Security 5.5 Firewalls

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?

ACL IPsec When you configure a router as a firewall, you configure the access control list (ACL) with statements that identify traffic characteristics, such as the direction of traffic (inbound or outbound), the source or destination IP address, and the port number. ACL statements include an action to either allow or deny the traffic specified by the ACL statement.

Which of the following describes how access lists can be used to improve network security?

An access list identifies traffic that must use authentication or encryption. An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers. An access list filters traffic based on the frame header such as source or destination MAC address.

You provide internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?

Application level Circuit-level Packet filtering An application-level gateway is a firewall that is capable of filtering based on information contained within the data portion of a packet. An application level gateway can filter based on user, group, and data such as URLs within an HTTP request. One example of an application level gateway is a proxy server. Proxies can be configured to restrict access by user or by specific Web sites.

Which of the following is a firewall function?

Encrypting Packet filtering FTP hosting Firewalls often filter packets by checking each packet against a set of administrator-defined criteria. If the packet is not accepted, it is simply dropped.

Which of the following are characteristics of a packet filtering firewall? (Select two.)

Filters IP address and port Stateful Filters based on sessions Stateless A packet filtering firewall makes decisions about which network traffic to allow by examining information in the IP packet header such as source and destination addresses, ports, and service protocols. A packet filtering firewall is considered a stateless firewall because it examines each packet and uses rules to accept or reject each packet without considering whether the packet is part of a valid and active session.

You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use?

Network based firewall DMZ A network-based firewall inspects traffic as it flows between networks. For example, you can install a network-based firewall on the edge of your private network that connects to the Internet and scans all incoming e-mail. Scanning e-mail as it arrives at your e-mail server allows you to centralize management and stop malicious e-mails before they arrive at client computers.

When designing a firewall, what is the recommended approach for opening and closing ports?

Open all ports; close ports that expose common network attacks. Close all ports; open only ports required by applications inside the DMZ.

Which of the following are characteristics of a circuit-level gateway? (Select two.)

Stateful Stateless Filters based on URL Filters IP address and port Filters based on sessions A circuit-level proxy or gateway makes decisions about which traffic to allow based on virtual circuits or sessions. A circuit-level proxy is considered a stateful firewall because it keeps track of the state of a session.

You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?

VPN concentrator Circuit-level Packet filtering

You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?

VPN concentrator Proxy server Network based firewall Host based firewall

Which of the following are features of an application-level gateway? (Select two.)

(all correct) Operate up to OSL Layer 7 (Application layer) Stops each packet at the firewall and inspects it, so there is no IP forwarding Inspects encrypted packets, such as in SSL inspection Examines the entire content (not just individual packets) Understands or interfaces with the application-layer protocol Can filter based on user, group, and data such as URLs within an HTTP request Is the slowest form of firewall because entire messages are reassembled at the Application layer

You would like to control Internet access based on users, time of day, and websites visited. How can you do this?

Configure Internet zones using the Internet Options. Enable Windows Firewall on each system. Add or remove exceptions to control access. Configure the Local Security Policy of each system to add Internet restrictions. Install a proxy server. Allow Internet access only through the proxy server. Use a proxy server to control Internet access based on users, time of day, and websites visited. You configure these rules on the proxy server, and all Internet access requests are routed through the proxy server.

Your company has a connection to the internet that allows users to access the internet. You also have a web server and an email server that you want to make available to internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?

Network-based firewall A demilitarized zone (DMZ), or screened subnet, is a buffer network (or subnet) that sits between the private network and an untrusted network, such as the internet. To create a DMZ, use one network-based firewall connected to the public network, and one connected to the private network.

Which of the following is the best device to deploy to protect your private network from a public untrusted network?

Router Firewall Hub

Which of the following are true of a circuit proxy filter firewall? (Select two.)

Verifies sequencing of session packets. Examines the entire message contents. Operates at the Network and Transport layers. Operates at the Session layer. Operates at ring 0 of the operating system. A circuit proxy filter firewall operates at the Session layer. It verifies the sequencing of session packets, breaks the connections, and acts as a proxy between the server and the client.


Ensembles d'études connexes

Praxis II: Professional School Counselor (Questions)

View Set

GI Pharm Practice Questions, Med Surg Chapter 23: Nursing Management: Patients With Gastric and Duodenal Disorders: PREPU, Chapter 46: Mgt With Gastric and Duodenal Disorders, Med Surg Ch. 46 Upper GI, Chapter 46: Management of Patients With Gastric...

View Set

Ch. 28 Pregnancy & Human Development

View Set

8.5 Pharaoh Hatshepsut: Promoter of Egyptian Trade

View Set

Ch 17 Schizophrenia Spectrum Disorders

View Set

Chapter 14 Chemistry Study Guide

View Set