1
The security administrator needs to configure the corporate firewall to let all public IP addresses on the firewall’s internal interface to be translated to 1 public IP-address on the same firewall’s external interface. Which of the following should they configure?
2
Which of the following security devices can be replicated on a Linux-based computer using IP tables to properly handle and inspect network-based traffic?
3
Which of the following firewall type inspects Ethernet traffic at the MOST levels of the OSI model?
4
The Chief Information Security Officer (CISO) has mandated that al IT systems with credit card data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO’s requirements?
5
Which of the following network design elements allows for many internal devices to share one public IP address?
6
Which of the following is a best practice when securing a switch from physical access?
7
Which of the following devices would be MOST useful to ensure availability when there is a large number of requests on a certain website?
8
Pete, the system administrator, wishes to monitor and limit users’ access to external websites. Which of the following would BEST address this?
9
Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task?
10
Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?
11
Pete, a security administrator, has observed repeated attempts to break into the network. Which of the
following is designed to stop an intrusion on the network?
12
An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here?
13
In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?
14
Joe, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario?
15
Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?
16
Which the following flags are used to establish a TCP connection? (Select TWO).
17
Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites?
18
Pete, the system administrator, wants to restrict access to advertisements, games, and gambling websites. Which of the following devices would BEST achieve this goal?
19
Layer 7 devices used to prevent specific types of html tags are called: