Class Test 2 - e-security (CSN11102/11117) Semester 2, Session 2012-13



Similar documents
We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

Internet Security Firewalls

Solution of Exercise Sheet 5

Firewalls. Chapter 3

12. Firewalls Content

DMZ Network Visibility with Wireshark June 15, 2010

Brocade Certified Layer 4-7 Professional Version: Demo. Page <<1/8>>

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

CSCE 465 Computer & Network Security

F-SECURE MESSAGING SECURITY GATEWAY

Chapter 5. Figure 5-1: Border Firewall. Firewalls. Figure 5-1: Border Firewall. Figure 5-1: Border Firewall. Figure 5-1: Border Firewall

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

BorderWare Firewall Server 7.1. Release Notes

Security IIS Service Lesson 6

Internet Security Firewalls

Security Technology: Firewalls and VPNs

Table of Contents. Configuring IP Access Lists

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

ΕΠΛ 674: Εργαστήριο 5 Firewalls

z/os Firewall Technology Overview

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

Fig : Packet Filtering

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Multi-Homing Dual WAN Firewall Router

Firewalls. Ingress Filtering. Ingress Filtering. Network Security. Firewalls. Access lists Ingress filtering. Egress filtering NAT

Firewalls. Ahmad Almulhem March 10, 2012

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Proxy Server, Network Address Translator, Firewall. Proxy Server

Configuring WCCP v2 with Websense Content Gateway the Web proxy for Web Security Gateway

Computer and Network Security Exercise no. 4

CMPT 471 Networking II

ΕΠΛ 475: Εργαστήριο 9 Firewalls Τοίχοι πυρασφάλειας. University of Cyprus Department of Computer Science

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Cisco Configuring Commonly Used IP ACLs

Technical Notes TN 1 - ETG FactoryCast Gateway TSX ETG 3021 / 3022 modules. How to Setup a GPRS Connection?

Cornerstones of Security

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Chapter 7. Firewalls

8 steps to protect your Cisco router

Troubleshooting the Firewall Services Module

21.4 Network Address Translation (NAT) NAT concept

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

EXPLORER. TFT Filter CONFIGURATION

Linux Network Security

CISCO IOS NETWORK SECURITY (IINS)

Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300

The Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series

Firewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015)

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.

PIX/ASA 7.x with Syslog Configuration Example

Basic Network Configuration

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001

20-CS X Network Security Spring, An Introduction To. Network Security. Week 1. January 7

- Introduction to Firewalls -

IINS Implementing Cisco IOS Network Security Exam.

Firewall Authentication Proxy for FTP and Telnet Sessions

High Security Firewall: Prevent Unauthorized Access Using Firewall Technologies

How To Block On A Network With A Group Control On A Router On A Linux Box On A Pc Or Ip Access Group On A Pnet 2 On A 2G Router On An Ip Access-Group On A Ip Ip-Control On A Net

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Securing Networks with PIX and ASA

Protocol Security Where?

Computer Networks. Secure Systems

Lab Developing ACLs to Implement Firewall Rule Sets

Introduction to Endpoint Security

Security threats and network. Software firewall. Hardware firewall. Firewalls

Introduction to Computer Security Benoit Donnet Academic Year

This chapter describes how to set up and manage VPN service in Mac OS X Server.

Application Note. Onsight Connect Network Requirements v6.3

Chapter 4: Security of the architecture, and lower layer security (network security) 1

Cisco Certified Security Professional (CCSP)

Firewalls. Network Security. Firewalls Defined. Firewalls

Network Load Balancing

WiNG 5.X How To. Policy Based Routing Cache Redirection. Part No. TME Rev. A

How To Set Up An Ip Firewall On Linux With Iptables (For Ubuntu) And Iptable (For Windows)

VPN. Date: 4/15/2004 By: Heena Patel

Configuring Class Maps and Policy Maps

Barracuda Networks Web Application Firewall

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Enabling Remote Access to the ACE

Internet Privacy Options

RemotelyAnywhere. Security Considerations

Pre Sales Communications

FIREWALLS & CBAC. philip.heimer@hh.se

Slide 1 Introduction cnds@napier 1 Lecture 6 (Network Layer)

SolarWinds Log & Event Manager

Case Study for Layer 3 Authentication and Encryption

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

Setting Up Scan to SMB on TaskALFA series MFP s.

