Security

Question 1

How does a firewall work?

Answer 1

It sits between a trusted and untrusted network.
The firewall attempts to stop malicious traffic entering the network.
It can also be configured to prevent certain types of data leaving the network.

Question 2

In what ways can a firewall protect a network?

Answer 2

Blocks/Allows specific ports.
Blocks/Allows specific IP addresses.
Blocks/Allows certain types of packet.
Maintains information about current connections an only allow packets relevant to these connections through.
Identifies unusual behaviour from a host (sending unusually large amounts of data).
It can act as a proxy server (where all devices retrieve external information from it).

Question 3

What is a proxy server (firewalls)?

Answer 3

Computers in a network use proxy servers to access external information (web pages, emails etc.)
This means only one is exposed to the outside network.

Question 4

What are the advantages of using a proxy server?

Answer 4

Only allows proxy services through.
Protocols can be filtered and manipulated.
The rule set is less complex than packet filtering.

Question 5

What are the disadvantages of using a proxy server?

Answer 5

Protocols are more complex and require multiple authentication steps.
Editing protocols can affect other traffic.
Expensive to implement.

Question 6

What is packet filtering (firewall)?

Answer 6

The firewall checks IP addresses and port headers sent from the internet against a set of filters to determine whether the packet should be allowed through.

Question 7

What is state inspection (firewall)?

Answer 7

The firewall examines the content of packets.
It is able to keep a track of the state of connections across the network.