Page 809 - StudyBook.pdf
P. 809
Self Test Appendix • Appendix 793
A. 127.0.0.1
B. 10.27.3.56
C. 129.12.14.2
D. 224.0.12.10
B. NAT uses three ranges of private addresses which include 10.0.0.0, 172.16.0.0. and
192.168.0.0.
Answer A is incorrect because 127.0.0.1 is a loopback address and should never be seen on the
network.Answer C is incorrect because 129.12.14.2 is a public address.Answer D is incorrect
because 224.0.12.10 is a multicast.
4. You have been running security scans against the DMZ and have obtained the following
results. How should these results be interpreted?
C:\>nmap -sT 192.168.1.2
Starting nmap V. 3.91
Interesting ports on (192.168.1.2):
(The 1598 ports scanned but not shown below are in state: filtered)
Port State Service
53/tcp open DNS
80/tcp open http
111/tcp open sun rpc
Nmap run completed — 1 IP address (1 host up) scanned in 409 seconds
A. TCP port 80 should not be open to the DMZ
B. TCP port 53 should not be open to the DMZ
C. UDP port 80 should be open to the DMZ
D. TCP port 25 should be open to the DMZ
B.TCP port 53 should not be open to the DMZ.This port is used by DNS for zone transfers.
Answer A is incorrect because port 80 is used by Web services. Answer C is incorrect because
UDP 80 should not be open and is not used by common DMZ services.Answer D is incorrect
because port 25 is e-mail and the status of whether it is open or not would depend on if the
organization has decided to allow e-mail to be used in the organization.
5. You have been asked to use an existing router and utilize it as a firewall. Management would
like you to use it to perform address translation and block some known bad IP addresses that
previous attacks have originated from.With this in mind, which of the following statement is
most correct?
www.syngress.com
