Section 12: Perimeter Security

Question 1

Perimeter Security

Answer 1

Boundary that separates the LAN from the WAN and how to secure that

Question 2

Firewalls

Answer 2

Screen traffic between two portions of a network

Question 3

Three main types of firewalls

Answer 3

Hardware based, software based, and embedded (SOHO router, UTM)

Question 4

Packet Filtering

Answer 4

Inspects each packet passing through the firewall and accepts or rejects it based on the rules

Question 5

Stateless Packet Filtering

Answer 5

Filtering based on IP address

Question 6

Stateful Packet Filtering

Answer 6

Tracks the request leaving the network (eliminates IP spoofing)

Question 7

NAT Filtering

Answer 7

Filters traffic based upon the ports being utilized and type of connection (TCP or UDP)

Question 8

Circuit Level Gateway

Answer 8

Operates at the session layer and only inspects the traffic during the establishment of the initial session for TCP or UDP

Question 9

Explicit Allow

Answer 9

Allows because you’ve specifically created a rule for it

Question 10

Explicit Deny

Answer 10

Traffic is denied because the rules says so

Question 11

Implicit Deny

Answer 11

Traffic is denied the ability to enter or leave the network because there is no specific rules that allows it

Question 12

Web Application Firewall

Answer 12

Firewall installed to protect your server by inspecting traffic being sent to a web application

Question 13

Proxy Server

Answer 13

A device that acts as a middle man between a device and a remote server

Question 14

What are the four kinds of Proxy Servers in use today?

Answer 14

IP proxy, caching proxy, content filter, web security gateway

Question 15

IP Proxy

Answer 15

Used to secure a network by keeping devices behind it anonymous

Question 16

Caching Proxy

Answer 16

Attempts to serve client requests by delivering content from itself without actually contacting the remote server

Question 17

PAC files for security

Answer 17

Disable them!

Question 18

Internet Content Filter

Answer 18

Used in organizations to prevent users from accessing prohibited websites

Question 19

Web Security Gateway

Answer 19

A go-between device that scans for viruses, filters unwanted content like ads, and performs data loss prevention functions

Question 20

Honeypots and honeynets

Answer 20

Used to attract and trap potential attackers

Question 21

Honeypot

Answer 21

A single computer (or file, group of files, or IP range) that might be attractive to an attacker

Question 22

Honeynet

Answer 22

A group of computers, servers, or networks used to attract an attacker

Question 23

Data Loss Prevention

Answer 23

Systems designed to protect data by conducting content inspection of data being sent out of the network

Question 24

NIDS

Answer 24

Network Intrusion Detection System - attempts to detect, log, and alert on malicious network activities

Question 25

NIPS

Answer 25

Attempts to remove, detain, or redirect malicious traffic

Question 26

UTM

Answer 26

Unified Threat Management - Single device that combines several security devices within it