PrepAway - Latest Free Exam Questions & Answers

Which of the following should Sara configure?

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the
internal interface of the firewall to be translated to one public IP address on the external interface of the same
firewall. Which of the following should Sara configure?

PrepAway - Latest Free Exam Questions & Answers

A.
PAT

B.
NAP

C.
DNAT

D.
NAC

Explanation:
Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple
devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to
conserve IP addresses.
Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP) assigns a single IP
address to the home network’s router. When Computer X logs on the Internet, the router assigns the client a
port number, which is appended to the internal IP address. This, in effect, gives Computer X a unique address.
If Computer Z logs on the Internet at the same time, the router assigns it the same local IP address with a
different port number. Although both computers are sharing the same public IP address and accessing the
Internet at the same time, the router knows exactly which computer to send specific packets to because each
computer has a unique internal address.
Incorrect Answers:
B: NAP is a Microsoft technology for controlling network access of a computer host based on system health of
the host.
C: Destination network address translation (DNAT) is a technique for transparently changing the destination IP
address of an end route packet and performing the inverse function for any replies. Any router situated between
two endpoints can perform this transformation of the packet. DNAT is commonly used to publish a service
located in a private network on a publicly accessible IP address. This use of DNAT is also called port
forwarding. DNAT does not allow for many internal devices to share one public IP address.
D: NAC is an approach to computer network security that attempts to unify endpoint security technology (such
as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and
network security enforcement.

http://searchnetworking.techtarget.com/definition/Port-Address-Translation-PAT
http://en.wikipedia.org/wiki/Network_Access_Protection
http://en.wikipedia.org/wiki/Network_address_translation#DNAT
http://en.wikipedia.org/wiki/Network_Access_Control


Leave a Reply