WGU - MSCSIA - C700 - Secure Network Design - 2019 - Practice Test.

WGU - MSCSIA - C700 - Secure Network Design - 2019 - Practice Test. What is another term for a demilitarized zone (DMZ)? - Screened subnet is another term for a demilitarized zone (DMZ). Two firewalls are used in this configuration: one firewall resides between the public network and DMZ, and the other resides between the DMZ and private network. Screened subnet - is another term for a demilitarized zone (DMZ). Two firewalls are used in this configuration: one firewall resides between the public network and DMZ, and the other resides between the DMZ and private network. A screened host is - a firewall that resides between the router that connects a network to the Internet and the private network. The router acts as a screening device, and the firewall is the screen host. This firewall employs two network cards and a single screening router. A dual-homed firewall is - one that has two network interfaces: one interface connects to the Internet, and the other connects to the private network. One of the most common drawbacks to dual-homed firewalls is that internal routing may accidentally become enabled. APIPA - ? Infrastructure mode - allows wireless computers to connect to a LAN, a WAN, or the Internet. This means that infrastructure mode wireless computers can access all computers on the LAN, WAN, and Internet. Infrastructure mode is much more expensive to implement than ad hoc mode because you must configure wireless access points. While infrastructure mode is harder to set up and configure, it is much easier to manage than ad hoc mode. Ad hoc mode - allows wireless computers to be configured much more quickly than infrastructure mode. computers all participate in the same network. This means that the wireless computers can access each other, but cannot access network resources on a LAN, WAN, or Internet. is much cheaper than infrastructure mode to implement. In addition, it is easy to set up and configure and can provide better performance than infrastructure mode. However, it is difficult to manage. Static IP addresses should not be implemented because the corporate network contains a DHCP server. - static IP APIPA should not be used for the same reason. In addition, APIPA is utilized only if a DHCP server is not found. - APIPA The Ethernet LAN technology does NOT use a multistation access unit (MAU) as its central device - The Ethernet LAN technology does NOT use a multistation access unit (MAU) as its central device Multi-station Access Unit (MAU) - Central device in a Token Ring network which passes the Token from device to device serially in order and in a one-way direction. Token Ring supports - full duplex transmission using carrier sense multiple access with collision avoidance (CSMA/CA). Ethernet LAN technology - supports full duplex transmissions. It uses carrier sense multiple access with collision detection (CSMA/CD). It is defined by IEEE 802.3 Full-duplex can - transmit and receive information in both directions simultaneously. synchronous transmission has - a start bit is used to indicate the beginning of transmission. The start bit is followed by data bits, and then one or two stop bits follow to indicate the end of the transmission. In synchronous transmission, - the transmitter and receiver have synchronized clocks and the data is sent in a continuous stream. The clocks are synchronized by using transitions in the data and, therefore, start and stop bits are not required for each unit of data sent Half-duplex transmissions are - transmissions in which information can be transmitted in two directions, but only one direction at a time. You should complete all of the following steps to protect against war-driving attacks: - 1. Change the default SSID. 2. Disable SSID broadcasts. 3. Configure the network to use authenticated access only.f 4. Implement Wi-Fi Protected Access (WPA) or WPA2 instead of WEP. 5. Reduce the access point signal strength. NetStumbler is a - common war-driving tool. To idenfity unauthorized wireless access points you should - periodically complete a site survey The reason you would disable SSID broadcasts is to - protect a wireless network from hackers and to prevent unauthorized site surveys. WEP - Uses a X-bit or X-bit key - 40bit or 104 bit WPA/WPA2 Personal - Uses a x-bit key - 256-bit pre-shared key WPA/WPA2 Enterprise - Requires a - RADIUS server Dictionary attack - occurs when a - hacker tries to guess passwords using a list of common words DoS attack - occurs when a - server or resource is overloaded so that legitimate users cannot access it Pharming attack - occurs when - traffic is redirected to a site that looks identical to the intended site Phishing attack - occurs when - confidential information is requested by an entity that appears to be legitimate WEP/WPA cracking - - Mathematical algorithms are used to determine the preshared key used on the access point. Warchalking - - SSID and other authentication details regarding a wireless network are written down in a prominent public place. Evil twin - - A rogue access point is configured with the same SSID as a valid access point. A bastion host is a computer that - resides on a network that is locked down to provide maximum security. A bastion host has firewall software installed, but can also provide other services. Any server that resides in a demilitarized zone (DMZ) should be configured as a bastion host Any server that resides in a demilitarized zone (DMZ) should be configured as - a bastion host A stateful firewall - first examines a packet to see if it is the result of a previous connection Information about previous connections is maintained in the - state table. Stateful firewalls perform the following tasks: - Scan information from all layers in the packet. Save state information derived from previous communications, such as the outgoing port information, so that incoming data communication can be verified against it. Provide tracking support for connectionless protocols through the use of session state databases. Allow state information derived from other applications access through the firewall for authorized services only, such as previously authenticated users. Evaluate and manipulate flexible expressions based on communication and application derived state information. Firewall Rule: Permit all inbound TCP connections. - will most likely result in a security breach This rule is one you will not see in most firewall configurations. By simply allowing all inbound TCP connections, you are not limiting remote hosts to certain protocols. SOCKS is a - circuit-level proxy firewall that provides a secure channel between two computers.