Comptia Security Plus Mock Test Q94

Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?

A. Protocol filter
B. Load balancer
C. NIDS
D. Layer 7 firewall

Correct Answer: D
Section: Network Security

Explanation:
An application-level gateway firewall filters traffic based on user access, group membership, the application or service used, or even the type of resources being transmitted. This type of firewall operates at the Application layer (Layer 7) of the OSI model.

Incorrect Answers:
A: The Protocol Filter feature is used to block unwanted traffic from your network. The feature is commonly used to make sure employees, students or end users are using their
Internet access for its intended productive use.

B: A load balancer is used to distribute network traffic load across a number of network links or network devices.

C: A network-based IDS (NIDS) watches network traffic in real time, and is reliable for detecting network-focused attacks, such as bandwidth-based DoS attacks.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 6, 10, 82
http://www.clearcenter.com/support/documentation/clearos_enterprise_5.1/user_guide/protocol_filter

Comptia Security Plus Mock Test Q27

Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model?

A. WAF
B. NIDS
C. Routers
D. Switches

Correct Answer: A
Section: Network Security

Explanation:
A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified.
As the protocols used to access a web server (typically HTTP and HTTPS) run in layer 7 of the OSI model, then web application firewall (WAF) is the correct answer.

Incorrect Answers:
B: A NIDS (Network Intrusion Detection System) operates in layer 2 of the OSI model, not layer 7.
C: Routers operate in layer 3 of the OSI model, not layer 7.
D: Switches operate in layer 2 of the OSI model, not layer 7.

References:
https://owasp.org/index.php/Web_Application_Firewall
http://en.wikipedia.org/wiki/OSI_model

Comptia Security Plus Mock Test Q24

Layer 7 devices used to prevent specific types of html tags are called:

A. Firewalls
B. Content filters
C. Routers
D. NIDS

Correct Answer: B
Section: Network Security

Explanation:
A content filter is a type of software designed to restrict or control the content a reader is authorised to access, particularly when used to limit material delivered over the Internet via the Web, e-mail, or other means. Because the user and the OSI layer interact directly with the content filter, it operates at Layer 7 of the OSI model.

Incorrect Answers:
A, C, D: These devices deal with controlling how devices in a network gain access to data and permission to transmit it, as well as controlling error checking and packet
synchronization. It, therefore, operates at Layer 2 of the OSI model.

References:
http://en.wikipedia.org/wiki/Content-control_software#Types_of_filtering
http://en.wikipedia.org/wiki/OSI_model

Comptia Security Plus Mock Test Q5

Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model?

A. Packet Filter Firewall
B. Stateful Firewall
C. Proxy Firewall
D. Application Firewall

Correct Answer: B
Section: Network Security

Explanation:
Stateful inspections occur at all levels of the network.

Incorrect Answers:
A: Packet-filtering firewalls operate at the Network layer (Layer 3) and the Transport layer (Layer 4) of the Open Systems Interconnect (OSI) model.

C: The proxy function can occur at either the application level or the circuit level.

D: Application Firewalls operates at the Application layer (Layer7) of the OSI model.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 98-100
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 6