ITSY 2430 Intrusion Detection Chapter Quiz 06 Name: __________________

advertisement
Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796
Chapter 6, Page 224
Prof. Michael P. Harris
ITSY 2430 Intrusion Detection
Name: __________________
Chapter Review Questions,
Chapter Quiz 06
Date: ________
VPN Implementation
1. Under what circumstances does a firewall need to be installed at the endpoint of
a VPN connection, and why?
2. A VPN domain is a group of computers ______.
3. In what type of VPN configuration must a router belong to the VPN domain?
4. Which of the following is an advantage of using a mesh VPN configuration?
5. Which of the following is an advantage of using a star VPN configuration?
6. Briefly describe split tunneling.
7. What client-side issues do you need to consider when designing your
VPN? (Choose all that apply.)
8. To set up a VPN, new hardware or software must always be
purchased. True or False?
9. Determining whether the network gateway is included in the VPN
domain depends on whether your network has a ____________ VPN
configuration.
Page 1 of 2
Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796
Chapter 6, Page 224
Prof. Michael P. Harris
10. In a multiple entry point configuration, you should exclude the
________from the domain.
11. Which of the following terms describes multiple routes in routing
tables that could cause some traffic to be routed incorrectly?
12. In a mesh topology, all participants in the VPN have _____________
with one another.
13. What is a main disadvantage of mesh VPNs?
14. What is a main disadvantage of star VPN topologies?
(Choose all that apply.)
15. Putting a VPN on the firewall has which of the following
disadvantages? (Choose all that apply.)
16. A VPN server configured to receive PPTP traffic listens for incoming
connections on port___________ and needs to receive GRE traffic
identified by protocol ID ________.
17. Which protocols and ports do you need to allow to pass when using
L2TP and IPSec? (Choose all that apply.)
18. _________ might be the only option when NAT traffic must pass
through a firewall.
19. There’s no need to set up packet-filtering rules on the perimeter
firewall for VPN traffic. True or False?
20. AH uses protocol ID _______.
Page 2 of 2
Download