2.1 : Quiz Firewall Flashcards

1
Q

(1)The most robust configuration in firewall rule base is:

A. Allow all traffic and deny the specified traffic
B. Deny all traffic and allow the specified traffic
C. Dynamically decide based on traffic
D.Control traffic on the basis of discretion of network administrator

A

Answer: B. Deny all traffic and allow the specified traffic

Explanation:
In any given scenario, most robust configuration in firewall rule is ‘deny all traffic and allow specific
traffic’ (as against ‘allow all traffic and deny specific traffic’). This will help to block unknown traffic
to critical systems and servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

(2)A packet filtering firewall operates on which layer of following OSI model?

A. Network layer
B. Application layer
C. Transport layer
D. Session layer

A

Answer: A. Network layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

(3)Which of the following would be the MOST secure firewall system implementation?

A. Screened-host firewall
B. Screened-subnet firewall
C. Dual-homed firewall
D. Stateful-inspection firewall

A

Answer: B. Screened-subnet firewall

Explanation:
Out of all types of firewall implementation structures, Screened Subnet Firewall provides greatest
security environment (as it implements 2 packet filtering router and 1 bastion host). It acts as proxy
and direct connection between internal network and external network is not allowed. A screened
subnet firewall is also used as a demilitarized zone (DMZ). Difference between screened-subnet
firewall and screened host firewall is that, screened-subnet firewall uses two packet filtering router
whereas screened-host firewall uses only one packet-filtering firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

(4)Which of the following types of firewalls provide the MOST secured environment?

A. Stateful Inspection
B. Packet filter
C. Application gateway
D. Circuit gateway

A

Answer: C. Application gateway
Explanation:

Out of all types of firewall, Application-Level Firewall provides greatest security environment (as it
works on application layer of OSI model).
Following is the major difference between application and circuit gateway:
· Application gateway works on application layer of OSI model and Circuit gateway works on
session layer.
· Application gateway has different proxies for each service whereas Circuit gateway has single
proxy for all services.
Therefore, application gateway works in a more detailed (granularity) way than the others.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

(5)An organization wants to protect a network from Internet attack. Which of the following firewall
structure would BEST ensure the protection?

A. Screened subnet firewall
B. Screened host firewall
C. Packet filtering router
D. Circuit-level gateway

A

Answer: A. Screened subnet firewall

Explanation:
Out of all types of firewall implementation structures, Screened Subnet Firewall provides greatest
security environment (as it implements 2 packet filtering router and 1 bastion host). It acts as proxy
and direct connection between internal network and external network is not allowed. A screened
subnet firewall is also used as a demilitarized zone (DMZ).
Difference between screened-subnet firewall and screened host firewall is that, screened-subnet
firewall uses two packet filtering router whereas screened-host firewall uses only one packetfiltering
firewall. Both works on the concept of bastion host and proxy.(

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

(6)The firewall that allows traffic from outside only if it is in response to traffic from internal hosts, is:

A. Application level gateway firewall
B. Stateful Inspection Firewall
C. Packet filtering Router
D. Circuit level gateway

A

Answer: B. Stateful Inspection Firewall

Explanation:
Stateful Inspection Firewall keeps track of the connection and ensures that incoming message is in
response to the request that went out of the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

(7)An organization with the objective of preventing downward of file through FTP (File Transfer
Protocol) should configure which of the firewall types ?

A. Stateful Inspection
B. Application gateway
C. Packet filter
D. Circuit gateway

A

Answer: B. Application gateway

Explanation:
Application gateway works on application layer of OSI model and effective in preventing
applications, such as FTPs and https. A circuit gateway firewall is able to prevent paths or circuits,
not applications, from entering the organization’s network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

(8)An organization wants to connect a critical server to the internet. Which of the following would provide the BEST protection against hacking?

A. Stateful Inspection
B. A remote access server
C. Application-level gateway
D. Port scanning

A

Answer: C. Application-level gateway
Explanation:

Out of all types of firewall, Application-Level Firewall provides greatest security environment (as it
works on application layer of OSI model).An application-level gateway is the best way to protect against hacking because it can define with detail rules that describe the type of user or connection
that is or is not permitted. It analyze each package in detail at application level of OSI which means
that it reviews the commands of each higher-level protocol such as HTTP, FTP etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

(9)An IS auditor should be most concern about which of the following while reviewing a firewall?

A. Properly defined security policy
B Use of latest firewall structure with most secure algorithm.
C. The effectiveness of the firewall in enforcing the security policy.
D. Technical knowledge of users.

A

Answer: The effectiveness of the firewall in enforcing the security policy.

Explanation:
In absence of effective firewall implementation, other factors will not be effective. The existence of a
good security policy is important, but if the firewall has not been implemented so as to effectively
enforce the policy, then the policy is of little value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

(10)While implementing a firewall, the most likely error to occur is:

A. wrong configuration of the access lists.
B. compromise of the password due to shoulder surfing.
C. inadequate user training about firewall rules.
D. inadequate anti-virus updation.

A

Answer: A. wrong configuration of the access lists.

Explanation:
Updation of correct and current access list is a significant challenge and, therefore, has the greatest
chance for errors at the time of the initial installation. Others are not an element in implementing a
firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

(11)The first step in installing a Firewall in a large organization is:

A. Develop Security Policy
B. Review firewall settings
C. Prepare Access Control List
D. Configure the firewall

A

Answer: A. Develop Security Policy

Explanation:
First step is to develop security policy and on the basis of approved security policy other steps to be
considered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

(12)Which of the following is the MOST critical function of a firewall?.
A. to act as a special router that connects different network.
B. device for preventing authorized users from accessing the LAN.
C. device used to connect authorized users to trusted network resources.
D. proxy server to increase the speed of access to authorized users.

A

Answer: C. device used to connect authorized users to trusted network resources.

Explanation:
Main and critical function of a firewall is to prevent unauthorised access to server. A firewall is a set
of related programs that protects the resources of a private network from users of other networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

(13)Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture?

A. Secure Sockets Layer (SSL) has been implemented.
B. Firewall policies are updated on the basis of changing requirements.
C. Inbound traffic is blocked unless the traffic type and connections have been specifically
permitted.
D. The firewall is placed on top of the commercial operating system with all installation options.

A

Answer: D. The firewall is placed on top of the commercial operating system with all installation
options.

Explanation:
Firewall Security can be compromised when all the installation options are kept open. Other
choices are prudent options for better firewall security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

(14)An IS auditor is reviewing firewall security of the organization. Which of the following is the BEST audit procedure to determine if a firewall is configured as per security policy?

A. Review incident logs.
B. Review Access Control List.
C. Review the actual procedures.
D. Review the parameter settings.

A

Answer: D. Review the parameter settings.

Explanation:
A review of the parameter settings will provide a good basis for comparison of the actual
configuration to the security policy and will provide audit evidence documentation. The other
choices do not provide as strong audit evidence as choice A.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

(15)Which of the following concerns would be addressed by a firewall?.

A. Unauthorized access from external network
B. Unauthorized access from internal network
C. A delay in Internet connectivity
D. A delay in system processing

A

Answer: A. Unauthorized access from outside the organization

Explanation:
Firewalls are meant to prevent outsiders from gaining access to an organization’s computer systems
through the Internet gateway.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly