3D053 Cyber Surety Volume 2 Information Protection - Boundary Control Journeyman

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Bmx41992
B
Bmx41992
Community Contributor
Quizzes Created: 3 | Total Attempts: 1,425
Questions: 70 | Attempts: 263

SettingsSettingsSettings
CDC Quizzes & Trivia

CDC 3D053 Cyber Surety Volume 2. Information Protection - Boundary Control Journeyman URE's


Questions and Answers
  • 1. 

    (201) What severity code applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security controls?

    • A.

      I

    • B.

      II

    • C.

      III

    • D.

      IV

    Correct Answer
    B. II
    Explanation
    Severity code II applies to any vulnerability that provides information that gives an unauthorized person the means to circumvent security controls. This means that the vulnerability is considered to have a high impact and can potentially lead to unauthorized access or compromise of sensitive information.

    Rate this question:

  • 2. 

    (201) What severity code applies to any vulnerability that provides information that potentially could lead to a compromise?

    • A.

      I

    • B.

      II

    • C.

      III

    • D.

      IV

    Correct Answer
    C. III
    Explanation
    Severity code III applies to any vulnerability that provides information that potentially could lead to a compromise. This means that the vulnerability has the potential to expose sensitive information or provide attackers with the necessary information to exploit the system. It is considered a moderate level of severity, indicating that it should be addressed and mitigated to prevent any potential compromise.

    Rate this question:

  • 3. 

    (201) What severity code applies to any vulnerability that, when resolved, will prevent the possibility of degraded security?

    • A.

      I

    • B.

      II

    • C.

      III

    • D.

      IV

    Correct Answer
    D. IV
    Explanation
    Severity code IV applies to any vulnerability that, when resolved, will prevent the possibility of degraded security. This means that resolving the vulnerability will completely eliminate the risk or threat to the security of the system or network. Severity code IV indicates the highest level of severity, as it represents vulnerabilities that have the potential to cause significant harm or compromise the security of the system if left unaddressed.

    Rate this question:

  • 4. 

    (201) The integrated network operations and security centers (INOSC) has several responsibilities except

    • A.

      Maintain sole administrative privileges on the firewall.

    • B.

      Standardize, configure, back up, and otherwise maintain the firewall.

    • C.

      Maintain a single naming/configuration standard for boundary devices.

    • D.

      Install patches or perform any upgrades provided by AF Enterprise Network.

    Correct Answer
    D. Install patches or perform any upgrades provided by AF Enterprise Network.
    Explanation
    The integrated network operations and security centers (INOSC) have several responsibilities, including maintaining sole administrative privileges on the firewall, standardizing, configuring, backing up, and otherwise maintaining the firewall, and maintaining a single naming/configuration standard for boundary devices. However, the INOSC is not responsible for installing patches or performing any upgrades provided by AF Enterprise Network.

    Rate this question:

  • 5. 

    (202) Active intrusion detection system (IDS) blocks network traffic when it detects an intrusion. Normally, active IDSs are incorporated into

    • A.

      Switches.

    • B.

      Firewalls.

    • C.

      Routers.

    • D.

      Servers.

    Correct Answer
    B. Firewalls.
    Explanation
    Active intrusion detection systems (IDS) are designed to actively block network traffic when they detect an intrusion. These systems are typically incorporated into firewalls, which act as a barrier between a trusted internal network and an untrusted external network. Firewalls are responsible for monitoring and controlling incoming and outgoing network traffic based on predetermined security rules. By incorporating active IDS into firewalls, organizations can enhance their network security by automatically blocking any suspicious or malicious traffic that may indicate an intrusion attempt. Therefore, firewalls are the most suitable option for housing active IDS.

    Rate this question:

  • 6. 

    (202) Which intrusion detection system (IDS) examines traffic for suspicious patterns?

    • A.

      Active IDS.

    • B.

      Passive IDS.

    • C.

      Host-based IDS.

    • D.

      Network-based IDS.

    Correct Answer
    D. Network-based IDS.
    Explanation
    A network-based intrusion detection system (IDS) examines traffic for suspicious patterns. It monitors network traffic and analyzes it to identify any signs of unauthorized access or malicious activity. Unlike host-based IDS, which focuses on individual hosts, a network-based IDS looks at the entire network and can detect attacks that may involve multiple hosts. Passive IDS, on the other hand, simply observes network traffic without actively taking action. Active IDS combines monitoring with active response mechanisms. Therefore, the correct answer is network-based IDS.

