Which of the following types of firewalls provide the
GREATEST degree and granularity of control?
A. Screening router
B. Packet filter
C. Application gateway
D. Circuit gateway
- 1 Answers
- 13154 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The application gateway is similar to a circuit gateway, but
it has specific proxies for each service. To be able to
handle web services it has an HTTP proxy, which acts as an
intermediary between externals and internals, but
specifically for HTTP. This means that it not only checks
the packet IP addresses (layer 3) and the ports it is
directed to (in this case port 80, layer 4), it also checks
every http command (layer 5 and 7). Therefore, it works in a
more detailed (granularity) way than the others. Screening
router and packet filter (choices A and B) basically work at
the protocol, service and/or port level. This means that
they analyze packets from layers 3 and 4 (not from higher
levels). A circuit-gateway (choice D) is based on a proxy or
program that acts as an intermediary between external and
internal accesses. This means that, during an external
access, instead of opening a single connection to the
internal server, two connections are established-one from
the external to the proxy (which conforms the
circuit-gateway) and one from the proxy to the internal.
Layers 3 and 4 (IP and TCP) and some general features from
higher protocols are used to perform these tasks.
| Is This Answer Correct ? | 5 Yes | 1 No |
Programs that can run independently and travel from machine to machine across network connections, with the ability to destroy data or utilize tremendous computer and communication resources, are referred to as: A. trojan horses. B. viruses. C. worms. D. logic bombs.
An organization having a number of offices across a wide geographical area has developed a disaster recovery plan (DRP). Using actual resources, which of the following is the MOST cost-effective test of the DRP? A. Full operational test B. Preparedness test C. Paper test D. Regression test
Which of the following is a role of an IS steering committee? A. Initiate computer applications. B. Ensure efficient use of data processing resources. C. Prepare and monitor system implementation plans. D. Review the performance of the systems department.
A company performs full backup of data and programs on a regular basis. The primary purpose of this practice is to: A. maintain data integrity in the applications. B. restore application processing after a disruption. C. prevent unauthorized changes to programs and data. D. ensure recovery of data processing in case of a disaster.
Which of the following would be MOST appropriate to ensure the confidentiality of transactions initiated via the Internet? A. Digital signature B. Data encryption standard (DES) C. Virtual private network (VPN) D. Public key encryption
In a system that records all receivables for a company, the receivables are posted on a daily basis. Which of the following would ensure that receivables balances are unaltered between postings? A. Range checks B. Record counts C. Sequence checking D. Run-to-run control totals
Which of the following audit techniques would an IS auditor place the MOST reliance on when determining whether an employee practices good preventive and detective security measures? A. Observation B. Detail testing C. Compliance testing D. Risk assessment
Capacity monitoring software is used to ensure: A. maximum use of available capacity. B. that future acquisitions meet user needs. C. concurrent use by a large number of users. D. continuity of efficient operations.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
An existing system is being extensively enhanced by extracting and reusing design and program components. This is an example of: A. reverse engineering. B. prototyping. C. software reuse. D. reengineering.
The IS department of an organization wants to ensure that the computer files, used in the information processing facility, are backed up adequately to allow for proper recovery. This is a/an: A. control procedure. B. control objective. C. corrective control. D. operational control.
When a new system is to be implemented within a short time frame, it is MOST important to: A. finish writing user manuals. B. perform user acceptance testing. C. add last-minute enhancements to functionalities. D. ensure that code has been documented and reviewed.
Cisco Certifications 
