Chapter 9 (Firewalls)

Question 1

is a firewall a single computer sys or a set of two ore more sys working together

Answer 1

can be both

Question 2

what are the 3 main design goals when making a firewall

Answer 2

all traffic inside to outside and vise versa must pass through the firewall

only authorized traffic allowed to pass

firewall itself is immune to penetration

Question 3

what is a firewall access policy

Answer 3

lists type of traffic authorized to pass through the firewall

Question 4

what are 4 characteristics that a firewall access policy could use to filter traffic

Answer 4

Question 5

what are some limits on firewall capabilities

Answer 5

cant protect against attacks which bypass firewall

cannot fully protect against internal threats

portable device can be infected outside of network and then brought in

Question 6

what does a packet filtering firewall applies its rules to

Answer 6

each incoming and outgoing ip packet

Question 7

what are the 2 default policies of a packet filtering firewall

Answer 7

discard: prohibit unless expressly permitted
forward: permit unless expressly prohibiited

Question 8

what are the 2 main advantages of packet filtering

Answer 8

simple

transparent to users and are very fast

Question 9

what is 1 main disadvantages of packet filtering

Answer 9

cannot prevent attacks that employ app specific vulnerablities or functions

Question 10

what does a stateful inspection firewall do

Answer 10

reviews packet info but also records info about tcp connections

Question 11

what is a bastion host

Answer 11

system identified as critical strong point in the network’s security

serves as platform for app level or circuit level gateway

runs locked down OS

Question 12

what is a host based firewall

Answer 12

used to secure individual host

available in operating systems

Question 13

what is a personal firewall

Answer 13

controls traffic between personal comp and internet or enterprise network

usually a software module