protocol (TCP) port do zone transfers occur?

    • 21

    • 22

    • 53

    • 54

    Correct Answer
    A. 53
    Explanation
    Zone transfers occur over TCP port 53. This is the default port used by the DNS (Domain Name System) protocol for zone transfers. DNS zone transfers are used to replicate DNS data between primary and secondary DNS servers, allowing for redundancy and fault tolerance in the DNS infrastructure. By using TCP for zone transfers, it ensures reliable and accurate data transfer between DNS servers.

    Rate this question:

  • 42. 

    What provides enterprise wide visibility into telecom resource utilization, phone network usage, and incidents of toll fraud?

    • Public Switched Telephone Network (PSTN) system.

    • Enterprise Telephony Management (ETM) system.

    • Voice over Internet protocol (VoIP) system.

    • Time Division Multiplexing (TDM) system.

    Correct Answer
    A. Enterprise Telephony Management (ETM) system.
    Explanation
    The Enterprise Telephony Management (ETM) system provides enterprise-wide visibility into telecom resource utilization, phone network usage, and incidents of toll fraud. This system is specifically designed to manage and monitor an organization's telephony infrastructure, allowing administrators to track and analyze various aspects of their telecommunications network. It helps in identifying and addressing issues related to resource utilization, network performance, and security, including incidents of toll fraud. By providing comprehensive visibility and control over telephony resources, the ETM system enables organizations to optimize their telecom operations and ensure efficient and secure communication.

    Rate this question:

  • 43. 

    Which type of firewall is typically used when speed is essential?

    • Network-level.

    • Application-level.

    • Corporate/enterprise.

    • Personal/small office home office (SOHO).

    Correct Answer
    A. Network-level.
    Explanation
    Network-level firewalls are typically used when speed is essential because they operate at the network layer of the OSI model. They focus on filtering and inspecting network traffic based on IP addresses, ports, and protocols, which allows them to process large amounts of data quickly. In contrast, application-level firewalls operate at the application layer and perform more in-depth analysis of network traffic, which can slow down the processing speed. Therefore, network-level firewalls are the preferred choice when speed is a priority.

    Rate this question:

  • 44. 

    Which firewall management interface menu option views the association between media access control (MAC) addresses on the firewall and its corresponding internet protocol (IP) address?

    • Getroute.

    • Ping host.

    • Traceroute.

    • Address resolution protocol.

    Correct Answer
    A. Address resolution protocol.
    Explanation
    The Address Resolution Protocol (ARP) is used to map an IP address to a MAC address on a network. In the context of firewall management, the ARP menu option would allow the user to view the association between MAC addresses and their corresponding IP addresses. This is important for network administrators to ensure that the correct devices are being allowed or denied access through the firewall based on their MAC and IP addresses.

    Rate this question:

  • 45. 

    Why is it not common to use external burb-to internal burb?

    • High cost.

    • High security risks.

    • Difficult to administer.

    • Cannot be configured on AF networks.

    Correct Answer
    A. High security risks.
    Explanation
    Using external burb-to-internal burb connections can pose high security risks. This is because external networks are typically more vulnerable to attacks and threats compared to internal networks. Allowing direct connections between these networks increases the chances of unauthorized access, data breaches, and the spread of malware. To mitigate these risks, it is common practice to implement strong security measures, such as firewalls and access controls, to protect internal networks from external threats.

    Rate this question:

  • 46. 

    What server functions as a simple message transfer protocol (SMTP) gateway and virus scanner?

    • External domain name server (DNS).

    • Mail relay server.

    • Internal DNS.

    • Proxy server.

    Correct Answer
    A. Mail relay server.
    Explanation
    A mail relay server functions as a simple message transfer protocol (SMTP) gateway and virus scanner. It receives incoming emails from external sources and then forwards them to the appropriate internal mail server. In addition to transferring messages, it also scans the emails for any potential viruses or malware before delivering them to the intended recipients. This helps to protect the internal network from any malicious threats that may be present in the incoming emails.

    Rate this question:

  • 47. 

    When using secure split mail services, all external simple message transfer protocol (SMTP) hosts will connect to the firewall’s

    • Local server

    • Non-Internet server.

    • Internal sendmail server.

    • External sendmail server

    Correct Answer
    A. External sendmail server
    Explanation
    When using secure split mail services, all external SMTP hosts will connect to the external sendmail server. This server is responsible for receiving and sending emails from external sources. It acts as a gateway between the external SMTP hosts and the internal network, ensuring that all incoming and outgoing emails are properly filtered and secured. By connecting to the external sendmail server, the external SMTP hosts can communicate with the internal network without directly accessing the local server or the non-Internet server.

    Rate this question:

  • 48. 

    You can implement all of the following security features to help defend internet protocol (IP) telephony systems from attackers except

    • Enabling access control lists (ACL) on firewalls, routers, and switches.

    • Deploying protection from dynamic host configuration protocol (DHCP) spoofing.

    • Consolidating your voice with your data using virtual local area networks (VLAN).

    • Enabling port security access to only allow the required devices needed by the client.

    Correct Answer
    A. Consolidating your voice with your data using virtual local area networks (VLAN).
    Explanation
    The correct answer is consolidating your voice with your data using virtual local area networks (VLAN). This is because consolidating voice and data traffic on the same VLAN can increase the risk of attacks and compromises the security of the IP telephony system. By separating voice and data traffic using separate VLANs, it helps to enhance security by isolating and protecting the voice traffic from potential threats.

    Rate this question:

  • 49. 

    Which firewall admin role is generally used to temporarily disable an administrator account?

    • Admin.

    • Adminro.

    • Adminda.

    • No admin privileges.

    Correct Answer
    A. No admin privileges.
    Explanation
    The correct answer is "No admin privileges." This role is generally used to temporarily disable an administrator account. By assigning the "No admin privileges" role to an administrator, their access and privileges can be revoked, effectively disabling their account temporarily. This can be useful in situations where an administrator's actions need to be restricted or when their account needs to be temporarily suspended for security reasons.

    Rate this question:

Quiz Review Timeline (Updated): Mar 15, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 15, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Apr 28, 2013
    Quiz Created by
    Rediculous
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.