M16 Practice Quiz

#sec_infrastructure #network #network_security #ports #protocols

Question 1

  1. Lucia, a security analyst at Dion Training, wants a comprehensive solution that integrates various security features for her company's network, including antivirus, anti-spam, firewall, and intrusion detection capabilities in a single network appliance. Which of the following types of firewalls should she utilize to accomplish this?

    Options:

    • NGFW
    • Layer 4
    • WAF
    • UTM

    Overall explanation:

    • UTM (Unified Threat Management) is an all-in-one security solution that combines multiple security features into one appliance, including antivirus, anti-spam, firewall, and intrusion detection capabilities.
    • NGFW (Next-Generation Firewall) offers advanced functionalities beyond traditional firewalls, such as application awareness, integrated intrusion prevention systems (IPS), and identity awareness.
    • WAF (Web Application Firewall) is specifically designed to protect web applications from a variety of application layer attacks, such as cross-site scripting (XSS) and SQL injection.
    • Layer 4 Firewall operates at the transport layer of the OSI model and filters traffic based on source and destination IP addresses, ports, and protocols.

    Tags: Firewalls for Security

Question 2

  1. Satoshi, a network administrator at Dion Training, wants to mediate requests from clients seeking resources from other servers by helping to simplify requests, improve performance, and filter content. Which of the following should he utilize to accomplish this?

    Options:

    • Network sensor
    • Load balancer
    • Proxy server
    • Jump box

    Overall explanation:

    • A Proxy server acts as an intermediary between clients seeking resources and other servers, helping to simplify requests, improve performance, and filter content.
    • Load balancers distribute incoming network traffic across multiple servers to ensure no individual server is overwhelmed with too much traffic.
    • Jump boxes serve as secure access points and are typically used as an initial point of contact when connecting to a remote server or network segment.
    • Network sensors monitor and analyze network traffic patterns, typically used for detecting malicious activities or network performance issues.

    Tags: Network Appliances

Question 3

  1. Priya, a network engineer at Dion Training, wants to improve the management and operation of a wide area network by decoupling the networking hardware from its control mechanism. Which of the following should she utilize to accomplish this?

    Options:

    • IPSec
    • SD-WAN
    • EAP
    • SASE

    Overall explanation:

    • SD-WAN (Software-Defined Wide Area Network) is a technology that decouples the network hardware from its control mechanism, providing agility, optimized cloud application performance, and reduced costs.
    • EAP (Extensible Authentication Protocol) is a universal authentication framework often used in wireless networks and point-to-point connections.
    • IPSec (Internet Protocol Security) is a suite of protocols that encrypt and authenticate data traffic over IP networks.
    • SASE (Secure Access Service Edge) is a framework that combines network and security functions with WAN capabilities, delivering both as a cloud service.

    Tags: SD-WAN and SASE

Question 4

  1. Rajesh, a security specialist at Dion Training, wants to install a IDS or IPS so that is can actively block and prevent malicious traffic from entering a screened subnet in real-time. Which of the following should he do to accomplish this?

    Options:

    • Install the IPS as an in-line device
    • Install the IPS as a tap or monitor
    • Install the IDS as an inline device
    • Install the IDS as a tap or monitor

    Overall explanation:

    • Installing the IPS as an in-line device allows it to actively analyze and block malicious traffic in real-time.
    • An IDS is typically installed as a tap or monitor since it can only monitor and alert on malicious activities without blocking them.
    • Installing the IPS as a tap or monitor means it will only observe the traffic without actively interfering, and installing an IDS as an inline device is not typical since they are only designed to detect rather than prevent malicious traffic from entering a subnet.

    Tags: IDS and IPS, Infrastructure Considerations

Question 5

  1. Ling, a cybersecurity consultant at Dion Training, wants to select some effective security controls by prioritizing and implementing the controls based on the specific vulnerabilities and threats that the enterprise infrastructure is facing. Which of the following principles of effective control selection should they emphasize to more effectively use their limited resources while providing the best protection for the organization's infrastructure?

    Options:

    • Risk-based approach 
    • Least Privilege
    • Defense in depth
    • Open design

    Overall explanation:

    • A Risk-based approach underscores the need for the prioritization of controls based on potential risks and vulnerabilities specific to the infrastructure. With limited resources, organizations need to prioritize threats and vulnerabilities to best protect their infrastructure.
    • Defense in depth involves using multiple layers of security, ensuring that if one control fails, others can step in.
    • The open design principle focuses on transparency and accountability in infrastructure and controls.
    • Least Privilege ensures users or systems have only the necessary access rights to perform their duties.

    Tags: Selecting Infrastructure Controls