Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ SY0-601 > Firewalls and LANs > Flashcards

Firewalls and LANs Flashcards

1
Q

Firewalls

A

Inspect incoming IP packets and block the packets that could hurt the hosts on the LAN. Three methods: stateless, stateful, and application-based, then next-generation firewalls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Stateless firewall

A

Looks at every incoming packet individually without considering anything else taking place, no context (stateless). Are packet filters. oldest type of firewall. Has some form of checklist, the ACL (access control list).
Commonly filters based on things like IP address, Port number, Time/Date.
Can easily combine filters. They are simple and work well. They fail where inspecting and blocking without considering the state isn’t helpful.
Implicit deny. By default there is no access unless the ACL specifically allows it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Stateful Firewall

A

Understands procedures and processes of different Internet protocols and filters any form of communication outside of proper procedures.
Collect several packets in a connection, look at them as a state to determine if the communication meets correct protocol steps.
Don’t have ACLs. Come from the manufacturer with state smarts. Turn them on or off.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Application Firewall

A

Deep understanding of both stateful and stateless aspects of a specific application (HTTP is the most common type of application firewall) and can filter any traffic for that appication that could threaten it.
Application firewall is an appliance, a box, or network device that works at all layers and can inspect data in protocols.
Typically acts as a content/URL filter, blocking traffic based on traffic content and source URL. Can be host-based or network based. Host based more releant.
Looks at both CONTEXT and CONTENT. Not just one or the other.
WAFs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Appliance-based firewall

A

Dedicated hardware box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

host-based firewall

A

Software running on a workstation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Virtual firewall

A

software running in a virtual machine to handle firewall duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Application firewalls primary job

A

protect public-facing servers providing specific applications, application-based firewalls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Stateless and stateful firewalls

A

Mainly protect LANs from many evils from the Internet, usually called network-based firewalls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Next-Generation Firewall (NGFW)

A

Functions at multiple layers to tackle traffic no traditional firewall can filter alone. Can filter based on IP addresses, port numbers, contents of application data, and more. Implements all sorts of traffic inspection policies at all layers. Ethernet rules, NAT rules, HTTPS rules. Can grab and decrypt SSL/TLS traffic (HTTPS) and inspect it. Can

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security+ SY0-601 (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions