Firewall Flashcards
What is a computer program or hardware device that is designed to block unauthorized access while permitting authorized communications based on a set of rules and other criteria
Firewall
Firewalls emerged in the 1980’s as a result of several high-profile breaches. What device did they evolve from?
From simple ACLs on Routers
Whats are the four basic firewall security designs?
- Packet
- Stateful Inspection
- Application Layer
- Hybrid
Which type of firewall is used on modern networks?
Hybrid
Which type of firewall is the simplest and filters packets based on a comparison of packet contents with filters in its rules?
Packet Filtering
Which type of firewall is essentially a packet-filtering design except that the system creates and maintains a session table to ensure every packet is part of a valid connection.
Stateful Inspection
Which type of firewall acts as a server to the internal client, but acts like a client to the external server? It is commonly referred to as a proxy firewall.
Application Layer
Hybrid firewalls can analyze traffic that is passed/dropped at what layers of the OSI model?
Layer 3 – Network Layer
Layer 4 – Transport Layer
Layer 7 – Application Layer
Whats is the Air Force’s enterprise firewall solution?
McAfee Sidewinder (appliance-based firewall)
What does Sidewinder call logical network partitions or zones? These are used by Type Enforcement to isolate networks of different regions of trust or security.
Burbs (they allow assignment to any interface on the firewall without modifying multiple rules)
What is the implementation of Mandatory Access Controls and is based on the principle of least privilege?
Type Enforcement
DNS can be handled in three different ways on Sidewinder, what are they?
- Transparent
- Single Server
- Split Server
In what DNS function does Sidewinder not act upon DNS queries, instead it passes DNS from internal to external if there is a rule for it. The system does not cache any queries nor participate in the DNS stream.
Transparent
In what Sidewinder DNS function are all DNS records on the firewall handled by a single server for all interfaces (not entirely secure)
Single Server
In what DNS function does Sidewinder have two separate servers on the firewall. The Internet server is only for the Internet burb and its queries. The Unbound server is for all other burbs. (The most secure method)
Split Server