Firewalls Flashcards

1
Q

What two pieces of hardware make up the hardware half of a firewall?

A

1) a router

2) A blackbox with two NICs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What 5 things can firewalls do with traffic?

A

1) permit
2) deny
3) encrypt
4) decrypt
5) proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

ACLs are first line of defence for a network that is connected to the internet - TRUE or FALSE?

A

TRUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

1) inbound and outbound spoofing
2) Denial of Service TCP SYN attacks
3) DoS Smurf attacks

What can be used to mitigate the above attacks?

A

ACLs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How can ACLs mitigate against the below 3 types of attacks?

1) inbound and outbound spoofing
2) Denial of Service TCP SYN attacks
3) DoS Smurf attacks

A

1) inbound and outbound spoofing - Filtering ICMP messages inbound and outbound
2) Denial of Service TCP SYN attacks - TCP intercept to address TCP Syn attacks
3) DoS Smurf attacks - Filtering Traceroute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ACLs can be used to block routing protocols - TRUE or FALSE?

A

TRUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An ACL applied to protocols instead of interfaces is known as what?

A

Distribution List

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ACLs can categorize and queue packets for applications that require QoS, TRUE or False?

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What could you use to control traffic that may be bound for an expensive backup link?

A

Using an ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

In dynamic packet filtering, what keeps track of all communicating sessions between stations?

A

Dynamic State List or State Table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Proxies services exchange information between the server on behalf of the host on what layer of the OSI model?

A

Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What layers of the OSI model can proxies examine?

A

All layers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

If you wanted to scan keywords in incoming and outgoing email, what type of proxy would you implement?

A

SMTP Proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

IP proxies are also known as what?

A

NAT Proxies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What proxy can speed up web surfing?

A

HTTP Proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What type of firewall doesn’t care about whether the packet it is examining is stand-alone or part of a bigger message stream?

A

Stateless firewall

17
Q

Stateless firewalls use less memory than stateful, but stateless firewalls can be quicker once once a new connection is established. TRUE or FALSE

A

TRUE

18
Q

Statefull firewalls work by using the TCP 3-way handshake but can also keep track of connections using UDP. TRUE or FALSE?

A

TRUE

19
Q

Firewalls can’t protect against SYN floods. TRUE or FALSE?

A

FALSE, they can

20
Q

What type of firewall lets you set proxy rules for multiple applications?

A

Layer 7 firewall

21
Q

What does dynamic packet filtering ensure and on what OSI layer does it operate?

A

Dynamic packet filtering ensures that the packets forwarded by firewalls match the TCP/UDP sessions initiated by stations inside the network to prevent outsiders hijacking the session. It works at the Transport layer.