Home > Articles

📄 Contents

  1. Foundation Topics
  2. Chapter Review Activities
This chapter is from the book

Chapter Review Activities

Use the features in this section to study and review the topics in this chapter.

Chapter Summary

Well, it goes without saying that there are many potential attackers who would “storm the castle.” The question presents itself: Have you performed your due diligence in securing your computer networking kingdom?

If you answered yes, then it most likely means you have implemented some kind of unified threat management solution; one that includes a firewall, content filter, anti-malware technology, IDS/IPS, and possibly other network security technologies. This collaborative effort makes for a strong network perimeter. The firewall is at the frontlines, whether it is part of a UTM or running as a separate device. Its importance can’t be stressed enough, and you can’t just implement a firewall; it has to be configured properly with your organization’s policies in mind. ACLs, stateful packet inspection, and network address translation should be employed to solidify your firewall solution.

If you answered no, then prepare ye for more metaphorical expression. Remember that enemy forces are everywhere. They are lying in wait just outside your network, and they can even reside within your network—for example, the malicious insider, that dragon who has usurped the mountain and is perhaps in control of your precious treasure...your data. Analogies aside, this is all clear and present danger—it is real, and should be enough to convince you to take strong measures to protect your network.

Often, the act of securing the network can also provide increased efficiency and productivity. For example, a proxy server can act to filter content, and can provide anonymity, but also saves time and bandwidth for commonly accessed data. A honeypot can trap an attacker, thus securing the network, but the secondary result is that network bandwidth is not gobbled up by the powerful attacker. However, the same act can have the opposite effect. For example, a NIDS that is installed to detect anomalies in packets can slow down the network if it is not a powerful enough model. For increased efficiency (and lower all-around cost), consider an all-in-one device such as a UTM, which includes functionality such as firewalling, IDS/IPS, AV, VPN, and DLP. Just make sure it has the core processing and memory required to keep up with the amount of data that will flow through your network.

If you can find the right balance of security and performance while employing your network security solution, it will be analogous to your network donning the aegis, acting as a powerful shield against network attacks from within and without.

Review Key Topics

Review the most important topics in the chapter, noted with the Key Topic icon in the outer margin of the page. Table 8-2 lists a reference of these key topics and the page number on which each is found.

key_topic.jpg

Table 8-2 Key Topics for Chapter 8

Key Topic Element Description Page Number
Figure 8-1 Diagram of a basic firewall 175
Bulleted list Types of firewalls 176
Figure 8-2 Back-to-back firewall/DMZ configuration 177
Bulleted list Types of proxies 179
Figure 8-4 Illustration of an HTTP proxy in action 180
Figure 8-5 Illustration of NIDS placement in a network 183
Table 8-1 Summary of NIDS versus NIPS 185

Define Key Terms

Define the following key terms from this chapter, and check your answers in the glossary:

  • network perimeter

  • access control list

  • explicit allow

  • explicit deny

  • implicit deny

  • packet filtering

  • stateful packet inspection

  • application-level gateway

  • circuit-level gateway

  • application firewall

  • web application firewall

  • proxy server

  • IP proxy

  • HTTP proxy (web proxy)

  • proxy auto-configuration (PAC)

  • Internet content filter

  • web security gateway

  • honeypot

  • honeynet

  • data loss prevention (DLP)

  • network intrusion detection system (NIDS)

  • promiscuous mode

  • network intrusion prevention system (NIPS)

  • false positive

  • false negative

  • unified threat management (UTM)

Complete the Real-World Scenarios

Complete the Real-World Scenarios found on the companion website (www.pearsonitcertification.com/title/9780134846057). You will find a PDF containing the scenario and questions, and also supporting videos and simulations.

Review Questions

Answer the following review questions. Check your answers in Appendix A, “Answers to the Review Questions.”

  • 1. Which tool would you use if you want to view the contents of a packet?

    • A. TDR

    • B. Port scanner

    • C. Protocol analyzer

    • D. Loopback adapter

  • 2. The honeypot concept is enticing to administrators because

    • A. It enables them to observe attacks.

    • B. It traps an attacker in a network.

    • C. It bounces attacks back at the attacker.

    • D. It traps a person physically between two locked doors.

  • 3. James has detected an intrusion in his company network. What should he check first?

    • A. DNS logs

    • B. Firewall logs

    • C. The Event Viewer

    • D. Performance logs

  • 4. Which of the following devices should you employ to protect your network? (Select the best answer.)

