Firewalls are essential to maintaining security, such as supporting valid communications and blocking malicious traffic. However, firewalls are often more than just simple filtering tools. The standard and enhanced features of firewall products require knowledge and skill if these are to be securely deployed.
This chapter discussed building firewall rules, ordering rule sets, understanding what to block, dealing with the limitations of firewalls, maintaining high-speed network performance with a firewall, managing encryption across a firewall, evaluating firewall enhancements, and handling firewall management interfaces.
Which of the following firewall rule guidelines is most important?
Include every possible address and port in a rule within the set to ensure that an explicit callout exists for every type of communication.
Place explicit Deny rules for individual systems before explicit Allow rules for ranges that include those individual systems.
Place universal Allow rules for individual systems before universal Deny rules for systems in that range.
Include all specific denials for known malicious remote control tools after explicit Allow rules.
What form of encryption allows a firewall to filter based on the original source and destination address? (Assume that the firewall is located along the path between session endpoints.)
Tunnel mode
Transport mode
Traffic mode
Transaction mode
Which of the following is a default-deny rule?
TCP ANY 192.168.42.0/24 ANY ANY Deny
TCP ANY ANY 192.168.42.0/24 ANY Deny
TCP ANY ANY ANY ANY Deny
DENY TCP ANY ANY ANY ANY
Which of the following is a potential weakness of a firewall that cannot be fixed with the application of a patch?
Fragmentation
Programming bug
Buffer overflow vulnerability
DoS from external sources
Which type of communication session can be improved using caching on a firewall?
Email
Instant messaging
Remote access
Web
What is always the most important element within a firewall rule set?
Using specific addresses instead of ANY
Listing Deny exceptions after Allow exceptions
Listing inbound exceptions before outbound exceptions
Listing the final rule of default deny
Which of the following is the primary factor when composing firewall rules?
Bandwidth
Business tasks
Traffic levels
User preferences
Which of the following is not satisfied with a firewall policy?
Assisting in troubleshooting
Detecting changes in deployed settings
Ensuring consistent filtering across the infrastructure
Network load balancing
Which of the following is a firewall rule that prevents internal users from accessing public FTP sites?
TCP 192.168.42.0/24 ANY ANY 21 Deny
TCP ANY ANY ANY FTP Deny
TCP 21 192.168.42.0/24 ANY ANY Deny
TCP ANY ANY 192.168.42.0/24 21 Deny
When constructing a rule set, where should you place the default-deny rule?