Chapter 15 Flashcards
What is the DMZ used for?
It creates a security zone that allows public traffic but the traffic is isolated from the company private network. p. 528
what does it mean if a firewall is configured on defalt deny?
Only packets specified by the administrator are allowed through. p. 529
What does it mean if a firewall is configured on default alow?
All traffic is allowed through unless specifically blocked. p. 529
what is a network based firewall?
It is what companies use to protect their private network form public networks. p. 530
What is the defining charachteristic of a network based firewall?
it is designed to protect an entire network of computers instead of just one system. p. 530
What is the defining charachteristic of a host based firewall?
It protects only one machine. p. 530
what is the funciton of the ACL?
It is a part of your router that determines which machines are allowed to use the router and in what direction. p. 531
what is an ACL applied to a protocol?
A distribution list p. 532
what are two main types of ACLs?
Standard ACL
Extended ACL p. 533
Describe Standard ACLs.
They only use one source IP address in an IP packet as the condition precident to allowing or denying a suite of protocols. p. 532
Describe Extended ACLs.
They evaluate headers in layer 3 and 4 of an IP packet. They evaluate both source and destination IP addresses, the protocol field in the network layer header and the prot number at the trnasport layer header.
When do you employ port security?
When security needs to be maintained between users within the network. p. 533
True or false: People outside your network primarily access your web servers, FTP servers and mail relay servers.
True p. 534
true or false: Protocol switching works becasue most attacks take place on the TCP/IP stack.
True p. 534
Define packet filtering.
The ability of a router or a firewall to discard packets that dont meet the right criteria. p. 537
