Home > Quiz: Using the network to secure the application layer
Quiz:
EMAIL THIS LICENSING & REPRINTS

Quiz: Using the network to secure the application layer

17 Mar 2007 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

SearchSecurity.com Security School
This quiz is part of Using the network to secure the application layer, a lesson in SearchSecurity.com's Integration of Networking and Security School. Visit the Using the network to secure the application layer lesson page for additional learning resources.

1. Determine which of the following statements is not true -- When choosing the security devices to use in your network perimeter defenses, you need to:

  1. …let your security policy define your requirements.
  2. …review which risks a device can mitigate.
  3. …ensure you have the in-house skills and technical support to successfully deploy the device.
  4. …buy the top-of-the-line model that meets your requirements.
  5. …test the device's performance, scalability, and suitability for your specific network topology.

2. Determine which of the following statements is true -- Application-layer firewalls can help protect Layer 7 by:

  1. …examining the payload of packets and making decisions based on actual content.
  2. …authenticating users directly.
  3. …preventing unintentional or malicious actions by employees.
  4. …providing detailed logs of network traffic and requests, such as application-specific commands.
  5. All of the above.

3. Which of the following statements is the best description of the main role of network performance management?

  1. It measures, reports and controls the performance of network components.
  2. It measures trends and deviations from baselines.
  3. It delivers end-to end performance on the network.
  4. It avoids over-engineered and over-priced infrastructures.
  5. None of the above.

4. Vulnerability testing Web applications is a key stage in building your defenses of Layer 7. When should it be first incorporated into the application development process?

  1. At the application design stage. This is called threat modeling.
  2. Once the code has been written. This is called static analysis.
  3. At the beta test stage when the application can be executed. This is called dynamic analysis.
  4. At the deployment stage. This is called pre-go-live testing.
  5. Once the application is released and can be tested in its real life environment. This is called post-launch testing.

5. Which of the following statements about application-layer firewalls is correct?

  1. They analyze network traffic more quickly than traditional firewalls, but are more expensive.
  2. They analyze network traffic more slowly than traditional firewalls, and are more expensive.
  3. Because they can analyze the actual content of network traffic, other perimeter defenses are no longer required.
  4. Because they can analyze the actual content of network traffic, they should be placed wherever you need to connect devices and LAN segments together.
  5. Because they can analyze the actual content of network traffic, they ensure end-to-end network performance.
  6. Both A and D.

If you answered two or more questions incorrectly, revisit the materials from the lesson Using the network to secure the application layer:

  • Webcast: Balancing security and performance: Protecting Layer 7
  • Tip: Defending layer 7: A look inside application-layer firewalls
  • Podcast: Fact or fiction: A holistic approach to application layer security

    If you answered four or more questions correctly, return to SearchSecurity.com's Integration of Networking and Security School and begin another lesson, or try another school in SearchSecurity.com's Security School Course Catalog.

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


    RELATED CONTENT
    Using the network to secure the application layer
    Defending layer 7: A look inside application-layer firewalls
    Balancing security and performance - Protecting Layer 7 on the network

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary




    • Search Additional Security Research and Solutions
    Find Security Channel Research for Resellers and Partners
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




    All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts