CNIT 455 Final Exam Latest 2024 Graded A

CNIT 455 Final Exam Latest 2024 Graded A Confidentiality, Integrity, Availability *Authentication, Authorization, Encryption, Non-Repudiation What are the components of the Basic Security Model? Prevention, Detection, Response What are the components of the Security Trinity? Prevention, Detection, Containment, Investigation, Recovery, Follow-Up What should be the components of the Security Trinity? Security Trinity The <blank> security model is incident-oriented. Assets, Threats, Vulnerabilities (exposures), Attacks, Risk What are the components of security? ingress; egress Packet filters block <blank> and <blank> traffic. F (software) T/F: A packet filter is hardware that limits connectivity. rule Packet filters use <blank>-based filtering. rulesets Packet filter rules are combined into <blank>. T T/F: Packet filter best practice is to allow what you want and then deny all else. F T/F: All packet filters contain a firewall. packet filter A firewall always includes a <blank>. T T/F: Packet filters are vulnerable to IP address spoofing directly and indirectly. specialized network device (hardware firewall) Cisco PIX/ASA and Juniper NetScreen are what type of packet filter? software firewalls Windows firewall, iptables, and pfSense are examples of <blank>. replacement IP stack Bastion host is an example of a <blank> packet filter. F (replacement IP stack) T/F: Specialized network devices are the rarest packet filters. Loose Source Record Routing What enables a machine to spoof an address and traffic still properly identifies it? Loose Source Record Routing <blank> can allow access to networks that would otherwise be unreachable. T T/F: Packet filters are often implemented as a specialized network device. IP; DNS One should always use <blank> rather than <blank> when configuring a packet filter, as the latter is far easier to spoof. source; destination When filtering by IP, one should control access based on the <blank>/<blank> IP address.