Lesson 10 - Chapter 4: Firewalls and Internet Appliances

Question 1

What are firewalls?

Answer 1

devices or applications that protect an internal network from unauthorized access to/from the Internet

Question 2

What are 2 of some of the methods firewalls use to protect networks?

Answer 2

1. hiding IP addresses
2. blocking TCP/IP ports

Question 3

A typical network uses one or both of which 2 types of firewalls?

Answer 3

1. Hardware firewalls (built into routers)
2. Software firewalls (run on your computers)

(both protect your computer and network)

Question 4

Can you run hardware and software firewalls at the same time?

Answer 4

yes

Question 5

Most SOHO networks use what type of firewalls?

Answer 5

Hardware firewall (a feature built into a router)

Question 6

How does a hardware firewall protect a LAN from outside threats?

Answer 6

Filters the packets before they reach your internal machines

Question 7

Where do you go to configure a hardware firewalls?

Answer 7

your router’s browser-based settings

Question 8

What do hardware firewalls use to inspect each incoming packet individually? What does it also block?

Answer 8

they use stateful packet inspection (SPI) which also blocks any incoming traffic that isn’t in response to your outgoing traffic

Question 9

What does SPI stand for? What uses it?

Answer 9

Stateful Packet Inspection (what hardware firewalls use to inspect incoming packets individually)

Question 10

What does “stateful” mean?

Answer 10

they check the state of communication of each inbound or outbound packet to confirm the 2 communicators are in an authentic conversation

Question 11

What do you do if you want to allow outside users to access a web server on the LAN?

(remember, NAT hides the true IP addresses of your systems behind a single public IP address so you need to find a way to allow incoming traffic past the router/firewall and redirect it to the right PC)

Answer 11

You can use Port Forwarding to open a port in the firewall and direct incoming traffic on that port to a specific IP address on your LAN (the web server machine)

(for example, open Port 80 for HTTP packets to send all incoming traffic to the server machine)

Question 12

What is Port Forwarding?

Answer 12

enables you to open a port in the firewall and direct all incoming traffic to that port (and to a specific IP address on your LAN)

(allows outside users access to a system/server on your LAN)

Question 13

What’s another way to open ports on a firewall? What does it do? (2)

Answer 13

Port Triggering

it enables you to open an incoming connection to one computer automatically based on a specific outgoing connection

The trigger port defines the outgoing connection, and the destination port defines the incoming connection. If you set the trigger port to 3434 and the destination port to 1234, for example, any outgoing traffic on port 3434 will trigger the router to open port 1234 and send any received data back to the system that sent the original outgoing traffic.

Question 14

What’s the difference between port forwarding and port triggering?

Answer 14

Port Forwarding = opens the port all the time, multiple devices can share the port and must use a static IP address

Port Triggering = only opens the incoming port when a single client at a time requests access to the trigger port and does not require static IP addresses

Question 15

What do you use if you want to open every port on a machine?

Answer 15

Demilitarized Zone (DMZ)

Question 16

What is a DMZ?

Answer 16

Demilitarized zone

it puts systems with the specified IP addresses outside the protection of the firewall (opening all ports and enabling all incoming traffic)

Completely dangerous, don’t use it!

Question 17

What is the software firewall built into Windows?

Answer 17

Windows Defender Firewall

(handles port blocking, security logging, etc)

Question 18

Should you use the same firewall settings for both public and private networks?

Answer 18

no

(using public networks should have more strict firewall settings)

Question 19

Setting the appropriate firewall settings (public vs private) affects what 2 things?

Answer 19

1. Windows Defender Firewall
2. The PC’s ability to share and discover resources

Question 20

What is a private network (the option)?

Answer 20

enables you to share resources, discover devices, and allow devices to discover your computer safely

Question 21

What is a public network?

Answer 21

prevents your computer from sharing and disables all discovery protocols

Question 22

Making a network private or public is an issue for both Wi-Fi and wired Ethernet connections. T or F?

Answer 22

False, wired connections are assumed to be private

Question 23

When does Windows prompt you to choose the network type?

Answer 23

when your computer connects to a Wi-Fi network for the first time

Question 24

You can change a network’s public/private designation any time as long as what?

Answer 24

you are connected to it

Question 25

where do you go to change the public/private designation?

Answer 25

settings > network & internet > Wi-Fi > Network’s SSID > Network Profile type, click public or private

(or just right-click the WiFi icon in the notification area)

Question 26

How do you access Windows Defender Firewall? (2 ways)

Answer 26

1. Start menu (type it(
2. Control Panel > System and Security > Windows Defender Firewall

Question 27

What are exceptions?

Answer 27

choosing which programs and services can pass through the firewall

Question 28

How are programs added to the firewall exceptions list?

Answer 28

most add themselves automatically when you install them

(otherwise, Windows prompts you the first time you run it)

Question 29

What is the Windows Defender Firewall with Advanced Security? Where do you find it?

Answer 29

You find it under the Advanced Settings option for Windows Defender Firewall

It’s a tool (MMC snap-in) that gives you more control over exceptions

Question 30

What are Internet appliances?

Answer 30

special-purpose devices that are incorporated into networks (typically provides levels of network security or performance boosting)

Question 31

What are spam gateways?

on A+ exam

Answer 31

anti-spam appliances, devices that use onboard software to filter out incoming spam e-mails and IMs (spim)

Question 32

Where are spam gateways typically used?

Answer 32

primarily in enterprise organizations, but many ISPs, schools, and small businesses have a version of this function

Question 33

What does UTM stand for?
on A+ exam

Answer 33

UTM = unified threat management

Question 34

What is UTM?

on A+ exam

Answer 34

Combines hardware and software to perform many security functions (firewall, remote access, VPN, web traffic filtering, anti-malware, etc)

Question 35

What does a UTM look like? Which 2 places is it placed?

Answer 35

a Unified Threat Management solution can be a special appliance that is placed between an internal network and an end/gateway device or even installed on a virtual machine running cloud services

Question 36

What are load balancers?

on A+ exam

Answer 36

spreads out the processing required to respond to incoming traffic requests across a group of servers so it’s as even as possible

(incoming requests are assigned to the next available, capable server)

Question 37

Where are load balancers found?

Answer 37

they sit on the network between client devices and the servers to be balanced

Question 38

What are proxy servers?

on A+ exam

Answer 38

an intermediary between its users and the resources they request

Question 39

How do proxy servers work?

Answer 39

applications send requests to the proxy server instead of trying to access the Internet directly and the proxy server fetches the resources for the user instead

Question 40

What Internet appliance allows you to monitor usage and restrict/modify access to content?

Answer 40

proxy servers

Question 41

Where are proxy servers found?

Answer 41

Enterprise proxy servers are usually implemented as software running on a multi-purpose server