Description of this paper

homework 6 part 2




Lab Assessment Questions & Answers;1. What are some common risks, threats, and vulnerabilities found in the LAN-to-WAN domain that must;be mitigated through a layered security strategy?;2. What is an access control list (ACL) and how is it useful in a layered security strategy?;60 Lab #7 | Auditing the LAN-to-WAN Domain for Compliance;37524_Lab07_Pass3.indd 60 19/04/13 1:30 AM;Auditing the LAN-to-WAN;Domain for Compliance;3. What is a bastion host? Provide an example of when a bastion host should be used and how.;4. Provide at least two examples of how the enclave requirement to place a firewall at the perimeter can be;accomplished.;5. What is the difference between a traditional IP stateful firewall and a deep packet inspection firewall?;6. How would you monitor for unauthorized management access attempts to sensitive systems?;7;Assessment Worksheet 61;37524_Lab07_Pass3.indd 61 19/04/13 1:30 AM;7. What is the significance of VLAN 1 traffic in a Cisco Catalyst LAN switch? Describe the vulnerabilities;associated with it if it traverses across an unnecessary trunk.;8. At what logging level should the syslog service be configured on a Cisco router, switch, or firewall device?;9. As defined in the Network Infrastructure Technology Overview, describe the three layers that can be;found in the DISA Enclave Perimeter layered security solution for Internet ingress/egress connections (for;instance, DMZ or Component Flow).;10. Which device in the Enclave Protection Mechanism Component Flow helps mitigate risks from users;violating acceptable use and unwanted websites and URL links?;62 Lab #7 | Auditing the LAN-to-WAN Domain for Compliance;37524_Lab07_Pass3.indd 62 19/04/13 1:30 AM;Auditing the LAN-to-WAN;Domain for Compliance;11. True or false: The Enclave Protection Mechanism includes both an internal IDS and external IDS when;connecting a closed network infrastructure to the public Internet.;12. True or false: Securing the enclave requires only perimeter security and firewalls.;13. What is the primary objective of this STIG as it relates to network infrastructures for DoD networks?;7;Assessment Worksheet 63;37524_Lab07_Pass3.indd 63 19/04/13 1:30 AM;37524_Lab07_Pass3.indd 64 19/04/13 1:30 AM


Paper#64373 | Written in 18-Jul-2015

Price : $22