Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Test Out Network + > Firewall Facts > Flashcards

Firewall Facts Flashcards

1
Q

Firewall

A
  • Software or hardware based network security system that allows or denies network traffic according to a set of rules
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Network based firewall

A
  • Is installed on the edge of a private network or network segment
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Network based firewall facts

A
  • Are considered hardware firewalls - even though they use a combination of hardware and software to protect the network from Internet attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Host based firewall

A
  • Installed on a single computer in a network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Host based firewall facts

A
  • Almost all host-based firewalls are software firewalls
  • Can be used to protect a computer when no network-based firewall exist(e.g. when connected to a public network)
  • Less expensive and easier to use than network-based firewalls, but the don’t offer the same level of protection or customization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ACL’s

A
  • Filtering rules to identify allowed and blocked traffic
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

ACL characteristics of traffic

A
  • The interface the rule applies to
  • The direction of traffic (inbound or outbound)
  • Packet information such as the source of destination IP address or port number
  • The action to take when the traffic matches the filter criteria
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Does firewall offer protection against all attacks

A

No example email spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Packet Filtering Firewall

A
  • Makes decisions about which network traffic t allow by examining information in the IP packet header such as source and destination addresses, ports, and service protocols
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Packet Filtering Firewall Facts

A
  • Uses ACLs or filter rules to control traffic
  • Operates at OSI Layer 3 (Network layer)
  • Offers high performance because it examines only the addressing information in the packet header
  • Can be implemented using features that are included in most routers
  • Is a popular solution because it is easy to implement and maintain, has a minimal impact on system performance and is fairly inexpensive
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Stateless firewall

A
  • Packet filtering firewall is considered stateless because it examines each packet and uses rules to accept or reject it w/o considering whether the packet is part of a valid and active session
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Circuit- level proxy

A
  • Makes decisions about which traffic to allow based on virtual circuits or sessions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Circuit-level proxy facts

A
  • Operates at OSI Layer 5 (Session)
  • Keeps a table of known connections and sessions. Packets directed to known sessions are accepted
  • Verifies that packets are properly sequenced
  • Ensures that the TCP 3-way handshake process occurs only when appropriate
  • Does not filter packets. Instead it allows or denies sessions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Stateful firewall

A
  • CLP is considered a stateful firewall because it keeps track of the state of a session.
  • CLP can filter traffic that uses dynamic ports because the firewall matches the session information for filtering and not the port numbers.
  • CLP are slower than PFF but if only the session state is being used for filtering a CLP can be faster after the initial session information has been identified.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Application level gateway

A
  • Is cable of filtering based on information contained within the data portion of a packet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Application level gateway facts

A
  • Examines the entirety of the content being transferred(not just individual packets)
  • Operates at OSI Layer 7 (Application layer)
  • Understands. or interfaces with the application layer protocol
  • Can filter based on user group and data (e.g. URLs within an HTTP request)
  • Is the slowest form of firewall because entire messages are reassembled at the Application layer
17
Q

Proxy server

A
  • Is an example of an application level gateway

* Is a device that stands as an intermediary between a secure private network and the public

18
Q

Proxy server can be configured to:

A
  • Control both inbound and outbound traffic
  • Increased performance by caching frequently accessed content. Content is retrieved from the proxy cache instead of the original server
  • Filter content and restrict access depending on the user or specific website
  • Shield or hide a private network
19
Q

Name the two types of Proxy Servers

A
  • Forward Proxy Server
  • Reverse Proxy Server
  • Oftentimes reverse proxies work transparently meaning that clients requesting specific resources don’t know they are using a reverse proxy to access a server
20
Q

Forward Proxy Server

A
  • Handles requests from inside a private network out to the Internet
21
Q

Reverse Proxy Server

A
  • Handles requests from the Internet to a server located inside a private network.
  • Can perform load balancing authentication and caching
22
Q

Unified Threat Management (UTM) Device

A
  • Combines multiple security features into a single network appliance
23
Q

UTM security features:

A
  • Firewall
  • VPN
  • Ant-spam
  • Anitvirus
  • Load balancing
24
Q

UTM (Pros and Cons)

A
  • By combining serval services into one appliance, UTM devices make managing network security easier
  • But they also introduce a single point of failure
  • If the UTM fails security is lost
  • UTM devices aren’t as robust as other devices made for a specific use
25
Q

UTM devices are best suited for:

A
  • Offices where space limits don’t allow for multiple security appliance
  • Satellite offices that need to be managed remotely. Configuration changes need to be made on only one device rather than multiple devices
  • Smaller businesses that wouldn’t benefit from the robust features provided by specific security appliance
26
Q

Using zones in a firewall

A
  • Each zone identifies a collection of users who have similar access needs
  • Firewalls are configured at the edge of these zones to filter incoming and outbound traffic
  • EX. you can define a zone hat includes all hosts on your private network protected from the Internet and you can define another zone within your network for controlled access to specific servers that hold sensitive information
27
Q

Next Generation Firewall (NGFW)

A
  • Combines a traditional firewall with other network device filter functionalities like an application firewall
28
Q

Next Generation Firewall (NGFW) features:

A
  • Is application-aware
  • Tracks the state of traffic based on layers 2 - 7
  • Utilizes an intrusion protection system (IPS)
  • Tracks the identity of the local traffic device and user (LDAP, RADIUS, and Active Directory)
  • Can be used in bridged and routed modes
  • Utilizes external intelligence sources

Test Out Network + (25 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions