A security administrator is creating a subnet on one of the corporate firewall interfaces to use as a DMZ which is expected to accommodate at most 14 physical hosts. Which of the following subnets would BEST meet the requirements?
A. 192.168.0.16 255.25.255.248 B. 192.168.0.16/28 C. 192.168.1.50 255.255.25.240 D. 192.168.2.32/27
A penetration testing is preparing for a client engagement in which the tester must provide data that proves and validates the scanning tools’ results. Which of the following is the best method for collecting this information?
A. Set up the scanning system’s firewall to permit and log all outbound connections B. Use a protocol analyzer to log all pertinent network traffic C. Configure network flow data logging on all scanning system D. Enable debug level logging on the scanning system and all scanning tools used.
During a third-party audit, it is determined that a member of the firewall team can request, approve, and implement a new rule-set on the firewall. Which of the following will the audit team most l likely recommend during the audit out brief?
A. Discretionary access control for the firewall team B. Separation of duties policy for the firewall team C. Least privilege for the firewall team D. Mandatory access control for the firewall team
Which of the following delineates why it is important to perform egress filtering and monitoring on Internet connected security zones of interfaces on a firewall?
A. Egress traffic is more important than ingress traffic for malware prevention B. To rebalance the amount of outbound traffic and inbound traffic C. Outbound traffic could be communicating to known botnet sources D. To prevent DDoS attacks originating from external network
A server administrator needs to administer a server remotely using RDP, but the specified port is closed on the outbound firewall on the network. The access the server using RDP on a port other than the typical registered port for the RDP protocol?
The firewall administrator is adding a new certificate for the company’s remote access solution. The solution requires that the uploaded file contain the entire certificate chain for the certificate to load properly. The administrator loads the company certificate and the root CA certificate into the file. The file upload is rejected. Which of the following is required to complete the certificate chain?
A. Certificate revocation list B. Intermediate authority C. Recovery agent D. Root of trust
The security administrator receives a service ticket saying a host based firewall is interfering with the operation of a new application that is being tested in development. The administrator asks for clarification on which ports need to be open. The software vendor replies that it could use up to 20 ports and many customers have disabled the host based firewall. After examining the system the administrator sees several ports that are open for database and application servers that only used locally. The vendor continues to recommend disabling the host based firewall. Which of the following is the best course of action for the administrator to take?
A.rong> Allow ports used by the application through the network firewall B. Allow ports used externally through the host firewall C. Follow the vendor recommendations and disable the host firewall D. Allow ports used locally through the host firewall
An organization currently uses FTP for the transfer of large files, due to recent security enhancements, is now required to use a secure method of file transfer and is testing both SFTP and FTPS as alternatives. Which of the following ports should be opened on the firewall in order to test the two alternatives? (Select Two)
A. TCP 22 B. TCP 25 C. TCP 69 D. UDP 161 E. TCP 990 F. TCP 3380
A security technician wants to implement stringent security controls over web traffic by restricting the client source TCP ports allowed through the corporate firewall. Which of the following should the technician implement?
A. Deny port 80 and 443 but allow proxies B. Only allow port 80 and 443 C. Only allow ports above 1024 D. Deny ports 80 and allow port 443