Signature Identification?
I'll be taking the N+ in a couple days and am going over some practice exams and came over this question.
Which of the following is used to verify configuration updates on a firewall? The answer is signature identification. Can someone please explain what signature identification is and how it applies here? I'm having difficulty finding the answer. Thanks in advance.
Which of the following is used to verify configuration updates on a firewall? The answer is signature identification. Can someone please explain what signature identification is and how it applies here? I'm having difficulty finding the answer. Thanks in advance.
Comments
not sure what the rules are on linking other sites, but you can google signature identification firewall and there are some write-ups on it.
From Wikipedia on Intrusion Prevention Systems. Gave the N+ book to someone that I work with, or else I would look it up. and I was at work with a very limited firewall/proxy to what sites I van get to.
One thing to be wary of is that some practice test questions that do not include explanations have incorrect answers. In other words, it may not be a correct answer.
One possibility is that this is referring to a hash used as a signature to verify that the updates have not been modified. In other words, a vendor can release a file that can be used to update the configuration of a firewal. They can also create a hash of the file which can be used to verify the downloaded file has not been modified. I can envision how someone can refer to this hash as a signature for the configuration file, and call it "signature identification", but this isn't common terminology in my experience.
CompTIA A+, Network+, Security+ Blogs
Daily Network+ and Security+ Test Taking Tips on Twitter
The practice exam I am using is for the N10-004.
Darril, I run across a decent number of incorrect answers in every practice exam I have used in the past but the one I am currently using has a good reputation based on both my own experience with the A+, and friends experiences with t he N+ that I am about to take. I take your response to mean that there are practice exams out there the give explanations for each answer. Can you fill me in on where these practice exams are?
Rakurai, I'd be interested to know if the text book you were using mention signature identification specifically. I know the two text books I am using do not mention it.
Overall, I'm going to take what all of you said and just let it rest. There is obviously more important things to focus on.
Thanks to everyone.
It sounds like whoever wrote the question didn't fully understand either concept, which would be why you can't find a decent answer. Darril's explanation is right on, but I think that's pretty far out of scope for a Net+ exam.
I see questions like this on nearly every practice test. It just seems like someone started googling keywords and slapping together some terms and calling it a practice test.
I agree too. I would think that both how a firewall detects based on signature or if it refers to MD5 hashing to verify the integrity of the file with where you downloaded it from, that they should be more in the Security+ cert instead. I did a 5 day bootcamp for N+ and took the test not 2 weeks ago (bootcamp didn't teach me much) but I think that the topic wasn't really discussed. I would be the safe one and just have a rough overview of each for that "just in case" question that may cover it (and I think that what has been said in this thread covers a rough idea of the two).