Firewalls 4.5

Question 1

Network Based Firewalls

Answer 1

• An appliance that sits in line with the organization;s network
• Dictates what traffic is allowed or disallowed.
• Filters traffic through the port numbers or the application.

Question 2

Next-Generation Firewall (NGFW)

Answer 2

• Inspects traffic by inspecting the source, the destination addresses, ports, and the content itself.

Question 3

Open Systems Interconnection (OSI) Layers

Answer 3

• A means of describing

Question 4

Firewalls as Layer 3 Routers

Answer 4

• Often sits on the ingress/egress of the network, or at the point where the inside network meets the outside network.
• Performs routing functions that include networking addressing translation and dynamic routing.

Question 5

Firewall Rules

Answer 5

• A mirror of the policy constraints at a particular point in the network.
• State whether a firewall should allow a particular traffic to pass through or block it.

Question 6

Firewalls Logical Path

Answer 6

• Will start at the top of the list of rules
• Will evaluate each rule until it matches
• Specific rules are usually at the top.

Question 7

Implicit Deny

Answer 7

• Most firewall rules have a deny set of rules at the bottom.
• If there is no match within rule based, the traffic is denied.

Question 8

Access Control List (ACL)

Answer 8

• A list associated with an object.
• Identifies the level of access.
• Identifies what the object can do.

Question 9

Screened Subnet

Answer 9

• Previously known as a demilitarized zone
• An area not owned by either side
• An additional layer of security between the user and the internet.

Question 10

Intrusion Prevention System

Answer 10

• Usually integrated into an NGFW.
• Has it’s own rule base.
• Monitors traffic in real time.
• Looks for a perfect match based on the signature of the incoming traffic.