Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on
the internal interface of the firewall to be translated to one public IP address on the external interface of
the same firewall. Which of the following should Sara configure?
A.
PAT
B.
NAP
C.
DNAT
D.
NAC
Explanation:
Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple
devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to
conserve IP addresses.
Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP) assigns a single IP
address to the home network’s router. When Computer X logs on the Internet, the router assigns the
client a port number, which is appended to the internal IP address. This, in effect, gives Computer X a
unique address. If Computer Z logs on the Internet at the same time, the router assigns it the same local
IP address with a different port number. Although both computers are sharing the same public IP address
and accessing the Internet at the same time, the router knows exactly which computer to send specific
packets to because each computer has a unique internal address.
Incorrect Answers:
B: NAP is a Microsoft technology for controlling network access of a computer host based on system
health of the host.C: Destination network address translation (DNAT) is a technique for transparently changing the
destination IP address of an end route packet and performing the inverse function for any replies. Any
router situated between two endpoints can perform this transformation of the packet. DNAT is
commonly used to publish a service located in a private network on a publicly accessible IP address. This
use of DNAT is also called port forwarding. DNAT does not allow for many internal devices to share one
public IP address.
D: NAC is an approach to computer network security that attempts to unify endpoint security technology
(such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication
and network security enforcement.http://searchnetworking.techtarget.com/definition/Port-Address-Translation-PAT
http://en.wikipedia.org/wiki/Network_Access_Protection
http://en.wikipedia.org/wiki/Network_address_translation#DNAT
http://en.wikipedia.org/wiki/Network_Access_Control
Can someone confirm how accurate these question and answers are, and when they took the test and used them to study for Security +?
0
1
If this version (v5) is similar to the previous version (v4), then there are a significant number of wrong answers. But its good practice to justify each answer. Also note that others have mentioned that these are old questions and are not on the actual exam.
0
1
P.S. Download that 1867q SY0-401 dumps for free here:
https://doc.co/FTT4SW
Good Luck!
0
1
Hi there MK, I’m thinking to test next week, is it possible I could get in contact with you to get some help bro? Thanks.
0
1
MK could we get in contact to see if I could get some more tips from you as I’m thinking to test next week. Thanks.
0
1
Took the Security + exam today….maybe 5 questions came from here. However, this is still good study material. I scored just shy of passing.
0
1
Can you please provide more detail on how to answer simulation 1 and 2. THX
0
1