M3Q14: Port Forwarding Flashcards

Module 3: Quiz 14

1
Q

You’ve been asked to allow access from the internet on a non-standard port to an internal device on HTTPS port 443. This is an example of port forwarding.

A. True
B. False

A

A. True

Explanation: Port Forwarding is a useful tool available even on home routers, but also used in SOHO and corporate environments. Port Forwarding allows for the forwarding of any port on the outside of a network to a specific IP address and port on the inside of the network. Port Forwarding can be a security concern and it is always best to use a non-standard port on the outside and restrict which public IP addresses are able to access the port forwarding rule.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

If someone asks you to set up a port forwarding rule there’s no reason to confirm what it is for and if it is truly needed.

A. True
B. False

A

B. False

Explanation: It is always necessary to confirm what a port forwarding rule is needed for. In many cases needs can be met without adding a port forwarding rule, but sometimes they are truly needed for things like vendor access to a particular device. It’s also best to confirm if it is needed permanently or just temporarily. It is not good to keep building in lot’s of port forwarding rules because of the security risk. It’s preferable to use an encrypted VPN tunnel instead when possible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

It is a security risk to forward HTTP port 80 directly to the inside of the network to HTTP port 80.

A. True
B. False

A

A. True

Explanation: HTTP port 80 should never be opened directly to the inside of the network. If HTTP port 80 on the outside is opened to the inside it will likely be attacked. And will most definitely be attacked if it is allowed from any source. In most networks port 80 is opened to a web server in the DMZ (De-Militarized Zone) and never to the inside network. Any time we punch holes in our internet facing router or firewall we must be very security conscious. Be careful with port forwarding!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly