CHAPTER SUMMARY

Firewalls are essential to maintaining security, such as supporting valid communications and blocking malicious traffic. However, firewalls are often more than just simple filtering tools. The standard and enhanced features of firewall products require knowledge and skill if these are to be securely deployed.

This chapter discussed building firewall rules, ordering rule sets, understanding what to block, dealing with the limitations of firewalls, maintaining high-speed network performance with a firewall, managing encryption across a firewall, evaluating firewall enhancements, and handling firewall management interfaces.

KEY CONCEPTS AND TERMS

Access control list (ACL)

Default allow

Default deny

Fair queuing

Filters

Firewalking

High availability

Internet Control Message Protocol (ICMP)

Load balancing

Loophole

Management interfaces

Round-robin

Unified threat management (UTM)

Wire speed

CHAPTER 8 ASSESSMENT

  1. Which of the following firewall rule guidelines is most important?
    1. Include every possible address and port in a rule within the set to ensure that an explicit callout exists for every type of communication.
    2. Place explicit Deny rules for individual systems before explicit Allow rules for ranges that include those individual systems.
    3. Place universal Allow rules for individual systems before universal Deny rules for systems in that range.
    4. Include all specific denials for known malicious remote control tools after explicit Allow rules.
  2. What form of encryption allows a firewall to filter based on the original source and destination address? (Assume that the firewall is located along the path between session endpoints.)
    1. Tunnel mode
    2. Transport mode
    3. Traffic mode
    4. Transaction mode
  3. Which of the following is a default-deny rule?
    1. TCP ANY 192.168.42.0/24 ANY ANY Deny
    2. TCP ANY ANY 192.168.42.0/24 ANY Deny
    3. TCP ANY ANY ANY ANY Deny
    4. DENY TCP ANY ANY ANY ANY
  4. Which of the following is a potential weakness of a firewall that cannot be fixed with the application of a patch?
    1. Fragmentation
    2. Programming bug
    3. Buffer overflow vulnerability
    4. DoS from external sources
  5. Which type of communication session can be improved using caching on a firewall?
    1. Email
    2. Instant messaging
    3. Remote access
    4. Web
  6. What is always the most important element within a firewall rule set?
    1. Using specific addresses instead of ANY
    2. Listing Deny exceptions after Allow exceptions
    3. Listing inbound exceptions before outbound exceptions
    4. Listing the final rule of default deny
  7. Which of the following is the primary factor when composing firewall rules?
    1. Bandwidth
    2. Business tasks
    3. Traffic levels
    4. User preferences
  8. Which of the following is not satisfied with a firewall policy?
    1. Assisting in troubleshooting
    2. Detecting changes in deployed settings
    3. Ensuring consistent filtering across the infrastructure
    4. Network load balancing
  9. Which of the following is a firewall rule that prevents internal users from accessing public FTP sites?
    1. TCP 192.168.42.0/24 ANY ANY 21 Deny
    2. TCP ANY ANY ANY FTP Deny
    3. TCP 21 192.168.42.0/24 ANY ANY Deny
    4. TCP ANY ANY 192.168.42.0/24 21 Deny
  10. When constructing a rule set, where should you place the default-deny rule?
    1. First, before any other rule
    2. After any explicit Allow rules
    3. After any explicit Deny rules
    4. Last, after all other rules
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.118.198.61