Firewalls and Load Balancers

Question 1

What three zones does a firewall create?

Answer 1

Inside
DMZ
Outside

Question 2

Where would you place a public facing web server in regards to a firewall?

Answer 2

DMZ

Question 3

What is a UTM Firewall?

Answer 3

Unified Threat Management

Uses DLP

Question 4

What is DLP?

Answer 4

Data Loss Prevention

identifies and protects confidential traffic (PII)

Question 5

What can UTM be used for?

Answer 5

Content filtering
Block inbound or outbound traffic
IDS/IPS

Question 6

What is load balancing?

Answer 6

Distributing computation load equally across servers

Question 7

What is a load balancing distribution method?

Answer 7

The parameters which determine how activity is balanced across multiple identical servers

Question 8

What is IDS?

Answer 8

Intrusion Detection System

Question 9

What is IPS?

Answer 9

Intrusion Prevention System

Question 10

What is HIPS

Answer 10

Host Based Intrusion Prevention System
Software runs on server
(IDS and IPS are network based)

Question 11

How do IDS and IPS work?

Answer 11

IDS: Switch replicates traffic from ports and sends the data to a port connected to the
IPS: Intercepts all traffic between firewall and server (physically inbetween) allowing it do disable traffic reaching the server

Question 12

What are the methods to detect malicious traffic?

Answer 12

Signatures (compare signs of specific attacks)

Anomalies (baseline traffic activity, valid HTTP request)