    Rate this question:

  • 7. 

    (202) Which intrusion detection system (IDS) examines servers or client computers for the patterns of an intrusion?

    • A.

      Active IDS.

    • B.

      Passive IDS

    • C.

      Host-based IDS.

    • D.

      Network-based IDS.

    Correct Answer
    C. Host-based IDS.
    Explanation
    A host-based IDS is an intrusion detection system that examines servers or client computers for patterns of an intrusion. It focuses on the individual host or endpoint and monitors the activities and behaviors occurring within that system. This type of IDS is installed directly on the host machine and can detect unauthorized access attempts, malware infections, unusual network traffic, and other signs of intrusion. It is effective in protecting individual hosts and providing detailed information about potential security breaches.

    Rate this question:

  • 8. 

    (202) When using an intrusion detection system (IDS), remember to

    • A.

      Update IDS signatures periodically.

    • B.

      Deploy one IDS for the entire network.

    • C.

      Use a centralized management console for system management.

    • D.

      Consider using either a network-based IDS or host-based IDS.

    Correct Answer
    C. Use a centralized management console for system management.
    Explanation
    Using a centralized management console for system management is important when using an intrusion detection system (IDS) because it allows for easier and more efficient management of the IDS. With a centralized management console, administrators can monitor and configure the IDS from a single location, making it easier to track and respond to potential threats. Additionally, a centralized management console allows for better coordination and collaboration among security teams, ensuring that any detected intrusions are addressed promptly and effectively.

    Rate this question:

  • 9. 

    (203) The disadvantage of a host-based intrusion detection system (HIDS) is that it

    • A.

      Can analyze any encrypted data if it is decrypted before reaching the target host.

    • B.

      Consumes resources on the host it resides on and slows that device down.

    • C.

      Monitors log files for inadvisable settings or passwords.

    • D.

      Monitors traffic on the host on which it is installed.

    Correct Answer
    B. Consumes resources on the host it resides on and slows that device down.
    Explanation
    A host-based intrusion detection system (HIDS) consumes resources on the host it resides on and slows that device down. This means that the HIDS uses processing power, memory, and other system resources, which can impact the overall performance of the host. As a result, the host may experience slower response times and decreased efficiency.

    Rate this question:

  • 10. 

    (203) The disadvantage of a network-based intrusion detection system (NIDS) is that it

    • A.

      Cannot analyze encrypted packets because it has no method for decrypting the data.

    • B.

      Monitors log files for inadvisable settings or passwords.

    • C.

      Monitors traffic on the network on which it is installed.

    • D.

      Consumes very few network resources.

    Correct Answer
    A. Cannot analyze encrypted packets because it has no method for decrypting the data.
    Explanation
    A network-based intrusion detection system (NIDS) is designed to monitor network traffic and detect any suspicious or malicious activity. However, one disadvantage of a NIDS is that it cannot analyze encrypted packets because it lacks the capability to decrypt the data. Encryption is a security measure that protects data by converting it into a format that is unreadable without the appropriate decryption key. Therefore, when packets are encrypted, the NIDS is unable to examine the contents of the data, making it ineffective in detecting any potential threats or attacks within those packets.

    Rate this question:

  • 11. 

    (203) Which intrusion detection system (IDS) uses software sensors?

    • A.

      Active IDS.

    • B.

      Passive IDS.

    • C.

      Host-based IDS.

    • D.

      Network-based IDS.

    Correct Answer
    C. Host-based IDS.
    Explanation
    A host-based intrusion detection system (IDS) uses software sensors to monitor and analyze activities happening on a single host or computer system. It focuses on detecting suspicious behavior or unauthorized activities that may occur within the host's operating system, applications, or files. This type of IDS is installed directly on the host and can provide detailed information about the activities happening on that specific host, making it an effective tool for detecting and responding to intrusions at the host level.

    Rate this question:

  • 12. 

    (203) Which intrusion detection system (IDS) monitors packets for protocol anomalies and known virus signatures?

    • A.

      Active IDS.

    • B.

      Passive IDS.

    • C.

      Host-based IDS.

    • D.

      Network-based IDS.

