A good practice is to trust no network traffic until it is proved to comply with security policy.

Amy is a network engineering consultant. She is designing security for a small to medium-sized government contractor working on a project for the military. The government contractor’s network is comprised of 30 workstations plus a wireless printer, and it needs remote authentication. Which of the following is a type of authentication solution she should deploy?

Felicia is a network engineer deploying a virtual private network (VPN) solution. The VPN operates using Secure Shell (SSH). When asked by a new help desk tech about which layer of the OSI model it employs, how does Felicia answer?

A company uses an Internet Protocol Security (IPSec) virtual private network (VPN) solution. It allows remote users to connect to the main office and allows communication between the main office and branch offices securely over the Internet. The main office network uses network address translation (NAT) with an internal IP address range of 192.168.0.1 to 192.168.0.254. Which of the following ranges must remote offices and users NOT use on their internal networks?

Amy is a network engineering consultant. She is designing security for a small to medium-sized government contractor working on a project for the military. The government contractor’s network is comprised of 30 workstations plus a wireless printer, and it needs remote authentication. Which of the following is a type of authentication solution she should deploy?

A drawback of multiple-vendor environments is the amount of network staff training that is typically needed.

An access control list (ACL) focuses on controlling a specific user’s or client’s access to a protocol or port.

A demilitarized zone (DMZ) is a boundary network that hosts resource servers for the public Internet.

Depending on the firewall, a single rule can sometimes define outbound and inbound communication parameters.

A company’s IT security engineer has noticed several employees periodically checking their social media accounts. One such platform allows chat, which can include sharing links, photos, and videos. When the engineer casually observes one user about to click a link to view a video, she stops the worker. Afterward, she approaches the chief information officer (CIO) and advises that all social media accounts be blocked, and that only online training videos authorized by the company be allowed to be viewed. What threat is the IT security engineer concerned about?