CNIT 455 Exam I |210 Complete Q’s and A’s

CNIT 455 Exam I |210 Complete Q’s and
A’s
T/F A Packet Filter is hardware that limits connectivity - -F (Software)

- Packet filters block _______ and ______ traffic - -ingress, egress

- Packet filters use ____ based filtering - -rule

- Packet filter rules are combined into ________ - -rulesets

- T/F A good practice with packet filters is to allow what you want then deny
all else. - -T

- A firewall always includes a ______ ______ - -packet filter

- T/F All packet filters are firewalls - -F (Firewalls contain packet filters, not
vice versa)

- T/F Windows firewall, iptables, and pfsense are examples of software
"firewalls" - -T

- T/F Packet filters are often used as a replacement in the IP stack on
modern implementations. - -F (uncommon)

- T/F Packet filters are often implemented as a specialized network device. -
-T

- One should always use __ rather than ___ when configuring a packet filter,
as the latter is far easier to spoof. - -IP, DNS

- When filtering by IP, one should control access based on the
______/__________ IP address. - -source/destination

- T/F Packet filters are vulnerable to IP address spoofing via ARP. - -T

- LSRR stands for - -Loose Source Record Routing

- T/F LSRR tells packets specific routes to gain access to otherwise
unreachable networks. - -T

- T/F LSRR prevents machines from spoofing addresses. - -F (Enables
spoofing, as net traffic can still find the machine)

, - T/F You should always enable LSRR on border routers and firewalls - -F
(DISABLE IT)

- UDP and TCP communication is based on numbered _____ - -ports

- T/F UDP and TCP source and destination ports are standardized. - -F (only
destination)

- UDP and TCP ______ ports are chosen randomly, from port ____ and above -
-source, 1024

- The two types of port filtering are ______ and ________ - -Static, dynamic

- Static port filtering involves only allowing traffic based on ____ number or
IP/____ number combination - -port

- In static port filtering, each packet is checked _____________ - -
independently

- Dynamic port filtering is also known as ________ ______ __________ - -stateful
packet inspection

- Dynamic port filtering checks the _______ of the packet as well as ______
and ___________ addresses - -context, source, destination

- T/F Destination Static Port Filtering involves examining and filtering based
on source port number - -F (destination you dip)

- The major limitation of Destination Static Port Filtering is that it only works
if a server responds to incoming messages on the _________ ____ - -receiving
port

- In source static port forwarding, source ports are typically randomly
chosen from numbers above ____ - -1023

- In source static port forwarding, after a server sends a message using a
random port > 1023, the return traffic will be _______ by the firewall. - -
blocked

- To work around the blocking caused by SSPF, you must ______ incoming
traffic for ports > 1023 - -allow

- T/F Allowing traffic for SSPF is a massive security problem. - -T

- By monitoring the source port for ingress traffic in SSPF, you have created
a __-__________ static filter - -bi-directional