Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

INFO-5123 Firewalls > Final Exam > Flashcards

Final Exam Flashcards

1
Q

What are some firewall best practices?

A 
Principle of least privilege
Trust but verify
Change management
Rule cleanup
Logging
Alerting
Patches and updates
Secure remote management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the types of firewalls?

A 
Static packet filtering
Stateful packet inspection
Next generation firewall (NGFW)
Web Application Firewall (WAF)
Zero trust security model
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Palo Alto PAN-OS?

A

The operating platform of Palo Alto’s next-generation firewall software that runs on all current generation physical and virtual appliances which supports small business firewall appliances from 100 Mbps to carrier grade chassis that support over 200 Gbps.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the different ways to control PAN-OS?

A

From the command line, through a webGUI, Panorama API, as well as through SNMP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What features does PAN-OS support?

A 
IPv4 and IPv6 network protocols
Zone-Based Architecture
Virtual Private Networking (VPN)
High Availability
QoS Traffic Shaping
Virtual Routing and Firewall Configurations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PAN-OS bases its advanced firewall technologies on what three tenants?

A

Identifying the Application (App-ID)
Identifying the User (User-ID)
Identifying the Content (Content-ID)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are security zones?

A

Allow for granular policy-based control. Traffic between zone interfaces can be independently identified and controlled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are security policies?

A

Enforced by configuring rules on the firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are PAN-OS’s default policy entries?

A

An intrazone-default, that allows traffic within a zone by default
An interzone-default, that denies traffic between zones by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are firewall objects?

A

Physical and virtual network components.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the categories objects are divided into?

A

Network objects - addresses, hosts, address groups
Applications and services - applications, app types, services, protocols
Security profiles - antivirus, anti-spyware, URL/Data filtering
User - users, user groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the three deployment options?

A

Tap
Virtual wire
Layer 3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Firewall Session Setup

A
  1. Source Zone
  2. Zone/DoS Protection
  3. Forwarding Lookup (PBF)
  4. Destination Zone (+DNAT check)
  5. Security Policy Check
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Palo Alto Firewalls are stateful (T/F)

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are UUIDs?

A

Universally Unique Identifiers are assigned to a policy rule when it is created and provides a trail that captures all changes made to a rule including who made the most recent changes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the three types of Source NAT?

A

Static IP
Dynamic IP
Dynamic IP and Port (DIPP)

INFO-5123 Firewalls (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions