07 - Firewalls and IDS Flashcards
List four techniques used by firewalls to control access and enforce a security policy.
What is a DMZ network and what types of systems would you expect to find on such networks?
What are the two main approaches to intrusion detection?
Explain the difference between network traffic analysis, payload analysis, and endpoint behaviour analysis.
A common management requirement is that “all external Web traffic must flow via the organization’s Web proxy.” However, that requirement is easier stated than implemented.
- Discuss the various problems and issues, possible solutions, and limitations supporting this requirement.
- In particular, consider issues such as identifying exactly what constitutes “Web traffic” and how it may be monitored, given the large range of ports and various protocols used by Web browsers and servers.
Explain the role of firewalls as part of a computer and network security strategy.
List the key characteristics of firewalls.
Understand the relative merits of various choices for firewall location and configurations.
Understand the basic principles of and requirements for intrusion detection.
Discuss the key features of intrusion detection systems.
Present an overview of the key elements of malware defence.
