Chapter 9 Flashcards
firewalls + intrusion prevention system
1
Q
firewall
A
inserted between premise network + internet to establish controlled link
- perimeter defence
2
Q
design goal of firewalle
A
- all traffic must pass through firewall
- only authorized traffic as defined by policy allowed to pass
- firewall immune to penetration
3
Q
firewall access policy
A
list of types traffic authorized - address range , protocols , applications, content types
4
Q
Firewall filter characteristics
A
- IP address + protocol values - packet filter - limit access to specific service
- application protocol - application level gateway - relay + monitor exchange of info for specific application protocols
- user identity - for inside users - use form of secure authentication
- network activity - control access based on time of request, rate of request , activity patterns
5
Q
firewall capabilities
A
- single choke point
- location for monitoring security events
- platform for several internet function that are not security related
- provide platform for IPSec
6
Q
firewall limitations
A
- cannot protect against inside attack
- cannot protect against attack bypassing firewall
- improperly secured WLAN can be accessed from outside
- BYOD
7
Q
packet filtering firewall
A
- apply rule to incoming + outgoing traffic
- rules based on matches in IP/TCP header
- info in network packet - source IP , destination IP, source + destination port address , IP protocol field, interface
- default policies -discard (prohibit by default) , forward (permit by default)
8
Q
advantages of packet filtering firewall
A
- simplicity
- transparent to users
- fast
9
Q
weaknesses of packet filtering
A
- cannot prevent attacks that employ application specific vulnerabilities
- limited logging functionality
- does not support advanced user authentication
- vulnerable to TCP/IP spoofing
- improper configuration can lead to breaches
10
Q
stateful inspection firewall
A
- create directory of outbound TCP connections
2.
11
Q
A
