2.Firewall Types & Implementation

Question 1

Type of firewall

Answer 1

Packet filtering router
Stateful inspection
Circuit level
Application -level.

Question 2

Packet filtering router

Answer 2

· Simplest & earliest kind of firewall.
· Allow or Deny action is done as per IP address and port number of source & destination of packets.
· Works at Network Layer of OSI.

Question 3

Stateful inspection

Answer 3

· A Stateful Inspection firewall keeps track of the destination of each packet that leaves the internal network.
· It ensures that the incoming message is in response to the request that went out of the organization.
· Works at Network Layer of OSI.

Question 4

Circuit level

Answer 4

· Works on the concept of bastion host and proxy server.
· Same Proxy for all services.
· Works at Session Layer of OSI.

Question 5

Application -level.

Answer 5

· Works on the concept of bastion host and proxy server.
· Separate Proxy for each application.
· Works at Application Layer of OSI.
· Controls application such as FTP and HTTP.

Question 6

What is a bastion host

Answer 6

On the Internet, a bastion host is the only host computer that a company allows to be addressed directly from the public network and that is designed to protect the rest of its network from exposure.

Question 7

What firewalls work on the concept of bastion hosting

Answer 7

Circuit level and application level.

Question 8

What is a proxy

Answer 8

A proxy is a middleman. Proxy stands between internal and external network.
Proxy will not allow direct communication between two networks.
Proxy technology can work at different layer of OSI model

Question 9

What a circuit level proxy

Answer 9

A proxy based firewall that works

at lower layer (session layer) is referred to as circuit-level proxy.

Question 10

application level proxy

Answer 10

A proxy based firewall that works at higher layer (application layer) is called as an application level proxy

Question 11

Type of firewall implementation

Answer 11

Dual-homed firewall,
screened host firewall
screened subnet firewall (DMZ)

Question 12

Characteristic of Dual-honned firewall

Answer 12

· One Packet Filtering Router

· One bastion host with two NIC (Network Interface Card).

Question 13

Characteristic of screened host firewall

Answer 13

· One Packet Filtering Router

· One Bastion Host

Question 14

Characteristic of screened subnet firewall (DMZ)

Answer 14

· Two Packet Filtering Router

· One Bastion Host

Question 15

·Out of above firewalls, which firewall is the most secured type of firewall.

Answer 15

Application level

Question 16

Out of all firewall implementations, which type of firewall’s implementation provides greatest security environment.

Answer 16

Screen-Subnet Firewall (DMZ) is the most secured

type of firewall implementation.

Question 17

Robust firewall configuration rule

Answer 17

deny all traffic and allow specific traffic’ (as against ‘allow all traffic and deny specific traffic’).

Question 18

What traffic stateful Inspection Firewall allows

Answer 18

Traffic from outside only if it is in response to traffic from internal hosts

Question 19

On What layer is the packet filtering firewall?

Answer 19

Network Layer (3rd layer)

Question 20

On What layer is the statefull inspestion firewall?

Answer 20

Network Layer (3rd layer)

Question 21

On what layer is the circuit level firewall

Answer 21

Session layer (5th Layer)

Question 22

On what layer is the application level firewall

Answer 22

Application layer (7th layer)