    Correct Answer
    D. Network-based IDS.
    Explanation
    A network-based IDS is an intrusion detection system that monitors packets for protocol anomalies and known virus signatures. Unlike a host-based IDS, which monitors activities on a specific host, a network-based IDS analyzes network traffic to identify potential threats. It can detect abnormal behavior, such as unusual network traffic patterns or suspicious packets, and compare them against a database of known virus signatures to identify and alert on potential threats. Therefore, a network-based IDS is the correct answer for this question.

    Rate this question:

  • 13. 

    (204) Which port range constitutes well-known ports?

    • A.

      0–1023.

    • B.

      1024–23535.

    • C.

      23536–49151.

    • D.

      49152–65535.

    Correct Answer
    A. 0–1023.
    Explanation
    Well-known ports are the port numbers that are commonly used by protocols and services. These ports range from 0 to 1023. These ports are assigned by the Internet Assigned Numbers Authority (IANA) and are reserved for specific purposes. They include ports for commonly used protocols such as HTTP (port 80), FTP (port 21), and SSH (port 22). The other port ranges mentioned in the options are not considered well-known ports.

    Rate this question:

  • 14. 

    (204) Port scanning

    • A.

      Is the act of sporadically scanning a computer’s ports.

    • B.

      Sends out a request to connect to any computer.

    • C.

      Notes which ports responded to the scan.

    • D.

      Is always malicious in nature.

    Correct Answer
    C. Notes which ports responded to the scan.
    Explanation
    Port scanning is the process of systematically scanning a computer's ports to determine which ones are open and responsive. It involves sending requests to connect to various ports and noting the ones that respond to the scan. This activity is not necessarily malicious in nature and can be conducted for legitimate purposes such as network security testing or troubleshooting.

    Rate this question:

  • 15. 

    (204) In which type of port scan does the scanner connect to the same port on more than one

    • A.

      Strobe.

    • B.

      Sweep.

    • C.

      Stealth.

    • D.

      Vanilla.

    Correct Answer
    B. Sweep.
    Explanation
    A sweep port scan is a type of port scan where the scanner connects to the same port on multiple IP addresses. This scan is used to gather information about a range of IP addresses and the services running on them. Unlike a strobe port scan, which scans a single IP address, a sweep port scan allows the scanner to quickly scan a large number of IP addresses for open ports. A stealth port scan is designed to be undetectable, while a vanilla port scan is a basic and straightforward scan without any advanced techniques.

    Rate this question:

  • 16. 

    (204) Above which layer of the open systems integration (OSI) model are protocols designed to reside?

    • A.

      Presentation.

    • B.

      Transport.

    • C.

      Network.

    • D.

      Session.

    Correct Answer
    D. Session.
    Explanation
    Protocols designed to reside above the session layer of the OSI model are responsible for managing the communication sessions between applications. The session layer is responsible for establishing, maintaining, and terminating connections between applications. It provides services such as session establishment, data synchronization, and session recovery. Therefore, protocols designed to reside above this layer would be responsible for managing these session-related tasks and ensuring efficient and reliable communication between applications.

    Rate this question:

  • 17. 

    (204) Which organization has the responsibility of developing Air Force Ports, Protocols and Services (AF PPS) policies and procedures?

    • A.

      Air Force Network Integration Center (AFNIC).

    • B.

      Air Force Network Operations Center (AFNOSC).

    • C.

      Air Force Information, Services and Integration Directorate (SAF/XCIA).

    • D.

      Air Force Network Operations Commander (AFNetOps/CC).

    Correct Answer
    A. Air Force Network Integration Center (AFNIC).
    Explanation
    The correct answer is Air Force Network Integration Center (AFNIC). This organization is responsible for developing Air Force Ports, Protocols, and Services (AF PPS) policies and procedures. They are in charge of integrating and managing the Air Force network and ensuring its security and functionality.

    Rate this question:

  • 18. 

    (204) Which organization has direct operational control of Air Force Ports, Protocols and Services (AF PPS)?

    • A.

      Air Force Network Integration Center (AFNIC).

    • B.

      Air Force Network Operations Center (AFNOSC).

    • C.

      Air Force Information, Services and Integration Directorate (SAF/XCIA).

    • D.

      Air Force Network Operations Commander (AFNetOps/CC).

    Correct Answer
    B. Air Force Network Operations Center (AFNOSC).
    Explanation
    The correct answer is Air Force Network Operations Center (AFNOSC). This organization has direct operational control of Air Force Ports, Protocols, and Services (AF PPS). AFNOSC is responsible for managing and maintaining the Air Force network infrastructure, including the ports, protocols, and services used by the Air Force. They ensure the network is secure, reliable, and accessible for Air Force operations.

    Rate this question:

  • 19. 

    (205) What is the default read community string of a simple network management protocol (SNMP) agent?

    • A.

      Private.

    • B.

      Public.

    • C.

      Secure.

    • D.

      Unsecure.

    Correct Answer
    B. Public.
    Explanation
    The default read community string of a Simple Network Management Protocol (SNMP) agent is "Public." This community string is used to authenticate and control access to the SNMP agent for read-only operations. It allows users to retrieve information from the agent, such as network statistics and device configurations. However, it is recommended to change the default community string to a more secure and unique one to prevent unauthorized access to the SNMP agent.

    Rate this question:

  • 20. 

    (205) To limit the risks associated with using simple network management protocol (SNMP),

    • A.

      Use access control lists on SNMP agents to accept SNMP messages from all SNMP managers.

    • B.

      Keep devices requiring SNMP together with those that do not through VLANs.

    • C.

      Disable all SNMP devices/services if not required.

    • D.

      Enable the set community strings if possible.

    Correct Answer
    C. Disable all SNMP devices/services if not required.
    Explanation
    The correct answer is to disable all SNMP devices/services if not required. This is because by disabling SNMP devices/services that are not needed, the risks associated with using SNMP can be minimized. This reduces the potential attack surface and limits the potential for unauthorized access or exploitation of SNMP vulnerabilities.

    Rate this question:

  • 21. 

    (205) Which tool is not used to test your simple network management protocol (SNMP) security?

    • A.

      WU_PingProPack.

    • B.

      SolarWinds.

    • C.

      SNMPutil.

    • D.

      Security mapper (SMAP).

    Correct Answer
    D. Security mapper (SMAP).
    Explanation
    Security mapper (SMAP) is not used to test SNMP security. SMAP is a tool used for network mapping and vulnerability scanning, but it does not specifically focus on testing SNMP security. WU_PingProPack, SolarWinds, and SNMPutil are all tools commonly used for testing and monitoring SNMP security.

    Rate this question:

  • 22. 

    (206) Which open source network-based intrusion detection system performs packet logging and real-time traffic analysis as well as protocol analysis, content searching/matching, and active blocking or passive detecting of a variety of attacks and probes?

    • A.

      Snort.

    • B.

      Open source security (OSSEC).

    • C.

      Host based security system (HBSS).

    • D.

      Intruder alert (ITA).

    Correct Answer
    A. Snort.
    Explanation
    Snort is the correct answer because it is an open source network-based intrusion detection system that performs various functions such as packet logging, real-time traffic analysis, protocol analysis, content searching/matching, and active blocking or passive detecting of attacks and probes. Snort is widely used in the cybersecurity industry for its effectiveness in detecting and preventing network-based threats.

    Rate this question:

  • 23. 

    (206) Which network-based security tool is a hardware and software system that sits on AF networks “listening” for “suspicious activity” that is characteristic of intruder techniques?

    • A.

      Snort.

    • B.

      Automatic Security Incident Measurement (ASIM).

    • C.

      Enterprise Security Manager (ESM).

    • D.

      Internet Security Scanner (ISS).

    Correct Answer
    B. Automatic Security Incident Measurement (ASIM).
  • 24. 

    (206) Which security tool is designed to manage sensitive data and enforce security policies across a full range of client/server platforms?

    • A.

      Snort.

    • B.

      Automatic Security Incident Measurement (ASIM).

    • C.

      Enterprise Security Manager (ESM).

    • D.

      Internet Security Scanner (ISS).

    Correct Answer
    C. Enterprise Security Manager (ESM).
    Explanation
    Enterprise Security Manager (ESM) is the correct answer because it is a security tool specifically designed to manage sensitive data and enforce security policies across a full range of client/server platforms. Snort is an intrusion detection system, ASIM is a tool for measuring security incidents, and ISS is a vulnerability scanner, none of which are designed for managing sensitive data and enforcing security policies.

    Rate this question:

  • 25. 

