Which of the following types of firewalls provide the
GREATEST degree and granularity of control?
A. Screening router
B. Packet filter
C. Application gateway
D. Circuit gateway
- 1 Answers
- 13361 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The application gateway is similar to a circuit gateway, but
it has specific proxies for each service. To be able to
handle web services it has an HTTP proxy, which acts as an
intermediary between externals and internals, but
specifically for HTTP. This means that it not only checks
the packet IP addresses (layer 3) and the ports it is
directed to (in this case port 80, layer 4), it also checks
every http command (layer 5 and 7). Therefore, it works in a
more detailed (granularity) way than the others. Screening
router and packet filter (choices A and B) basically work at
the protocol, service and/or port level. This means that
they analyze packets from layers 3 and 4 (not from higher
levels). A circuit-gateway (choice D) is based on a proxy or
program that acts as an intermediary between external and
internal accesses. This means that, during an external
access, instead of opening a single connection to the
internal server, two connections are established-one from
the external to the proxy (which conforms the
circuit-gateway) and one from the proxy to the internal.
Layers 3 and 4 (IP and TCP) and some general features from
higher protocols are used to perform these tasks.
| Is This Answer Correct ? | 5 Yes | 1 No |
For which of the following applications would rapid recovery be MOST crucial? A. Point-of-sale system B. Corporate planning C. Regulatory reporting D. Departmental chargeback
Which of the following statements relating to packet switching networks is CORRECT? A. Packets for a given message travel the same route. B. Passwords cannot be embedded within the packet. C. Packet lengths are variable and each packet contains the same amount of information. D. The cost charged for transmission is based on packet, not distance or route traveled.
1 Answers Karura Community Chapel,
Losses can be minimized MOST effectively by using outside storage facilities to do which of the following? A. Provide current, critical information in backup files B. Ensure that current documentation is maintained at the backup facility C. Test backup hardware D. Train personnel in backup procedures
A data warehouse is: A. object orientated. B. subject orientated. C. departmental specific. D. a volatile databases.
An IS auditor performing a review of the EFT operations of a retailing company would verify that the customers credit limit is checked before funds are transferred by reviewing the EFT: A. system's interface. B. switch facility. C. personal identification number generating procedure. D. operation backup procedures.
An IS auditor reviewing the key roles and responsibilities of the database administrator (DBA) is LEAST likely to expect the job description of the DBA to include: A. defining the conceptual schema. B. defining security and integrity checks. C. liaising with users in developing data model. D. mapping data model with the internal schema.
Which of the following provides the framework for designing and developing logical access controls? A. Information systems security policy B. Access control lists C. Password management D. System configuration files
IS auditors who have participated in the development of an application system might have their independence impaired if they: A. perform an application development review. B. recommend control and other system enhancements. C. perform an independent evaluation of the application after its implementation. D. are involved actively in the design and implementation of the application system.
Which of the following is a check (control) for completeness? A. Check digits B. Parity bits C. One-for-one checking D. Prerecorded input
Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.
An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical hardware configuration is already established. The IS auditor should: A. take no action as the lack of a current plan is the only significant finding. B. recommend that the hardware configuration at each site should be identical. C. perform a review to verify that the second configuration can support live processing. D. report that the financial expenditure on the alternative site is wasted without an effective plan.
Electromagnetic emissions from a terminal represent an exposure because they: A. affect noise pollution. B. disrupt processor functions. C. produce dangerous levels of electric current. D. can be detected and displayed.
Cisco Certifications 
