Quiz: Using the network to secure the application layer

A five-question multiple-choice quiz to test your understanding of the content presented by expert Michael Cobb in this lesson of SearchSecurity.com's Integration of Networking and Security School.

SearchSecurity.com Security School
 

This quiz is part of Using the network to secure the application layer, a lesson in SearchSecurity.com's Integration of Networking and Security School. Visit the Using the network to secure the application layer lesson page for additional learning resources.

1. Determine which of the following statements is not true -- When choosing the security devices to use in your network perimeter defenses, you need to:

  1. …let your security policy define your requirements.
  2. …review which risks a device can mitigate.
  3. …ensure you have the in-house skills and technical support to successfully deploy the device.
  4. …buy the top-of-the-line model that meets your requirements.
  5. …test the device's performance, scalability, and suitability for your specific network topology.

2. Determine which of the following statements is true -- Application-layer firewalls can help protect Layer 7 by:

  1. …examining the payload of packets and making decisions based on actual content.
  2. …authenticating users directly.
  3. …preventing unintentional or malicious actions by employees.
  4. …providing detailed logs of network traffic and requests, such as application-specific commands.
  5. All of the above.

3. Which of the following statements is the best description of the main role of network performance management?

  1. It measures, reports and controls the performance of network components.
  2. It measures trends and deviations from baselines.
  3. It delivers end-to end performance on the network.
  4. It avoids over-engineered and over-priced infrastructures.
  5. None of the above.

4. Vulnerability testing Web applications is a key stage in building your defenses of Layer 7. When should it be first incorporated into the application development process?

  1. At the application design stage. This is called threat modeling.
  2. Once the code has been written. This is called static analysis.
  3. At the beta test stage when the application can be executed. This is called dynamic analysis.
  4. At the deployment stage. This is called pre-go-live testing.
  5. Once the application is released and can be tested in its real life environment. This is called post-launch testing.

5. Which of the following statements about application-layer firewalls is correct?

  1. They analyze network traffic more quickly than traditional firewalls, but are more expensive.
  2. They analyze network traffic more slowly than traditional firewalls, and are more expensive.
  3. Because they can analyze the actual content of network traffic, other perimeter defenses are no longer required.
  4. Because they can analyze the actual content of network traffic, they should be placed wherever you need to connect devices and LAN segments together.
  5. Because they can analyze the actual content of network traffic, they ensure end-to-end network performance.
  6. Both A and D.

If you answered two or more questions incorrectly, revisit the materials from the lesson Using the network to secure the application layer:

This was first published in March 2007

Dig deeper on Network Device Management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close