Intego Enterprise Software Deployment Guide

F-Secure Messaging Security Gateway. Deployment Guide

Implementing Cisco IOS Network Security

Firewalls, IDS and IPS

McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course

Firewall Architecture

Transcription:

Class Test 2 - e-security (CSN11102/11117) Semester 2, Session 2012-13 Outline Requirements The test will account for 20% of the module final grade, and is based on the academic content of the course covering Software Security and Network Security. It is a closed book test, and normal examination conditions apply. There are 30 questions in this paper. A correct answer scores +1, an incorrect answer scores 0.2, and a non-answer gets a score of zero. The score will be normalised and converted to an indicative grade. You can use a calculator in the exam. Test time: 40 minutes. PLEASE ENTER YOUR MATRICULATION NUMBER AND DATE HERE: Matriculation Number: Date of Test: / / For Staff use only No. correct No. incorrect No. omitted Final Mark ( /30) Final %age %

Class Test 2 - e-security (CSN11102/11117) Semester 2, Session 2012-13 1. Which of the following pairs of statements is true about software and hardware firewalls? A. Software: harder to reconfigure; hardware: copes better with large traffic conditions B. Software: easier to reconfigure; hardware: gives improved failover C. Software: faster; hardware: gives poorer failover D. Software: faster; hardware: copes better with large traffic conditions E. Software: slower; hardware: less expensive 2. Which of the following pairs of statements gives an advantage and a disadvantage of using proxies? A. Advantage: it gives user-oriented logging; Disadvantage: it does not give user-oriented accounting B. Advantage: it speeds up processing; Disadvantage: it gives a central point of failure C. Advantage: it gives user-oriented authentication; Disadvantage: it slows down processing D. Advantage: it has no central point of failure; Disadvantage: it slows down processing E. Advantage: it has no central point of failure; Disadvantage: it does not give user-oriented accounting 3. If a host uses a proxy for Web access, what will be the destination IP address of the data packets that are initially sent to a remote Web server? A. The source address of the host B. The source address of the web server C. The source address of the proxy D. The TCP proxy port E. The TCP local port

4. Which of the following pairs of statements is true about proxies? A. Private addresses can be used for the internal network; they do not allow logging of data packets B. Private addresses cannot be used for the internal network; they allow logging of data packets C. Private addresses cannot be used for the internal network; they allow user-level authentication D. They allow hosts to be hidden from the outside; private addresses can be used for the internal network E. They allow user-level authentication; internal nodes can be directly contacted from the outside 5. Which of the following statements is true for IPSec? A. UDP Port 50 is the key exchange post and TCP Port 500 is used for ESP B. TCP Port 51 is used for AH and UDP Port 50 is the key exchange post C. UDP Port 500 is the key exchange post and TCP Port 50 is used for ESP D. UDP Port 500 is the key exchange post and it does not allow either ESP or AH E. UDP Port 50 is the key exchange post and it allows both ESP or AH 6. What does Dynamic NAT (with PAT) use to keep track of a connection? A. Just the source address B. Just the destination address C. The source address and the source port D. The destination address and the destination port E. The source and destination addresses and the source and destination ports

7. What advantage does SSH have over TELNET? A. It is faster B. It is more compatible C. It is more secure D. It is easier to configure E. It supports more connections 8. Which of the following IP address is not a private address? A. 146.176.1.5 B. 10.0.0.1 C. 172.16.1.1 D. 192.168.0.1 E. 10.10.10.1 9. How would 10.11.12.13 with a subnet mask of 255.255.255.224 be displayed? A. 10.11.12.13/31 B. 10.11.12.13/27 C. 10.11.12.13/240 D. 10.11.12.13/16 E. 10.11.12.13/5 10. Which best describes a stateful packet filter? A. Filters packets based on layer 3 and 4 B. Filters packets based on layer 3 and 4 with session info C. Acts as a middle man, and examines session info D. Filters packets based on layer 1 and 2 E. Filters packets based on layer 1 and 2 with session info

11. Which is not an advantage of NAT? A. Hides the network addresses of the network B. Bars direct contact with a host C. Increased range of address D. Allow easy creation of subnetworks E. Allows easy access to hosts from outside the network 12. Which access-list allows traffic from all addresses in the range 192.169.3.0 to 192.169.3.255? A. access-list 10 permit 192.169.3.0 0.0.0.255 B. access-list 10 deny 192.169.3.0 0.0.0.255 C. access-list 10 permit 192.169.3.0 0.0.255.255 D. access-list 10 deny 192.169.3.0 255.255.255.0 E. access-list 10 permit 192.169.3.0 255.255.255.0 13. Which ACL will prevent, and log, all traffic from the entire blacklisted network of 6.6.6.0/24? A. access-list 34 deny 6.6.6.0 0.0.0.0 log B. access-list 134 deny ip 6.6.6.0 0.0.0.255 log C. access-list 19 deny 6.6.6.0 0.0.0.0 any log D. access-list 10 deny ip 6.6.6.0 0.0.0.255 log E. access-list 67 deny 6.6.6.0 0.0.0.255 log 14. Why is source based IP Filtering, such as Standard ACLs, not very reliable? A. The ACLs need to be placed close to the destination B. The ACLs need to be placed close to the source C. Source IP Addresses are not easily spoofed D. Source IP Addresses are easily spoofed E. They filter only at Layer 4

15. Which ACL will allow http traffic to the web server at 155.144.10.5? A. access-list 137 permit ip any 155.144.10.5 80 B. access-list 199 permit tcp any 155.144.10.5 eq www C. access-list 137 permit tcp any host 155.144.10.5 eq 80 D. access-list 177 permit ip any 155.144.10.5 eq 80 E. access-list 268 permit tcp any host 155.144.10.5 eq http 16. Which.NET technique overcomes DLL Hell? A. Web.config B. CardSpace C. Role-based Security D. Global Assembly Cache E. Not using DLLs 17. Which is not seen to be a component of a secure ASP.NET applications? A. Authorization B. Authentication C. Backplane security D. Secure Communications 18. Which defines what clients are allowed to do and see within applications? A. Authentication B. Authorization C. Secure Communications D. Validation E. Delegation

19. For external systems, what should you always assume? A. That they are always secure B. That they are always insecure C. That they are intermittent in their security D. That some sections are always secure 20. For ASP.NET layered architecture, which layer provides core functionality of the system and encapsulation of business logic? A. User services B. Business services C. Data services D. Encapsulation services 21. What does.net use to provide different DLL versions to be supported? A. MSIL B. Global Assembly Cache C. Framework Class Library D. Common Language Specification 22. Which file contains the security settings for an ASP.NET Web service? A. Web.config B. Assembly.cs C. main.aspx D. Web.xml E. Encyt.xml

23. Which command line option would generate the encryption keys for a strong name in a.net assembly? A. sn -s B. sn -k C. sn -r D. sn -o E. sn -e 24. Which is the following is not stored in an assembly? A. Assembly name B. A public key C. Relationships between assemblies D. A version number E. The type of operating system used 25. Which applications require the strongest security? A. Web services, and in.net remoting B. Console applications, and in.net remoting C. Windows applications, and in.net remoting D. Web services, and in Console applications 26. What occurs when a remote user tries to access the Web.config file on the Web server? A. It is viewed within the Web browser. B. It is installed on the local machine. C. It locks the file. D. It displays a message that it is forbidden to access the file.

27. You are creating an XML Web service named TimeEntryService for LawyersTK. You need to configure mywebservice to meet these requirements from users of the law firm: - Users cannot afford to forget passwords - Login time is not an issue - Client must have a trustworthy credential Which type of authentication should you use? A. Basic B. Digest C. Anonymous D. Client Certificate 28. What is the main advantage of the Global Assembly Cache in.net? A. It stores different versions of DLLs B. It allows hardware compatibility C. It provides common classes, methods and properties D. It supports different programming languages E. It stores different versions of application programs 29. Which refers to the collection of security settings that affect the security-related behaviour of a process or thread? A. Authentication B. Authorization C. Secure Communications D. Validation E. Security Context

30. Which method is used with WindowsPrincipal (myprin) to test a role? A. myprin.isinrole() B. myprin.whererole() C. myprin.isrole() D. myprin.testrole()

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information