    (207) Integration of the capabilities of personnel, operations, and technology, and the evolution to network centric warfare best describes what concept?

    • A.

      Firewalls.

    • B.

      Information condition (INFOCON).

    • C.

      Security tools.

    • D.

      Defense in depth.

    Correct Answer
    D. Defense in depth.
    Explanation
    The concept described in the question is the integration of personnel, operations, and technology, and the evolution to network centric warfare. This concept is best known as defense in depth. Defense in depth refers to the strategy of implementing multiple layers of security measures to protect a system or network. It involves a combination of physical, technical, and administrative controls to ensure the overall security and resilience of the system.

    Rate this question:

  • 26. 

    (207) Restricting what traffic travels in and out of the network best describes what concept?

    • A.

      Firewalls.

    • B.

      Internet Security Scanner (INFOCON).

    • C.

      Security tools.

    • D.

      Defense in depth.

    Correct Answer
    A. Firewalls.
    Explanation
    The concept being described in the question is the restriction of traffic in and out of the network, which is best achieved through the use of firewalls. Firewalls act as a barrier between a trusted internal network and an untrusted external network, controlling the flow of traffic based on predetermined security rules. By filtering and monitoring network traffic, firewalls help to prevent unauthorized access and protect against potential threats and attacks.

    Rate this question:

  • 27. 

    You can implement all of the following security features to help define our internet protocol (IP) telephony systems from attackers except

    • A.

      Consolidating your voice with your data using virtual local area networks (VLAN).

    • B.

      Enabling access control lists (ACL) on firewalls, routers, and switches.

    • C.

      Deploying protection from dynamic host configuration protocol (DHCP) spoofing.

    • D.

      Enabling port security access to only allow the required devices needed by the client.

    Correct Answer
    A. Consolidating your voice with your data using virtual local area networks (VLAN).
    Explanation
    The correct answer is consolidating your voice with your data using virtual local area networks (VLAN). This is because VLANs are used to separate and prioritize network traffic, but they do not provide any specific security features to protect against attackers. The other options, such as enabling access control lists (ACL), deploying protection from DHCP spoofing, and enabling port security access, are all security features that can help protect IP telephony systems from attackers.

    Rate this question:

  • 28. 

    (208) The use of two or more network interface cards (NIC) best describes which type of firewall?

    • A.

      Network-level.

    • B.

      Application-Level.

    • C.

      Corporate/enterprise.

    • D.

      Personal/Small Office Home Office (SOHO).

    Correct Answer
    C. Corporate/enterprise.
    Explanation
    The use of two or more network interface cards (NIC) is commonly found in corporate/enterprise firewalls. This configuration allows for increased network throughput and redundancy. By having multiple NICs, the firewall can handle high volumes of network traffic and distribute the load across the interfaces. This is especially important in large organizations where there is a high demand for network services and the need for reliable and efficient network security measures.

    Rate this question:

  • 29. 

    (208) Which type of firewall is typically used when speed is essential?

    • A.

      Network-level.

    • B.

      Application-level.

    • C.

      Corporate/enterprise.

    • D.

      Personal/Small Office Home Office (SOHO).

    Correct Answer
    A. Network-level.
    Explanation
    Network-level firewalls are typically used when speed is essential because they operate at the network layer of the OSI model, allowing them to quickly filter and process large amounts of network traffic. These firewalls are designed to examine the source and destination IP addresses, ports, and protocols of network packets, making decisions based on this information. This allows for efficient and fast filtering of network traffic, making network-level firewalls suitable for high-speed environments where speed is a priority.

    Rate this question:

  • 30. 

    (208) Which type of firewall views information as a data stream and not as a series of packets?

    • A.

      Network-level.

    • B.

      Application-Level.

    • C.

      Corporate/enterprise.

    • D.

      Personal/Small Office Home Office (SOHO).

    Correct Answer
    B. Application-Level.
    Explanation
    An application-level firewall views information as a data stream rather than a series of packets. It operates at the application layer of the network protocol stack, allowing or blocking traffic based on the specific application or service being used. This type of firewall can inspect and filter traffic based on the content and context of the data stream, providing more granular control and better protection against application-layer attacks. Network-level firewalls, on the other hand, focus on the packet level and make decisions based on source and destination IP addresses, ports, and protocols.

    Rate this question:

  • 31. 

