The Internet poses many security issues. What is characteristic of Internet security for corporate networks?

 Internet protocols have an inherent lack of security and Internet rules have loopholes that can be exploited. 

What can be used to repair security 'holes' in software?

 a security patch

Which layer of the OSI reference model is involved when an access list denies traffic to a specific port?

Layer 4 

/sbin/ipfw/add allow tcp from any to 10.90.0.3 80 What does the 80 signify in the ipfw configuration statement

well-known port for web servers 

What is one security advantage that magnetic access cards have over physical keys?

They allow the authorization to be revoked from a central server 

Which of the following are characteristics of a good password policy? (Select two.)

It should expire passwords after a specified time

It should require passwords that are a mixture of letters and numbers 

Which term describes an insecure host that has a permanent Internet connection and is used in a DDoS attack?

a zombie 

What is the purpose of a firewall?

preventing unwanted or malicious IP packets from reaching a network 

What can be done with a packet when using packet filtering?

It can be forwarded, dropped, or processed. 

What should an administrator do before installing a major software upgrade on a production server?

test the results on a test server 

When does it make sense to use a NOS as a firewall solution

if there is a low-traffic environment 

What is the first step in creating a security policy for a company network?

Define an Acceptable Use policy 

Which layers of the OSI model are examined in the most comprehensive form of stateful packet filtering?

3, 4, and 7 

Which agency discovers and studies Internet-related security vulnerabilities?

CERT/CC 

What is one method of implementing a firewall?

ACLs 

What is the only 100 percent effective measure to protect the network from outside attacks?

Disconnect from the outside network. 

Which type of DoS attack uses three-way handshaking to leave multiple 'half-open' connections?

TCP SYN 

Which of the following are examples of biometric security devices? (Select two.)

fingerprint reader

retinal scanner 

NAT is a process used to protect local networks from hackers. Which list of items applies to NAT?

It rewrites the addressing information in IP packets.
It protects private IP addresses from the Internet.
Outside hackers cannot directly reach private IP addresses. 

When do software manufacturers release security updates?

when vulnerabilities are discovered and fixed