5.2 Firewall Types & Implementation (Doshi) Flashcards Preview

CISA 3.0 - ISACA > 5.2 Firewall Types & Implementation (Doshi) > Flashcards

Flashcards in 5.2 Firewall Types & Implementation (Doshi) Deck (29)
Loading flashcards...
1
Q

Type of firewall

A

(1) Packet filtering router
(2) Stateful inspection
(3) Circuit level
(4) Application -level.

2
Q

Packet filtering router

A

(1) Simplest and earliest kind of firewall.
(2) Allow or Deny action is done as per IP address and port number of source & destination of packets.
(3) Works at Network Layer of OSI.

3
Q

Stateful inspection

A

(1) A Stateful Inspection firewall keeps track of the destination of each packet that leaves the internal network.
(2) It ensures that the incoming message is in response to the request that went out of the organization.
(3) Works at Network Layer of OSI.

4
Q

Circuit level

A

(1) Works on the concept of bastion host and proxy server.
(2) Same Proxy for all services.
(3) Works at Session Layer of OSI.

5
Q

Application -level.

A

(1) Works on the concept of bastion host and proxy server.
(2) Separate Proxy for each application.
(3) Works at Application Layer of OSI.
(4) Controls application such as FTP and HTTP.

6
Q

What is a bastion host?

A

On the Internet, a bastion host is the only host computer that a company allows to be addressed directly from the public network and that is designed to protect the rest of its network from exposure.

7
Q

What firewalls work on the concept of bastion hosting?

A

Circuit level and application level.

8
Q

What is a proxy?

A

(1) A proxy is a middleman.
(2) Proxy stands between internal and external network.
(3) Proxy will not allow direct communication between two networks.
(4) Proxy technology can work at different layer of OSI model

9
Q

What a circuit level proxy?

A

A proxy based firewall that works at lower layer (session layer) is referred to as circuit-level proxy.

10
Q

What is an application level proxy?

A

A proxy based firewall that works at higher layer (application layer) is called as an application level proxy

11
Q

Type of firewall implementations

A

(1) Dual-homed firewall,
(2) screened host firewall
(3) screened subnet firewall (DMZ)

12
Q

Characteristic of Dual-honned firewall

A

(1) One Packet Filtering Router

2) One bastion host with two NIC (Network Interface Card

13
Q

Characteristic of screened host firewall

A

(1) One Packet Filtering Router

(2) One Bastion Host

14
Q

Characteristic of screened subnet firewall (DMZ)

A

(1) Two Packet Filtering Router

(2) One Bastion Host

15
Q

Out of above firewalls, which firewall is the most secured type of firewall?

A

Application level

16
Q

Out of all firewall implementations, which type of firewall’s implementation provides greatest security environment?

A

Screen-Subnet Firewall (DMZ) is the most secured type of firewall implementation.

17
Q

Robust firewall configuration rule

A

Deny all traffic and allow specific traffic’ (as against ‘allow all traffic and deny specific traffic’).

18
Q

What traffic stateful Inspection Firewall allows?

A

Traffic from outside only if it is in response to traffic from internal hosts

19
Q

On What layer is the packet filtering firewall?

A

Network Layer (3rd layer)

20
Q

On What layer is the statefull inspestion firewall?

A

Network Layer (3rd layer)

21
Q

On what layer is the circuit level firewall?

A

Session layer (5th Layer)

22
Q

On what layer is the application level firewall?

A

Application layer (7th layer)

23
Q

Out of all types of firewall, Application-Level Firewall provides

A

GREATEST security environment (as it works on application layer of OSI model).

24
Q

In any given scenario, MOST robust configuration in firewall rule is

A

‘deny all traffic and allow specific traffic’ (as against ‘allow all traffic and deny specific traffic’).

25
Q

In any given scenario, Stateful Inspection Firewall

A

allows traffic from outside only IF it is in response to traffic from internal hosts.

26
Q

What is bastion host?

A

Both Application-Level Firewall as well as Circuit-Level Firewall works on concept of bastion hosting. On the Internet, a bastion host is the only host computer that a company allows to be addressed directly from the public network and that is designed to protect the rest of its network from exposure. Bastion host are heavily forfeited against attack.

Common characteristics of a bastion host are as follows:

  • Its Operating system is hardened, in the sense that only essential services are installed on it.
  • System should have all the unnecessary services disabled, unneeded ports closed, unused applications removed, unnecessary administrative tools removed i.e vulnerabilities to be removed to the extent possible.
  • It is configured to require additional authentication before a user is granted access to proxy services.
  • It is configured to access only specific hosts.
27
Q

What is Proxy?

A

A proxy is a middleman. Proxy stands between internal and external network. Proxy will not allow direct communication between two networks. Proxy technology can work at different layer of OSI model. A proxy based firewall that works at lower layer (session layer) is referred to as circuit-level proxy. A proxy based firewall that works at higher layer (application layer) is called as an application-level proxy.

28
Q

For CISA Exam, we need to remember three types of firewall implementation structure as follow:

A

(i)Dual-Homed Firewall

Characteristics:
(i)One Packet Filtering Router

(ii) One bastion host with two NIC (Network Interface Card).
(ii) Screened Host Firewall

Characteristics:

(i) One Packet Filtering Router
(ii) One Bastion Host
(iii) Screened subnet Firewall (Demilitarized Zone)

Characteristics:

(i) Two Packet Filtering Router
(ii) One Bastion Host

29
Q

Out of all types of firewall implementation structures, Screened Subnet Firewall (DMZ) provides GREATEST

A

security environment (as it implements 2 packet filtering router and 1 bastion host).