Firewalls Flashcards

Question 1

Q

Firewalls can stop hackers from breaking into your system

Question 2

Q

Firewalls can stop internet traffic that appears to be from a legitimate source

Question 3

Q

Firewalls can stop viruses and worms that spread through the internet

Question 4

Q

Firewalls can stop spyware being put on your system

Question 5

Q

Firewalls can stop viruses and worms that are spread through email

Question 6

Q

Lists the types of traffic authorized to pass through the firewall

Answer

A

Firewall access policy

Question 7

Q

________ is developed from the organization’s information security risk assessment and policy, and a broad specification of which traffic types the organization needs to support

Answer

A

Firewall access policy

Question 8

Q

Firewalls cannot protect when

____ or ____

Answer

A

Traffic that does not cross it (routing around, internal traffic)

when misconfigured

Question 9

Q

Malware can disable:
A) Software Firewalls
B) Hardware Firewalls
C) Antivirus checkers

Question 10

Q

Firewalls can stop/control
A) Pings
B) Packet sniffing
C) Outbound network traffic

Question 11

Q

This type of firewall filtering makes decisions on a packet-by-packet basis

Answer

A

Packet Filtering (no state information is saved)

Question 12

Q

________ is the simplest and most efficient type of firewall filtering

Answer

A

Packet Filtering

Question 13

Q

What are packet filtering rules based on?

Answer

A

Information contained in the network packet

Source IP
Destination IP
Source & Dest transport level address
IP protocol field
interface

Question 14

Q

What are the 2 default policies of firewall packet filtering?

Answer

A

Discard (prohibit unless explicitly allowed)

Forward (permit unless explicitly forbidden) -> easier to manage, but less secure

Question 15

Q

What are the advantages of a Packet Filtering firewall?

Answer

A

Simplicity

* Typically transparent to users and very fast

Question 16

Q

What are the disadvantages of a Packet Filtering firewall?

Answer

A

Cannot protect against attacks that use application specific vulnerabilities
Limited logging functionality
Vulnerable to attacks and exploits that take advantage of TCP/IP
Susceptible to security breaches caused by improper configuration

Question 17

Q

Packet filtering countermeasure:

_____ discard packets with an inside source address if the packet arrives on an external interface

Answer

A

IP Address spoofing countermeasure

Question 18

Q

Packet filtering countermeasure:

____ discard all packets in which the source destination specifies the route

Answer

A

Source routing attacks countermeasure

Question 19

Q

Packet filtering countermeasure:

_____ enforcing a rule that the first fragment of a packet must contain a predefined minimum amount of the transport header

Answer

A

Tiny fragment attack countermeasure

Question 20

Q

Packet Filtering

In order for a fragmented packet to be successfully reassembled at the destination, each fragment must obey the following rules:

A) Must not share a common fragment identification number

B) Each fragment must say what place or offset is in the original unfragmented packet

C) Each fragment must tell the length of the data carried in the fragment

D) The fragment does not need to know whether more fragments follow this one

Question 21

Q

a _______ firewall uses a connection state table

Answer

A

stateful inspection firewall

Question 22

Q

______ acts as a relay of application level traffic (basically a man or system in the middle)

Answer

A

Application-level gateway (or application proxy)

Question 23

Q

Application level gateways tend to be more secure than packet filters

Question 24

Q

Application level gateways may restrict application features supported

Question 25

Q

An Application level gateway can generically filter traffic for any application

Answer

A

False; must have proxy code for specific applications

Question 26

Q

A packet filtering firewall is typically configured to filter packets going in both directions

Question 27

Q

A prime disadvantage of an application-level gateway is the additional processing overhead on each connection

Question 28

Q

A packet filtering firewall can decide if the current packet is allowed based on another packet it has just examined

Question 29

Q

A stateful inspection firewall needs to keep track of information of an active connection in order to decide on the current packet

Question 30

Q

A _______ serves as a platform for an application-level gateway, and is a system identified as a critical strong point in the network’s securty

Answer

A

bastion host

Question 31

Q

__________ firewalls are used to secure an individual host

Answer

A

host based firewalls

Question 32

Q

The primary role of a personal firewall is to ___________

Answer

A

deny unauthorized remote access

Question 33

Q

______ hides the system from the internet by dropping unsolicited communication packets

Answer

A

stealth mode

Question 34

Q

A company has a conventional firewall in place on its network. Which (if any) of these situations requires an additional personal firewall:

A) An employee uses a laptop on the company network and at home

B) An employee uses a desktop on the company network to access websites worldwide

C) A remote employee uses a desktop to create a VPN on the company’s secure network

D) None of the above, in each case the employee’s computer is protected by the company firewall

Question 35

Q

Typically the systems in the _____ require or foster external connectivity such as the corporate web site, an e-mail server, or a DNS server

A) DMZ
B) IP protocol field
C) boundary firewall
D) VPN

Question 36

Q

A _______ configuration involves stand-alone firewall devices plus host-based firewalls working together under a central administrative control

A) packet filtering firewall
B) distributed firewall
C) Boundary firewall
D) VPN

Answer

A

B) distributed firewall

Brainscape's Knowledge GenomeTM

Firewalls Flashcards

Brainscape's Knowledge Genome^TM