An organization has an access control list implemented on the border router, but it appears that unauthorized traffic is still being accepted. Which of the following would the organization implement to improve the blocking of unauthorized traffic?
a. Loop protection
b. Flood guard
c. Implicit deny
d. Port security
Answer: C
Implicit deny is an access control practice wherein resource availability is restricted to only those logons explicitly granted access. Answer A is incorrect because the loop protection feature makes additional checks in Layer 2 switched networks. Answer B is incorrect because a flood guard is a firewall feature to control network activity associated with denial-of-service (DoS) attacks. Answer D is incorrect because port security is a Layer 2 traffic control feature on Cisco Catalyst switches. It enables individual switch ports to be configured to allow only a specified number of source MAC addresses coming in through the port.
Learn More :
Network Security
- The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:
- To snare intruders, many organizations now use _________ techniques.
- A fundamental technique to determine if an intrusion is in progress in a stable network is: a. anomaly detection b. armoring cable c. RSA algorithm d. patching e. scanning a user's fingerprint Answer: a. anomaly detection
- Which of the following is not a type of intrusion prevention system?
- Which of the following is not true about one-time passwords?
- Which of the following is a mode that is used by IPSec?
- IP Security Protocol:
- A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.
- __________ provide authentication which can legally prove who sent a message over a network.
- DES:
- A brute force attack against an encryption system:
- A symmetric encryption system has two parts: the key and the ____________.
- Encryption is the process of:
- A way to prevent intrusion by disguising information through algorithms is:
- Spyware, adware and DDOS agents are three types of:
- A security hole is a(n):
- A(n) _________ is a type of application level firewall that is transparent so that no other computer notices that it is on the network.
- A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization's networks.
- IP spoofing means to:
- A(n) ____________ examines the source and destination address of every network packet that passes through it.
- A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network.
- __________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network.
- With ANI security control, the network manager:
- The use of a(n) _________ prevents unauthorized intruders from accessing a computer network because the host or server will only permit access via inbound calling from prespecified phone numbers.
- A sniffer program is a: