Page 810 - StudyBook.pdf
P. 810

794    Appendix • Self Test Appendix

                  A. You have been asked to perform NAT services
                  B. You have been asked to set up a proxy
                  C. You have been asked to set up stateful inspection
                  D. You have been asked to set up a packet filter
              D.While routers are not designed to be a specialized security device, they can be used as a
                 packet filter. Packet filters perform stateless inspection such as inspecting packet IP addresses
                 and port numbers.
              Answer A is incorrect because most routers already perform NAT.Answer B is incorrect
                 because a proxy stands in place of another device and that is not how the router is being used.
                 Answer C is incorrect because routers do not have the ability to keep track of state. Routers
                 perform stateless inspection.

             6.  You have been asked to compile a list of the advantages and disadvantages of copper cabling
                 and fiber-optic cable. Upon reviewing the list, which of the following do you discover is
                 incorrect?
                  A. Copper cable does not support speeds as high as fiber
                  B. The cost of fiber per foot is cheaper than copper cable
                  C. Fiber is more secure than copper cable
                  D. Copper cable is easier to tap than fiber cable
              B. Fiber is more expensive that copper cabling.
              Answers A, C, and D are incorrect because they are all statements that are true when
                 describing fiber or copper cabling.
             7.  You have been asked to install a SQL database on the intranet and recommend ways to secure
                 the data that will reside on this server.While traffic will be encrypted when it leaves the server,
                 your company is concerned about potential attacks.With this in mind, which type of IDS
                 should you recommend?
                  A. A network-based IDS with the sensor placed in the DMZ
                  B. A host-based IDS that is deployed on the SQL server
                  C. A network-based IDS with the sensor placed in the intranet
                  D. A host-based IDS that is deployed on a server in the DMZ
              B.The best option of those given in the question would be to deploy a host-based IDS that is
                 deployed on the SQL server. Having it located on the server would allow it to detect traffic
                 regardless of where it was coming from.

              Answer A is incorrect because using a network-based IDS located in the DMZ would not
                 detect any internal traffic, it would only detect traffic that passed through the DMZ.Answer C
                 is incorrect because a network sensor could detect network level traffic, but if it is encrypted
                 the IDS would be unable to analyze it.Answer D is incorrect because the host being used is in
                 the DMZ and not on the SQL server.






          www.syngress.com
   805   806   807   808   809   810   811   812   813   814   815