    (208) What was the previous name for what is now called the McAfee Firewall Enterprise?

    • A.

      Sidewinder.

    • B.

      Death Star.

    • C.

      Blue Coat.

    • D.

      Viper.

    Correct Answer
    A. Sidewinder.
    Explanation
    The previous name for what is now called the McAfee Firewall Enterprise was Sidewinder.

    Rate this question:

  • 32. 

    (208) Most firewall implementations that you will encounter will be found at the

    • A.

      Integrated network operation security centers (INOSC).

    • B.

      Air Force network operating center (AFNOC).

    • C.

      Base-level.

    • D.

      Major command (MAJCOM).

    Correct Answer
    A. Integrated network operation security centers (INOSC).
    Explanation
    The correct answer is Integrated network operation security centers (INOSC). This is because most firewall implementations are typically found at INOSCs, which are responsible for managing and securing the network operations of an organization. INOSCs are centralized locations where network security professionals monitor, analyze, and respond to network threats and incidents. They play a crucial role in protecting the organization's network infrastructure and ensuring the confidentiality, integrity, and availability of its data and resources.

    Rate this question:

  • 33. 

    (209) Which McAfee Firewall Enterprise management interface is the graphical software that runs a Windows computer within your network?

    • A.

      Control center.

    • B.

      Admin console.

    • C.

      Command center.

    • D.

      Command-line interface (CLI).

    Correct Answer
    B. Admin console.
    Explanation
    The McAfee Firewall Enterprise management interface that runs on a Windows computer within your network is called the Admin console. This graphical software allows you to manage and configure the firewall settings and policies. The Admin console provides a user-friendly interface for administrators to monitor and control the firewall's operations effectively.

    Rate this question:

  • 34. 

    (209) Which firewall management interface menu option views the association between MAC addresses on the firewall and its corresponding internet protocol (IP) address?

    • A.

      Address Resolution Protocol (ARP).

    • B.

      Getroute.

    • C.

      Ping host.

    • D.

      Traceroute.

    Correct Answer
    A. Address Resolution Protocol (ARP).
    Explanation
    The correct answer is Address Resolution Protocol (ARP). ARP is a protocol used to map an IP address to a physical (MAC) address on a local network. In the context of a firewall, the management interface menu option that views the association between MAC addresses and IP addresses would likely be related to ARP. This option would allow administrators to see the mapping between the two addresses, which is important for network troubleshooting and security management.

    Rate this question:

  • 35. 

    (209) What is the default firewall shutdown option?

    • A.

      Halt system.

    • B.

      Power down system.

    • C.

      Reboot to operational kernel.

    • D.

      Shutdown to emergency maintenance mode.

    Correct Answer
    C. Reboot to operational kernel.
    Explanation
    The default firewall shutdown option is to reboot to the operational kernel. This means that when the firewall is shut down, it will automatically reboot and start up using the operational kernel. This option allows for a smooth transition and ensures that the firewall is ready to operate again after the shutdown.

    Rate this question:

  • 36. 

    (209) Which firewall shutdown option is useful if you need to connect directly to the firewall to access the basic input/output system (BIOS)?

    • A.

      Halt system.

    • B.

      Power down system.

    • C.

      Reboot to operational kernel.

    • D.

      Shutdown to emergency maintenance mode.

    Correct Answer
    A. Halt system.
    Explanation
    The correct answer is Halt system. This option is useful if you need to connect directly to the firewall to access the basic input/output system (BIOS). By halting the system, you can access the BIOS settings and make any necessary changes or configurations. This option effectively shuts down the firewall, allowing you to connect to it and access the BIOS.

    Rate this question:

  • 37. 

    (209) A firewall burb can best be defined as

    • A.

      A network stack.

    • B.

      A security policy.

    • C.

      A set of one or more interfaces.

    • D.

      A particular installation of a firewall.

    Correct Answer
    C. A set of one or more interfaces.
    Explanation
    A firewall burb can best be defined as a set of one or more interfaces. This means that a firewall burb represents the network interfaces that are connected to the firewall. These interfaces can be physical or virtual and are used to control the flow of network traffic, allowing or blocking certain connections based on predefined security policies. The term "burb" is derived from the word "suburb" and is used metaphorically to describe the different areas or zones within a network that the firewall interfaces are connected to.

    Rate this question:

  • 38. 

