40 Questions
What is a type of device that expands on the capabilities of a traditional firewall?
NGFW
What feature enables an IDS to monitor all traffic on a switched network?
Port mirroring
Which of the following is not a SAN protocol?
VoIP
What do iSCSI initiators use to locate iSCSI targets on the network?
iSNS
What is the best device to install between the multifunction device and the cable modem to prevent intrusions?
Intrusion prevention system (IPS)
Which of the following statements about hubs and switches is true?
All of the devices connected to a hub are part of a single collision domain, whereas each device connected to a switch has its own collision domain.
What type of device is a load balancer?
Gateway
Which of the following devices perform essentially the same function?
Hubs and bridges
What is a proxy server used for?
To provide Internet access and security against outside intrusions
What type of switch immediately forwards frames after looking at only the destination address?
Cut-through switch
Which of the following devices can monitor network traffic for abnormal or malicious activity?
IDS
Which of the following SAN protocols can share a network medium with standard LAN traffic?
iSCSI
What is a capability that only a firewall capable of stateful packet inspection can do?
Scan Transport layer header fields for evidence of SYN floods
Which of the following methods do intrusion detection systems (IDSs) typically use to analyze incoming network traffic?
Anomaly-based detection and signature-based detection
What is another term for a multiport bridge?
Switch
What is the primary function of a personal firewall?
To block traffic entering a computer
What is the primary function of a port scanner?
To scan traffic entering a network for open ports
At which layer of the OSI model do routers operate?
Network layer
What type of system is frequently used to collect information from intrusion detection systems (IDSs)?
SIEM
What is the primary reason for splitting a large, switched Ethernet LAN into two LANs by adding a router?
To reduce the amount of broadcast traffic on each LAN
What type of addressing do bridges and switches use to forward frames?
Media access control (MAC) addressing
How do switches forward packets?
Based on their hardware addresses
What is a characteristic of a router?
It can communicate with other routers and share information
What is a benefit of adding a router to a large, switched Ethernet LAN?
It reduces the amount of broadcast traffic on each LAN
What is a fundamental requirement for bridges and switches on a local area network (LAN)?
Supporting the Network layer protocol
What defines a separate broadcast domain in a network device?
Each port on a bridge or switch
What is a traditional switch also known as?
Multiport bridge
Why do layer 2 switches improve the performance of an Ethernet LAN compared to hubs?
They reduce the number of collisions on the network
What is true about routers?
They build their internal tables based on destination IP addresses
What is not a characteristic of routers?
They store and maintain route information in a local database
What is a function of routers?
Forwarding frames based on destination IP addresses
What is a capability of software routers?
Connecting two or more networks with dissimilar Data link layer protocols and media
What is the term for the client that accesses an iSCSI device on a storage area network?
Initiator
Which protocol is not included in an iSCSI packet on a storage area network (SAN)?
None of the above
Which protocol standard defines a layered implementation that corresponds to the layers of the OSI model?
PPP
Which of the following protocols are included in an FCoE packet?
Ethernet
What is the primary objective of Ralph's proposed Internet access solution?
To provide access to web and email services
What is the role of the proxy servers in Ralph's proposed solution?
To monitor and regulate users' access to the Internet
Why does Ralph propose using private IP addresses on the client computers?
To avoid manual configuration of IP addresses
What is the benefit of using proxy servers with public, registered IP addresses?
To keep client computers safe from unauthorized users
Study Notes
Network Security Devices
- An intrusion prevention system (IPS) can be installed between a multifunction device and a cable modem to prevent unauthorized access.
- A personal firewall can be installed on each computer to protect it from external threats.
Hubs and Switches
- Hubs operate only at the Physical layer, whereas switches operate at the Data link layer.
- All devices connected to a hub are part of a single collision domain, whereas each device connected to a switch has its own collision domain.
- There are switches available with Network layer functionality, but there are no hubs with that capability.
- Switches do not create a separate broadcast domain for each connected device; instead, they create a single broadcast domain for all connected devices.
Switch Types
- Cut-through switches immediately forward frames after looking at only the destination address.
- Source route switches are a type of switch that is not commonly used.
- Store-and-forward switches receive the entire frame before forwarding it.
Firewalls
- Firewalls capable of stateful packet inspection can filter traffic based on port numbers, block traffic destined for specific IP addresses, and scan Transport layer header fields for evidence of SYN floods.
- Firewalls can block all TCP traffic from entering a network.
Intrusion Detection Systems (IDSs)
- IDSs use anomaly-based detection, behavior-based detection, and signature-based detection to analyze incoming network traffic.
- IDSs can also use statistic-based detection, but it is not a common method.
Switches and Routers
- Routers operate at the Network layer, whereas switches operate at the Data link layer.
- All devices connected to a switch are part of a single broadcast domain, whereas the networks connected to a router form separate broadcast domains.
- Routers can communicate with each other and share information, but switches cannot.
- Routers forward packets based on their IP addresses, whereas switches forward packets based on their hardware addresses.
SIEM Systems
- SIEM (Security Information and Event Management) systems are used to collect information from IDSs.
Traffic Congestion
- Splitting a large, switched Ethernet LAN into two LANs by adding a router can help to alleviate traffic congestion and improve performance by reducing the amount of broadcast traffic on each LAN.
Bridges and Switches
- Bridges and switches are Data link layer devices that use media access control (MAC) addresses to forward frames.
- Bridges and switches build their internal tables based on destination addresses and forward packets based on source addresses.
Traditional Switches
- A traditional switch is a multiport bridge that forwards packets based on MAC addresses.
Layer 2 Switches
- Layer 2 switches improve network performance by reducing the number of collisions on the network.
- Layer 2 switches do not forward broadcast transmissions, which improves network performance.
Routers
- Routers are Network layer devices that use IP addresses to forward frames.
- Routers can connect two or more networks with dissimilar Data link layer protocols and media.
- Routers can learn and populate their routing tables through static and dynamic routing.
- Each port on a router defines a separate broadcast domain.
Load Balancers
- A load balancer is a type of device that expands on the capabilities of traditional routers and firewalls.
Next-Generation Firewalls (NGFWs)
- NGFWs are devices that expand on the capabilities of traditional firewalls by adding features like deep packet inspection (DPI) and an intrusion prevention system (IPS).
Proxy Servers
- Proxy servers can provide security against outside intrusion by using a public IP address, while the client computers use private addresses.
- Proxy servers can be used to monitor and regulate users' access to the Internet.
Intrusion Detection Systems (IDSs)
- IDSs can be used to monitor a network for abnormal or malicious traffic.
- IDSs can monitor traffic on a switched network using port mirroring.
Storage Area Networks (SANs)
- iSCSI, Fibre Channel, and FCoE are protocols used in SANs.
- iSCSI initiators use iSNS (Internet Storage Name Service) to locate iSCSI targets on the network.
- Fibre Channel and FCoE are not capable of sharing a network medium with standard LAN traffic.
iSCSI Packets
- iSCSI packets include Ethernet, IP, and TCP protocols.
Fibre Channel Packets
- Fibre Channel packets do not include Ethernet, IP, or TCP protocols.
FCoE Packets
- FCoE packets include Ethernet and Fibre Channel protocols.
Private Internetworks
- Private internetworks can use private IP addresses and proxy servers with public, registered IP addresses to connect to the Internet.
- This solution can provide access to web and email services while keeping client computers safe from unauthorized users on the Internet.
This quiz assesses knowledge of computer networking security measures such as intrusion prevention systems, firewalls, and detection systems. It also tests understanding of network devices like hubs and switches.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free