Firewalls & VPNs Flashcards

Network Security

1
Q

What is a firewall?

A

A firewall filters traffic based on a set of criteria.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the goal of a firewall?

A

To control traffic that enters (from the internet and other networks) and leaves (going out to the internet and other networks) the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How are firewalls created?

A

By creating rules for inbound and outbound connections using Access Control Lists (ACLs).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the two main types of firewalls?

A

Network based Firewall & Host-based Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a network based firewall?

A

Physical hardware on the edge of the network. The protects the network against other networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a host-based firewall and what does it do?

A

Software on a computer that controls which applications and ports are allowed to talk inbound and outbound on an individual workstation or host computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are some services that dedicated network firewalls can provide?

A

Firewalling, VPN services, Anti-Malware, Content Filtering, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are corporate dedicated network firewalls called?

A

Unified Threat Management (UTM) firewalls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What do Dedicated Utm Firewalls do?

A

Protect all corporate internet access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What’s an ACL?

A

Access Control List are used on routers and firewalls to create a list of rules for permitting and denying traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are stateless firewalls?

A

Firewalls that employ ACLs to control traffic (inbound and outbound)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What do ACLs define?

A

ACLs define what protocols, source networks, destination networks, and port numbers can do.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are stateful firewalls?

A

Keep track of the connections on the network and can allow return traffic as long as it was first generated from inside the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What capabilities do modern firewalls have?

A

Stateful and stateless capabilities, which is creating ACLs and keeping track of network connections to make information permit decisions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Deep Packet Inspection?

A

Allows firewalls to take apart packets that are coming onto the network, examine their contents are determine their context.

i.e. What is this connection doing? What is the purpose of this traffic?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What kind of firewalls utilize Deep-Packet Inspection?

A

Application Aware Firewalls or Context Aware Firewalls

17
Q

How are decisions made with Deep-Packet Inspection firewalls?

A

Decisions can be made based on what is deep inside the packets rather than just where its coming from and where its going to.

18
Q

Whats a VPN?

A

A virtual private network provides a private network connection between two endpoints.

19
Q

How are VPN connections protected?

A

The VPN encrypts the tunnel between the two endpoints.

20
Q

What are the two main types of VPNs?

A

Host-to-Site and Site-to-Site

21
Q

What is Host-to-Site VPN?

A

VPN Client is installed on a Hosts/Users computer in order to get remote access to the corporate network through the firewall. This makes it a private extension of the main network.

22
Q

What is Site-to-Site VPN?

A

When a VPN tunnel is configured from a remote corporate office to headquarters through a remote office VPN capable device.

23
Q

What is a VPN Concentrator?

A

A device that is dedicated to handling large amounts of VPN connections.

24
Q

What is PPTP?

A

Point to Point Tunneling Protocol is a VPN Protocol that uses PPP for authentication and modified GRE for the tunnel. There is no inherent encryption, its unsecure, and mostly obsolete.

25
Q

What is a GRE Tunnel?

A

Generic Routing Encapsulation is a VPN Protocol that when used with routers creates a generic tunnel. In combination with IPSec creates an encrypted VPN Tunnel.

26
Q

What is IPSec?

A

Internet Protocol Security is a VPN protocol that provides a method for authentication and negotiation of crypto keys. Uses Internet Key Exchange (IKE) to negotiate the key and ISAKMP for key exchange.

27
Q

What is used to negotiate crypto keys for IPSec?

A

Internet Key Exchange (IKE)?

28
Q

What is used to exchange keys for IPSec?

29
Q

What authentication algorithms are used for IPSec?

A

HMAC-MD5 and HMAC-SHA-1.

30
Q

What encryption algorithms are used for IPSec?

A

DES, 3DES, Blowfish and AES.

31
Q

What is SSL VPN?

A

A VPN Protocol that uses Secure Sockets Layer to establish a VPN Connection.

32
Q

Is an SSL VPN typically used for site-to-site or host to site connectivity?

A

Host-to-site

33
Q

What VPN Protocol allows hosts to use a web browser to connect a VPN?

34
Q

What are the 4 main VPN Protocols?

A

PPTP, GRE Tunnel, IPSec & SSL VPN.