    (209) Use the high availability shared cluster addresses dialog box to do all the following except

    • A.

      Configure the shared cluster addresses.

    • B.

      Specify or sending and receiving heartbeats.

    • C.

      Handle the fastest network traffic on your appliance.

    • D.

      Isolate the cluster address from the domain name server (DNS) and default routes.

    Correct Answer
    D. Isolate the cluster address from the domain name server (DNS) and default routes.
    Explanation
    The high availability shared cluster addresses dialog box allows you to configure the shared cluster addresses, specify or send and receive heartbeats, and handle the fastest network traffic on your appliance. However, it does not provide the option to isolate the cluster address from the domain name server (DNS) and default routes.

    Rate this question:

  • 39. 

    (209) What does a firewall support that improves system performance by lessening the load placed on the system kernel?

    • A.

      Domain name server (DNS).

    • B.

      Burbs.

    • C.

      Proxies.

    • D.

      Fast Path sessions.

    Correct Answer
    D. Fast Path sessions.
    Explanation
    Fast Path sessions support improves system performance by lessening the load placed on the system kernel. Firewalls with Fast Path sessions are able to offload certain tasks from the system kernel, allowing it to focus on more critical functions. This can result in improved overall system performance and efficiency.

    Rate this question:

  • 40. 

    (210) Which Berkeley Internet Name Domain (BIND) server is responsible for zone transfers?

    • A.

      Named.

    • B.

      Cache-Only.

    • C.

      Master/Primary.

    • D.

      Slave/Secondary.

    Correct Answer
    A. Named.
    Explanation
    The correct answer is "Named." Named is the Berkeley Internet Name Domain (BIND) server that is responsible for zone transfers. Zone transfers are the process of replicating DNS information from one server to another.

    Rate this question:

  • 41. 

    (210) For which Berkeley Internet Name Domain (BIND) server type can there be as many servers as needed in a domain?

    • A.

      Named.

    • B.

      Cache-Only.

    • C.

      Master/Primary.

    • D.

      Slave/Secondary.

    Correct Answer
    D. Slave/Secondary.
    Explanation
    For the Berkeley Internet Name Domain (BIND) server type, there can be as many Slave/Secondary servers as needed in a domain. This server type is responsible for replicating and synchronizing data from the Master/Primary server, allowing for redundancy and load balancing in the domain.

    Rate this question:

  • 42. 

    (210) In regards to Berkeley Internet Name Domain (BIND) system files, items stored in the domain name server (DNS) database best describes

    • A.

      Resource records

    • B.

      Pointer (PTR) records

    • C.

      Zone records

    • D.

      Root cache

    Correct Answer
    A. Resource records
    Explanation
    Resource records are items stored in the domain name server (DNS) database. They contain information about a specific domain name, such as its IP address, mail server, or other DNS-related data. Resource records are essential for the functioning of the DNS system as they allow the translation of domain names into IP addresses and vice versa, enabling the proper routing of internet traffic.

    Rate this question:

  • 43. 

    (210) Which Berkeley Internet Name Domain (BIND) system file provide reverse mapping?

    • A.

      Resource records.

    • B.

      Pointer (PTR) records.

    • C.

      Zone records

    • D.

      Root cache

    Correct Answer
    B. Pointer (PTR) records.
    Explanation
    The correct answer is "Pointer (PTR) records." In the Berkeley Internet Name Domain (BIND) system, the PTR records are used for reverse mapping. These records map IP addresses to domain names, allowing reverse lookups to be performed. This is useful in situations where you have an IP address and need to determine the corresponding domain name.

    Rate this question:

  • 44. 

    (210) Which flexible command line can be used to gather information from domain name servers (DNS)?

    • A.

      Nslookup.

    • B.

      Server.

    • C.

      Yype.

    • D.

      Dig.

    Correct Answer
    D. Dig.
    Explanation
    Dig is a flexible command line tool that can be used to gather information from domain name servers (DNS). It is commonly used for querying DNS records, performing DNS lookups, and troubleshooting DNS issues. Dig provides detailed information about DNS responses, including the authoritative name servers, TTL values, and DNSSEC validation status. It allows users to specify the DNS server they want to query and supports various query types, such as A, MX, NS, and TXT records. Overall, Dig is a powerful tool for gathering DNS information and is widely used by network administrators and DNS operators.

    Rate this question:

  • 45. 

    (210) Which server is the only one that should have changes to domain name server (DNS) data?

    • A.

      Named.

    • B.

      Cache-Only

    • C.

      Master/Primary.

    • D.

      Slave/Secondary.

    Correct Answer
    C. Master/Primary.
    Explanation
    The correct answer is Master/Primary. The Master/Primary server is the only server that should have changes to domain name server (DNS) data. This server is responsible for managing and making updates to the DNS records and distributing them to the Slave/Secondary servers. The Slave/Secondary servers, on the other hand, are designed to replicate the DNS data from the Master/Primary server and serve as backups in case the Master/Primary server becomes unavailable. The Cache-Only server is not involved in making changes to DNS data, it only caches and resolves DNS queries.

    Rate this question:

  • 46. 

    (210) What term is used for a domain name server (DNS) architecture when one or more name servers reside behind a firewall, and contain an “inside” hostname and IP address?

    • A.

      Split.

    • B.

      Dual.

    • C.

      Secure.

    • D.

      Generic.

    Correct Answer
    A. Split.
    Explanation
    Split is the correct answer because in a split DNS architecture, there are two sets of DNS servers - one set is located inside the firewall and is used for internal network users, while the other set is located outside the firewall and is used for external network users. The inside DNS servers contain the "inside" hostname and IP address, while the outside DNS servers contain the public hostname and IP address. This allows for better security and control over DNS resolution for both internal and external users.

    Rate this question:

  • 47. 

    (211) Which access control list (ACL) restricts packets into or out of a given layer 3 interface?

    • A.

      Port Access Control List (PACL).

    • B.

      Router Access Control List (RACL).

    • C.

      Virtual Local Area Network Access Control List (VACL).

    • D.

      Firewall Access Control List (FACL).

    Correct Answer
    B. Router Access Control List (RACL).
    Explanation
    A Router Access Control List (RACL) is used to restrict packets into or out of a given layer 3 interface. It allows the router to filter traffic based on various criteria such as source/destination IP address, protocol, port number, etc. This helps in controlling network traffic and securing the network by allowing or denying specific types of traffic.

    Rate this question:

  • 48. 

    (212) Who approves or disapproves IS (including software and services) connections to the Air Force Global Information Grid (AF-GIG) and accepts any risk created by the approved connections?

    • A.

      Air Force Network Operations commander (AFNetOps/CC).

    • B.

      Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO).

    • C.

      Force Network Operation Center (AFNOC).

    • D.

      23 Information Operations Squadron (IOS).

    Correct Answer
    A. Air Force Network Operations commander (AFNetOps/CC).
    Explanation
    The Air Force Network Operations commander (AFNetOps/CC) approves or disapproves IS connections to the Air Force Global Information Grid (AF-GIG) and accepts any risk created by the approved connections.

    Rate this question:

  • 49. 

    (212) Who reports all backdoors and unauthorized connections to Air Force networks discovered during the course of operations?

    • A.

      Air Force Network Operations commander (AFNetOps/CC)

    • B.

      Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO).

    • C.

      Air Force Network Operation Center (AFNOC).

    • D.

      23 Information Operations Squadron (IOS).

    Correct Answer
    B. Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO).
    Explanation
    The Air Force Information Warfare Center/Information Operations Directorate (AFIWC/IO) is responsible for reporting all backdoors and unauthorized connections to Air Force networks that are discovered during operations. They are specifically tasked with monitoring and protecting the Air Force's information systems and networks, and ensuring their security. This includes identifying any potential threats or vulnerabilities and reporting them to the appropriate authorities for further action.

    Rate this question:

  • 50. 

    (213) Which is not a category of software package available today used that is used to detect and monitor network activity?

    • A.

      Intrusion detection.

    • B.

      Packet-capture.

    • C.

      Filters/triggers

    • D.

      Firewalls

    Correct Answer
    D. Firewalls
    Explanation
    Firewalls are not a category of software package used to detect and monitor network activity. Firewalls are designed to control the incoming and outgoing network traffic based on predetermined security rules. They act as a barrier between internal and external networks to prevent unauthorized access and protect the network from potential threats. However, they do not specifically focus on detecting and monitoring network activity like intrusion detection, packet-capture, and filters/triggers do.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 17, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 13, 2012
    Quiz Created by
    Bmx41992
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.