Page 492 - StudyBook.pdf
P. 492
476 Chapter 7 • Topologies and IDS
80/tcp open http
111/tcp open sun rpc
Nmap run completed — 1 IP address (1 host up) scanned in 409 seconds
A. TCP port 80 should not be open to the DMZ
B. TCP port 53 should not be open to the DMZ
C. UDP port 80 should be open to the DMZ
D. TCP port 25 should be open to the DMZ
5. You have been asked to use an existing router and utilize it as a firewall.
Management would like you to use it to perform address translation and block
some known bad IP addresses that previous attacks have originated from.With
this in mind, which of the following statement is most correct?
A. You have been asked to perform NAT services
B. You have been asked to set up a proxy
C. You have been asked to set up stateful inspection
D. You have been asked to set up a packet filter
6. You have been asked to compile a list of the advantages and disadvantages of
copper cabling and fiber-optic cable. Upon reviewing the list, which of the
following do you discover is incorrect?
A. Copper cable does not support speeds as high as fiber
B. The cost of fiber per foot is cheaper than copper cable
C. Fiber is more secure than copper cable
D. Copper cable is easier to tap than fiber cable
7. You have been asked to install a SQL database on the intranet and recom-
mend ways to secure the data that will reside on this server.While traffic will
be encrypted when it leaves the server, your company is concerned about
potential attacks.With this in mind, which type of IDS should you recom-
mend?
A. A network-based IDS with the sensor placed in the DMZ
B. A host-based IDS that is deployed on the SQL server
C. A network-based IDS with the sensor placed in the intranet
D. A host-based IDS that is deployed on a server in the DMZ
www.syngress.com
