Firewalls Flashcards
(30 cards)
What are the key components of Zero Trust?
Identify/device verification, least privilege access, micro segmentation, continuous monitoring.
What are the methods to access firewall management?
GUI, CLI, Panorama, API
What do security zones do?
Separate traffic based on trust levels.
Name types of policy rules
Interzone, Intrazone, Universal
Give examples of zones
Trust, Untrust, DMZ, VPN
What does App-ID verify?
Applications using protocol and behavioural analysis.
Does App-ID work with SSL?
Yes, regardless of port or encryption
What does URL filtering use for classification?
Categories and custom allow/block lists
List possible actions
Allow, Alert, block, continue
What are the 3 types of SSL decryption?
SSL Forward Proxy, SSL inbound Inspection, No decryption.
What does GlobalProtect provide for mobile users?
VPN, endpoint protection, and device posture checks
Name three VPN deployment types
Site-to-site (IPSec), Remote Access (GlobalProtect), Clientless VPN.
What are the High Availability modes?
Active/Passive, Active/Active
What features support High Availability?
Session sync, redundancy, failover
What is a custom App-Id used for?
Recognising proprietary apps
What is App Override?
Simplifies traffic classification
What does User-ID do?
Maps users to IPs for identity-based policies
Name some user sources
Active directory, LDAP, RADIUS, Captive Portal.
What do security profiles enhance?
Base security policies
What does Antivirus do?
Detects known malware
What does Anti-spyware do?
Blocks spyware C2 activity
What does vulnerability protection do?
Prevents exploits
What does File Blocking do?
Prevents transfer of certain file types
What does WildFire do?
Cloud sandbox for unknown files
