Which network firewall operates up to Layer 4 (Transport layer) of the OSI model and maintains information about the communication sessions which have been established between hosts on trusted and untrusted networks?

1. A. Group policy
2. B. Stateless
3. C. Stateful
4. D. Static packet-filter

Correct Answer: C
Stateful packet inspection firewalls Second-generation stateful packet inspection (also known as dynamic packet filtering) firewalls have the following characteristics:
They operate up to Layer 4 (Transport layer) of the OSI model and maintain state information about the communication sessions that have been established between hosts on the trusted and untrusted networks.
They inspect individual packet headers to determine source and destination IP address, protocol (TCP, UDP, and ICMP), and port number (during session establishment only) to
determine whether the session should be allowed, blocked, or dropped based on configured firewall rules.
After a permitted connection is established between two hosts, the firewall creates and
deletes firewall rules for individual connections as needed, thus effectively creating a tunnel that allows traffic to flow between the two hosts without further inspection of individual packets during the session.
This type of firewall is very fast, but it is port-based and it is highly dependent on the trustworthiness of the two hosts because individual packets aren’t inspected after the connection is established.

How does DevSecOps improve the Continuous Integration/Continuous Deployment (CI/CD) pipeline?

1. A. DevSecOps improves pipeline security by assigning the security team as the lead team for continuousdeployment
2. B. DevSecOps ensures the pipeline has horizontal intersections for application code deployment
3. C. DevSecOps unites the Security team with the Development and Operations teams to integrate security into the CI/CD pipeline
4. D. DevSecOps does security checking after the application code has been processed through the CI/CD pipeline

Correct Answer: C
DevSecOps takes the concept behind DevOps that developers and IT teams should work together closely, instead of separately, throughout software delivery and extends it to include security and integrate automated checks into the full CI/CD pipeline. The integration of the CI/CD pipeline takes care of the problem of security seeming like an outside force and instead allows developers to maintain their usual speed without compromising data security

Why have software developers widely embraced the use of containers?

1. A. Containers require separate development and production environments to promote authentic code.
2. B. Containers share application dependencies with other containers and with their host computer.
3. C. Containers simplify the building and deploying of cloud native applications.
4. D. Containers are host specific and are not portable across different virtual machine hosts.

Correct Answer: C

Which IPsec feature allows device traffic to go directly to the Internet?

1. A. Split tunneling
2. B. Diffie-Hellman groups
3. C. d.Authentication Header (AH)
4. D. IKE Security Association

Correct Answer: A
"Or split tunneling can be configured to allow internet traffic from the device to go directly to the internet, while other specific types of traffic route through the IPsec tunnel, for acceptable protection with much less
performance degradation."

Order the OSI model with Layer7 at the top and Layer1 at the bottom.

Solution:


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A