CompTIA Security Plus Mock Test Q696

Which of the following devices is used for the transparent security inspection of network traffic by redirecting user packets prior to sending the packets to the intended destination?

A. Proxies
B. Load balancers
C. Protocol analyzer
D. VPN concentrator

Correct Answer: A
Section: Threats and Vulnerabilities

A proxy is a device that acts on behalf of other(s). A commonly used proxy in computer networks is a web proxy. Web proxy functionality is often combined into a proxy firewall.
A proxy firewall can be thought of as an intermediary between your network and any other network. Proxy firewalls are used to process requests from an outside network; the proxy
firewall examines the data and makes rule-based decisions about whether the request should be forwarded or refused. The proxy intercepts all of the packets and reprocesses them
for use internally. This process includes hiding IP addresses.
The proxy firewall provides better security than packet filtering because of the increased intelligence that a proxy firewall offers. Requests from internal network users are routed
through the proxy. The proxy, in turn, repackages the request and sends it along, thereby isolating the user from the external network. The proxy can also offer caching, should the
same request be made again, and it can increase the efficiency of data delivery.

Incorrect Answers:
B: A load balancer distributes traffic between servers. For example, you could have two or more web servers hosting your corporate website. The DNS record for the website will point
to the virtual IP of the load balancer. The load balancer will then share web requests between the web servers. A load balancer is not what is described in this question.
C: A Protocol Analyzer is program used to capture network data communications sent between devices on a network with the purpose of examining the data. Traffic is not ‘redirected’
to a Protocol Analyzer and the Protocol Analyzer does not then send the packets to the intended destination.
D: VPNs are used to make connections between private networks across a public network, such as the Internet. A VPN concentrator is a hardware device used to create remote
access VPNs. The concentrator creates encrypted tunnel sessions between hosts. A VPN concentrator is not what is described in this question.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 98

Comptia Security Plus Mock Test Q28

Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE).

A. Spam filter
B. Load balancer
C. Antivirus
D. Proxies
E. Firewall
G. URL filtering

Correct Answer: D,E,G
Section: Network Security

A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers.
Firewalls manage traffic using a rule or a set of rules.
A URL is a reference to a resource that specifies the location of the resource. A URL filter is used to block access to a site based on all or part of a URL.

Incorrect Answers:
A: A spam filter deals with identifying and blocking/filtering/removing unsolicited messages.

B: A load balancer is used to acquire more optimal infrastructure utilization, reduce response time, maximize throughput, decrease overloading, and remove bottlenecks.

C: An antivirus monitors the local system for the presence of malware in memory, in active processes, and in storage.

F: NIDS is reliable for detecting attacks directed against a host, whether they originate from an external source or are being perpetrated by a user locally logged in to the host.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 10, 18-21