    • A. Protocol analyzer

    • B. Firewall

    • C. DMZ

    • D. Proxy server

  • 5. Which device’s log file will show access control lists and who was allowed access and who wasn’t?

    • A. Firewall

    • B. Smartphone

    • C. Performance Monitor

    • D. IP proxy

  • 6. Where are software firewalls usually located?

    • A. On routers

    • B. On servers

    • C. On clients

    • D. On every computer

  • 7. Where is the optimal place to have a proxy server?

    • A. In between two private networks

    • B. In between a private network and a public network

    • C. In between two public networks

    • D. On all of the servers

  • 8. A coworker has installed an SMTP server on the company firewall. What security principle does this violate?

    • A. Chain of custody

    • B. Use of a device as it was intended

    • C. Man trap

    • D. Use of multifunction network devices

  • 9. You are working on a server and are busy implementing a network intrusion detection system on the network. You need to monitor the network traffic from the server. What mode should you configure the network adapter to work in?

    • A. Half-duplex mode

    • B. Full-duplex mode

    • C. Auto-configuration mode

    • D. Promiscuous mode

  • 10. Which of the following displays a single public IP address to the Internet while hiding a group of internal private IP addresses?

    • A. HTTP proxy

    • B. Protocol analyzer

    • C. IP proxy

    • D. SMTP proxy

    • E. PAC

  • 11. If your ISP blocks objectionable material, what device would you guess has been implemented?

    • A. Proxy server

    • B. Firewall

    • C. Internet content filter

    • D. NIDS

  • 12. Of the following, which is a collection of servers that was set up to attract attackers?

    • A. DMZ

    • B. Honeypot

    • C. Honeynet

    • D. VLAN

  • 13. Which of the following will detect malicious packets and discard them?

    • A. Proxy server

    • B. NIDS

    • C. NIPS

    • D. PAT

  • 14. Which of the following will an Internet filtering appliance analyze? (Select the three best answers.)

    • A. Content

    • B. Certificates

    • C. Certificate revocation lists

    • D. URLs

  • 15. Which of the following devices would detect but not react to suspicious behavior on the network? (Select the most accurate answer.)

    • A. NIPS

    • B. Firewall

    • C. NIDS

    • D. HIDS

    • E. UTM

  • 16. One of the programmers in your organization complains that he can no longer transfer files to the FTP server. You check the network firewall and see that the proper FTP ports are open. What should you check next?

    • A. ACLs

    • B. NIDS

    • C. AV definitions

    • D. FTP permissions

  • 17. Which of the following is likely to be the last rule contained within the ACLs of a firewall?

    • A. Time of day restrictions

    • B. Explicit allow

    • C. IP allow any

    • D. Implicit deny

  • 18. Which of the following best describes an IPS?

    • A. A system that identifies attacks

    • B. A system that stops attacks in progress

    • C. A system that is designed to attract and trap attackers

    • D. A system that logs attacks for later analysis

  • 19. What is a device doing when it actively monitors data streams for malicious code?

    • A. Content inspection

    • B. URL filtering

    • C. Load balancing

    • D. NAT

  • 20. Allowing or denying traffic based on ports, protocols, addresses, or direction of data is an example of what?

    • A. Port security

    • B. Content inspection

    • C. Firewall rules

    • D. Honeynet

  • 21. Which of the following should a security administrator implement to limit web-based traffic that is based on the country of origin? (Select the three best answers.)

    • A. AV software

    • B. Proxy server

    • C. Spam filter

    • D. Load balancer

    • E. Firewall

    • F. URL filter

    • G. NIDS

  • 22. You have implemented a technology that enables you to review logs from computers located on the Internet. The information gathered is used to find out about new malware attacks. What have you implemented?

    • A. Honeynet

    • B. Protocol analyzer

    • C. Firewall

    • D. Proxy

  • 23. Which of the following is a layer 7 device used to prevent specific types of HTML tags from passing through to the client computer?

    • A. Router

    • B. Firewall

    • C. Content filter

    • D. NIDS

  • 24. Your boss has asked you to implement a solution that will monitor users and limit their access to external websites. Which of the following is the best solution?

    • A. NIDS

    • B. Proxy server

    • C. Block all traffic on port 80

    • D. Honeypot

  • 25. Which of the following firewall rules only denies DNS zone transfers?

    • A. deny IP any any

    • B. deny TCP any any port 53

    • C. deny UDP any any port 53

    • D. deny all dns packets

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Pearson IT Certification products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by Adobe Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.pearsonitcertification.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020