1.
What type of network can you set up that is another company’s internal network?
Correct Answer
B. Extranet
Explanation
An extranet is a type of network that can be set up to connect an organization with another company's internal network. It allows for secure communication and collaboration between the two organizations, enabling them to share resources, information, and applications. Unlike an intranet, which is limited to internal use within a single organization, an extranet extends the network to include external partners, suppliers, or customers while still maintaining a level of control and security. The internet is a public network accessible to everyone, while a DMZ (demilitarized zone) is a separate network that acts as a buffer between an organization's internal network and the internet.
2.
What technology can you use temporarily to connect networks from two different companies?
Correct Answer
A. VPN
Explanation
A VPN, or Virtual Private Network, can be used temporarily to connect networks from two different companies. A VPN creates a secure and encrypted connection over a public network, such as the internet, allowing users to access resources on the other network as if they were directly connected. It provides a secure way to share data and communicate between the two networks, ensuring privacy and confidentiality.
3.
Which VPN technology is the most common and the easiest to set up?
Correct Answer
A. PPTP
Explanation
PPTP (Point-to-Point Tunneling Protocol) is the most common and easiest VPN technology to set up. It is widely supported by various operating systems and devices, making it user-friendly. PPTP also provides good network performance and is suitable for basic security needs. However, it may not be the most secure option compared to other VPN technologies like L2TP with IPSec or SSTP.
4.
What port does L2TP use?
Correct Answer
C. 1701
Explanation
L2TP (Layer 2 Tunneling Protocol) uses port 1701. This port is specifically assigned for L2TP traffic, allowing the protocol to establish secure connections between remote clients and a VPN server. By using port 1701, L2TP can encapsulate data packets and create a tunnel for secure transmission over an IP network.
5.
Which type of firewall blocks packets based on rules that are based on IP addresses or ports?
Correct Answer
A. Packet filtering
Explanation
Packet filtering is a type of firewall that blocks packets based on rules that are based on IP addresses or ports. It examines the header of each packet and compares it against a set of predetermined rules to determine whether to allow or block the packet. These rules can specify criteria such as source and destination IP addresses, source and destination ports, and protocols. If a packet matches one of the rules, it is either allowed to pass through or blocked, depending on the configuration. This method is efficient and commonly used to provide basic network security.
6.
What technology used in firewalls keeps tracks of conversations so that it knows what to allow back into a network?
Correct Answer
B. Stateful packet inspection
Explanation
Stateful packet inspection is a technology used in firewalls that keeps track of conversations. It monitors the state of network connections by examining the data packets passing through the firewall. This allows the firewall to understand the context of the traffic and make informed decisions on what to allow back into the network. By maintaining information about the state of connections, such as the source and destination IP addresses, ports, and sequence numbers, stateful packet inspection enhances the security and efficiency of network traffic filtering.
7.
What acts as a middleman that translates between internal and external addresses and that caches previously accessed web pages so that it can provide those more quickly in the future?
Correct Answer
C. Proxy server
Explanation
A proxy server acts as a middleman that translates between internal and external addresses. It receives requests from clients and forwards them to the appropriate external servers, and then relays the responses back to the clients. Additionally, a proxy server caches previously accessed web pages, allowing it to provide those pages more quickly in the future. This caching feature improves performance by reducing the amount of data that needs to be retrieved from external servers, especially for frequently accessed content. Therefore, a proxy server fulfills both translation and caching functions, making it the correct answer.
8.
What type of device is used to detect malicious network activities and reports only those issues to the administrator?
Correct Answer
A. NIDS
Explanation
A Network Intrusion Detection System (NIDS) is a device used to detect malicious network activities and report only those issues to the administrator. Unlike a Network Intrusion Prevention System (NIPS), which actively blocks and prevents malicious activities, a NIDS focuses on passive monitoring and analysis of network traffic to identify potential threats. An Internet content filter is used to restrict or control access to certain websites or content, while a NAT server is responsible for translating IP addresses in network traffic.
9.
What type of device is designed to inspect traffic, detect malicious activities, and take steps to mitigate the malicious activity?
Correct Answer
B. NIPS
Explanation
NIPS stands for Network Intrusion Prevention System. It is a device designed to inspect network traffic, detect malicious activities, and take steps to mitigate them. Unlike NIDS (Network Intrusion Detection System), which only detects and alerts about malicious activities, NIPS goes a step further by actively preventing and blocking those activities. It is an essential security measure for organizations to protect their networks from cyber threats and ensure the integrity and confidentiality of their data.
10.
Which DMZ configuration uses one firewall with three interfaces?
Correct Answer
B. Three-leg perimeter configuration
Explanation
The three-leg perimeter configuration is a DMZ configuration that uses one firewall with three interfaces. In this setup, the firewall has one interface connected to the internal network, one interface connected to the external network, and one interface connected to the DMZ. This allows for a separation of the internal network, external network, and the DMZ, providing an additional layer of security.
11.
What stage is the World Wide Web in?
Correct Answer
C. 2.0
Explanation
The World Wide Web is currently in stage 2.0. This refers to the second phase of the Web's development, characterized by the rise of user-generated content, social media platforms, and interactive web applications. This stage introduced a more collaborative and interactive online experience, allowing users to actively participate and contribute to the content on the Web. It marked a shift from static web pages to dynamic and interactive web experiences.
12.
What protocol is used with L2TP to provide encryption?
Correct Answer
A. IPSec
Explanation
IPSec is the correct answer because it is a protocol used with L2TP (Layer 2 Tunneling Protocol) to provide encryption. IPSec stands for Internet Protocol Security and is commonly used to secure data transmission over IP networks. It provides authentication, integrity, and confidentiality of the data being transmitted, making it suitable for securing VPN (Virtual Private Network) connections.
13.
What type of firewall works on the Session layer that creates a connection and allows packets to flow between the two hosts without further checking?
Correct Answer
D. Circuit-level gateway
Explanation
A circuit-level gateway is a type of firewall that operates at the Session layer of the OSI model. It establishes a connection between two hosts and allows packets to flow between them without conducting further checks on the packet content. This type of firewall focuses on the session establishment and teardown process, ensuring that the communication between the hosts is valid and secure. It does not inspect the packet payload or perform deep packet inspection like other types of firewalls such as proxy servers or application firewalls.
14.
What type of firewall do you use to block access to certain websites or instant messengers?
Correct Answer
A. Internet content filter
Explanation
An internet content filter is used to block access to certain websites or instant messengers. It allows administrators to set up rules and restrictions to prevent users from accessing specific content or websites. This type of firewall analyzes the content of the data packets and compares them against a set of predefined rules to determine whether to allow or block access. By using an internet content filter, organizations can enforce internet usage policies and protect their network from potential security threats or inappropriate content.
15.
When trying to protect your network, you should create your secure network based on _______.
Correct Answer
D. Layers
Explanation
When trying to protect your network, it is important to create a secure network based on layers. This means implementing multiple security measures at different levels to create a strong defense against potential threats. By using layers of security, such as firewalls, content filters, proxy servers, and NAT firewalls, you can ensure that even if one layer is breached, there are additional layers in place to protect your network and data. This approach helps to minimize the risk of unauthorized access and potential damage to your network infrastructure.
16.
The ________ is the largest WAN in the world.
Correct Answer
Internet
Explanation
The Internet is the correct answer because it is the largest Wide Area Network (WAN) in the world. A WAN is a network that spans a large geographical area, typically connecting multiple smaller networks together. The Internet is a global network that connects millions of devices and networks worldwide, making it the largest WAN. It allows for communication and data transfer between users and devices across different locations and continents.
17.
An ________ is the internal network for an organization.
Correct Answer
Intranet
Explanation
An intranet is the internal network for an organization. It is a private network that is only accessible to authorized users within the organization. It is used to share information, resources, and collaboration tools among employees, departments, and teams. An intranet provides a secure and controlled environment for communication and data sharing within the organization, enhancing productivity and facilitating efficient workflow. It is different from the internet, which is a public network accessible to anyone.
18.
What port does PPTP use?
Correct Answer
1723
Explanation
PPTP (Point-to-Point Tunneling Protocol) uses port 1723. This port is specifically designated for PPTP communication. PPTP is a protocol used for creating virtual private networks (VPNs) and it relies on port 1723 to establish and maintain the VPN connections. By using this port, PPTP can encapsulate and encrypt data, allowing secure communication between devices over the internet.
19.
What device is used to protect one network from another by using filtering packets?
Correct Answer
firewall
Explanation
A firewall is a device that is used to protect one network from another by filtering packets. It acts as a barrier between two networks, such as a private internal network and the public internet, and examines all incoming and outgoing network traffic. It analyzes the packets based on predefined rules and policies and allows or blocks them accordingly. This helps to prevent unauthorized access, malicious attacks, and the spread of malware or viruses from one network to another.
20.
What type of configuration creates a DMZ between two firewalls?
Correct Answer
back-to-back configuration
Explanation
A back-to-back configuration creates a DMZ between two firewalls. In this setup, two firewalls are placed in series with each other, with a DMZ network located between them. The first firewall faces the internet and filters incoming traffic, allowing only necessary traffic to pass through to the DMZ. The second firewall acts as a barrier between the DMZ and the internal network, filtering outgoing traffic from the DMZ. This configuration provides an additional layer of security by isolating the DMZ from both the internet and the internal network, protecting critical resources from potential attacks.