Module 9

Question 1

What are the different types of firewalls?

Answer 1

Packet filtering (stateless) firewall
Stateful inspection firewall
Application gateway firewall (proxy firewall)
Next-generation firewall

Question 2

What does a packet filtering firewall do?

Answer 2

Provides Layer 3 and sometimes Layer 4 filtering

Question 3

What does a stateful inspection firewall do?

Answer 3

Allows or blocks traffic based on state, port, and protocol

Question 4

What does an application gateway firewall do?

Answer 4

Filters information at Layers 3,4,5 and 7

Question 5

What does a next-generation firewall do?

Answer 5

Provides addition services beyond application gateways

Question 6

What addition services does a next-generation firewall provide?

Answer 6

Integrated intrusion prevention, application awareness and control to see and block risky apps, access to future information feeds, and techniques to address evolving security threats

Question 7

Networks that require public access to services will often include..

Answer 7

DMZ that the public can access, while strictly blocking access to the inside network

Question 8

What do ZPFs use?

Answer 8

The concept of zones to provide additional flexibility

Question 9

What is a zone?

Answer 9

A group of one or more interfaces that have similar functions, features, and security requirements

Question 10

What does a layered security approach use?

Answer 10

Firewalls and other security measures to provide security at different functional layers of the network

Question 11

What is one benefit of using a next-generation firewall rather than a stateful firewall?

Answer 11

Integrated use of an intrusion prevention system (IPS)

Question 12

Which three layers of the OSI model include information that is commonly inspected by a stateful firewall?

Answer 12

Layer 3, Layer 4, and Layer 5

Question 13

Which statement is a characteristic of a packet filtering firewall?

Answer 13

They are susceptible to IP spoofing

Question 14

Which type of firewall is supported by most routers and is the easiest to implement?

Answer 14

Packet filtering firewall

Question 15

Which type of traffic is usually blocked when implementing a demilitarized zone?

Answer 15

Traffic originating from the DMZ network and traveling to the private network

Question 16

What are two characteristics of an application gateway firewall?

Answer 16

Analyzes traffic at Layers 3,4,5, and 7 of the OSI model and performs most filtering and firewall control in software

Question 17

Which type of firewall generally has a low impact on network performance?

Answer 17

Stateless firewall

Question 18

Which type of firewall is commonly part of a router firewall and allows or blocks traffic based on Layer 3 or 4 information?

Answer 18

Packet filtering firewall

Question 19

How does a firewall handle traffic that is originating from the DMZ network and traveling to a private network?

Answer 19

Traffic is usually blocked when it is originating from the DMZ network and traveling to a private network

Question 20

Which two protocols are stateless and do not generate connection information needed to build a state table?

Answer 20

UDP and ICMP

Question 21

What are two benefits of implementing a firewall in a network?

Answer 21

A firewall will reduce security management complexity and will sanitize protocol flow

Question 22

When implementing a ZPF, which statement describes a zone?

Answer 22

A zone is a group of one or more interfaces that have similar functions or features

Question 23

What system is resistant to network attacks?

Answer 23

Firewalls

Question 24

The only transit point between internal and external networks

Answer 24

The firewall is the transit point

Question 25

Why are firewalls the only transit point between internal and external networks?

Answer 25

All traffic flows through the firewall

Question 26

What enforces the access control policy?

Answer 26

Firewall enforces it

Question 27

Firewalls prevents the exposure of… (benefit)

Answer 27

Sensitive hosts, resources, and applications to untrusted users

Question 28

Firewalls sanitize protocol flow, which prevents what? (benefit)

Answer 28

Exploitation of protocol flaws

Question 29

Firewalls block malicious data from? (benefit)

Answer 29

Servers and clients

Question 30

How do firewalls reduce security management complexity? (benefit)

Answer 30

They off-load most of the network access control to a few firewalls in the network

Question 31

What happens when a firewall is misconfigured? (vulnerability)

Answer 31

It can become a single point of failure

Question 32

Can the data from many applications be passed over firewalls securely? (vunerability)

Answer 32

No

Question 33

How might users searching for ways around the firewall effect the network? (vulnerability)

Answer 33

Exposes the network to potential attacks

Question 34

Can network performance slow down due to firewalls? (vulnerability)

Answer 34

Yes

Question 35

What might happen with unauthorized traffic and a firewall? (vulnerability)

Answer 35

Can be tunneled or hidden as legitimate traffic through the firewall

Question 36

What do packet filtering firewall do?

Answer 36

Use a simple policy table look-up that filter traffic based on specific criteria

Question 37

What do stateful firewalls do?

Answer 37

Provide stateful packet filtering by using connection information maintained in a state table, also analyzes traffic at Layer 4 and 5

Question 38

What do application gateway firewalls do?

Answer 38

It connects to a proxy server when a client needs access to a remote server

Question 39

Where is most of the firewall control and filtering done with an application gateway firewall?

Answer 39

In the software

Question 40

Which firewall goes beyond stateful firewalls?

Answer 40

Next-generation (NGFW)

Question 41

What do NGFW provide?

Answer 41

• Integrated intrusion prevention
• Application awareness and control to see and block risky apps
• Upgrade paths to include future information feeds
• Techniques to address evolving security threats

Question 42

Host-based (server and personal) firewall, Transparent firewall, and Hybrid firewall are methods of what?

Answer 42

Implementing firewalls

Question 43

Host-based (server and personal) firewall

Answer 43

A PC or server with firewall software running on it

Question 44

Transparent firewall

Answer 44

Filters traffic between a pair of bridged interfaces

Question 45

Hybrid firewall

Answer 45

A combination of the various firewall types
Ex. Application inspection firewall combines a stateful firewall with an application gateway firewall

Question 46

What has low impact on network performance? (benefit)

Answer 46

Packet filters

Question 47

Packet filters are? (benefit)

Answer 47

Easy to implement and are supported by most routers