Firewalls + IDS/IPS Flashcards

1
Q

What do Packet Filters check and which level of the OSI model do they operate on?

A

Layers 3 + 4 (Network and Transport).

Check: Protocol, Source IP, Destination IP, Source TCP/UDP port #, Destination TCP/UDP port #.

  • Does not inspect the CONTENTS of the packet. Only the Header.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What do Stateful Inspection firewalls check and which level of the OSI model do they operate on?

A

Layers 3, 4, + 5. (Network, Transport, Session).

Protects the state (or connection) between 2 points. Creates temporary rules to taper down on traffic. Inspects traffic state to confirm that the connection fits the correct criteria. Does NOT inspect packet contents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What do Application Aware Firewalls check and which level of the OSI model do they operate on?

A

Layers 1 - 7. App level Firewalls inspect packet contents. Also known as Layer 7 Firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is IDS?

A

IDS (Intrusion Detection System). Uses reputation-based protection which alerts when there is potentially dangerous traffic.

Listens only, does not interfere.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is IPS?

A

Intrusion Protection System. Uses reputation-based protection. IPS is in-line, typically, and can interfere with suspicious network traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly