首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
外语
While hackers with motives make headlines, they represent less than 20% of all net- work security breaches. More common are inst
While hackers with motives make headlines, they represent less than 20% of all net- work security breaches. More common are inst
admin
2013-01-29
57
问题
While hackers with motives make headlines, they represent less than 20% of all net- work security breaches. More common are instances of authorized users accidentally winding up where they should not be and inadvertently deleting or changing data. However, the Internet introduces another concern: some Internet surfers are bound to go where they have no business and, in so doing, threaten to wipe out data to which they should not have access.
Before picking a firewall, companies need to adopt security policies. A security policy states who or what is allowed to connect to whom or what. You can group all users by department or classification. The better firewall products let you drag and drop groups in a graphical user interface (GUI) environment to define network security easily.
Two methods are most often used together to establish an Internet firewall. They are application and circuit gateways, as well as packet filtering. With application and circuit gateways, all packets are addressed to a user-level application on a gate-way that relays packets between two points. With most application gateways, additional packet-filter machines are required to control and screen traffic between the gateway and the networks. A typical configuration includes two routers. With a bastion host that serves as the application gateway sitting between them.
A drawback to application and circuit gateways is that they slow network performance. This is because each packet must be copied and processed at least twice by all the communication layers. Packet-filter gateways, which act as routers between two nets, are less secure than application gateways but more efficient. They are transparent to many protocols and applications, and they require no changes in client applications, no specific application management or installation, and no extra hardware.
Using a single, unified packet-filter engine, all net traffic is processed and then for- warded or blocked from a single point of control. However, most packet filters are state- less, understand only low-level protocols, and are difficult to configure and verity. In addition, they lack audit mechanisms. Some packet filters are implemented inside routers, limiting computing power and filtering capabilities. Others are implemented as s9ftware packages that filter the packets in application-layer processes, an inefficient approach that requires multiple data copies, expensive delays and context switches and delivers lower throughput.
So what’s a network administrator to do? Some vendors are developing firewalls that overcome many of these problems and combine the advantages of application gateways and packet filtering. These efficient, protocol-independent, secure firewall engines are capable of application-level security, user authentication, unified support, and handling of all protocols, auditing and altering. They are transparent to users and to system setup, and include a GUI for simple and flexible system management and configuration.
Which of the following can be inferred from the passage concerning the networks using application and circuit gateways?
选项
A、Secure and speedy.
B、Secure but slow.
C、Insecure and slow.
D、Insecure but speedy.
答案
B
解析
解决这个问题首先要仔细阅读第四段,(A drawback to application and circuit gateways is that they slow network performance...Packet-filter gateways...are less secure than application gateways but more efficient.这几句话一个说的是应用网关的缺点是速度慢,另外在介绍信息过滤器法时说过滤法不太安全。由此可以推断应用网关的特点是速度慢但比较安全
转载请注明原文地址:https://kaotiyun.com/show/q41O777K
0
考博英语
相关试题推荐
Inrecentyears,manyAmericansofbothsexesandvariousageshavebecomeinterestedinimprovingtheirbodies.Theyhavebecom
Humanbeingsareanimals.Webreathe,eatanddigest,andreproducethesamelife【21】commontoallanimals.Inabiologicallabo
Thereweretwowidelydivergentinfluencesontheearlydevelopmentofstatisticalmethods.Statisticshadamotherwhowasdedi
Placingahumanbeingbehindthewheelofanautomobileoftenhasthesamecuriouseffectascuttingcertainfibresinthebrain
ThehistoryofWesternmusicproperlybeginswiththemusicoftheChristian,Church.ButallthroughtheMiddleAgesandevent
Neverhasastraitjacketseemedsoill-fittingorsoinsecure.TheEuroarea’s"stabilityandgrowthpact"wassupposedtostop
Althoughextinctionandimpacteventsarenaturalphenomena,wemustfindawaytopreventanimpactonEarthbysmallandlarge
ThegravitationalpulloftheEarthandmoonisimportanttousasweattempttoconquermoreandmoreofouter-space.Here’swh
ThegravitationalpulloftheEarthandmoonisimportanttousasweattempttoconquermoreandmoreofouter-space.Here’swh
BackinSeattle,aroundthecomerfromtheDiscoveryInstitute,StephenMeyerofferssomepeer-reviewedevidencethattheretrul
随机试题
氯丙嗪有较强的镇吐作用,但不能对抗前庭刺激引起的呕吐,如晕动症等。
下列文学常识表述错误的是()
关于新型隐球菌错误的是
糖尿病的慢性并发症有
初产妇临产后胎头未入盆应首先考虑
()是房地产经纪活动的基本主体,是房地产经纪服务的直接提供者。
当年形成的会计档案在会计年度终了后,应立即移交单位的会计档案管理机构。()
3.56636e+006
"Philosophy"usedtomean"loveofwisdom,"andpeopledevotedtheirlivestoitforthatreason.Nowadaysprofessionalphilosop
透明网桥的基本功能有学习、帧过滤和帧转发及生成树算法等功能,因此它可以决定网络中的路由,而网络中的各个站点均不负责路由选择。网桥从其某一端口收到正确的数据帧后,在其地址转发表中查找该帧要到达的目的站,若查找不到,则会(39);若要到达的目的站仍然在该端口上
最新回复
(
0
)