Chapter6 Review Question&Exercises
Chapter6 Review Question&Exercises
- The untrusted network refers to the internet. -The trusted network refers to the
privately-owned network. -The firewall filter traffic from the untrusted network to
the trusted network to ensure it is legitimate and not harmful.
2. What is the relationship between a TCP and UDP packet? Will any
specific transaction usually involve both types of packets?
- The application layer firewall takes into consideration the nature of the
applications being run (the type, timing of the network connection requests, the
type, and nature of the traffic generated) whereas the packet filtering firewall
simply looks at the packets as they are transferred. - The application firewall is
also known as a proxy server since it runs special software that acts as a proxy
for a request.
- static filtering is where the filtering rules tell the firewall which packets are
allowed and which are denied are developed and installed. - dynamic filtering is
where the firewall reacts to an emergent event and update or create rules to deal
with the event. *while static filtering firewalls allow entire sets of one type of
packet to enter in response to authorized requests, the dynamic packet filtering
firewall allows only a particular packet with a particular source, destination, and
port address to enter through the firewall.
- stateful inspection keeps track of each network connection between internal and
external systems using a state table. Stateful inspection firewalls use packet
filtering to allow or deny packets. It also defaults to its ACL if a packet doesn't
match in its state table. State information is maintained in a state table that
contains the familiar IP and port source and destination.
6. What is a circuit gateway, and how does it differ from the other forms of
firewalls?
7. What special function does a cache server perform? Why is this useful
for larger organizations?
- A cache server is a server that makes available frequently used pages. For
example, big corporations use cache servers to make sure pages to market their
products are pre-rendered and ready to send instead of asking for a full request
from a web page host. It also adds layer of protection against attacks as only
portions of a website can be attacked at a time.
8. Describe how the various types of firewalls interact with the network
traffic at various levels of the OSI model.
- packet filtering firewalls scan network data packets and either accept or deny
them depending on the rules of the firewall's database. Filtering firewalls inspect
packets at the network layer (layer 3 of OSI) MAC layer firewalls are designed to
operate at the media access control layer (layer 2) Application level firewalls
operate above layer 3 using knowledge of protocols and applications.
- A hybrid firewall combines features and functions from other types of firewalls.
Hybrid firewalls use a combination of the other three methods, and in practice,
most firewalls fall into this category, since most use multiple approaches within
the same device.
10. List the five generations of firewall technology. Which generations are
still in common use?
- When the protective control fails, the appliance will most often fail in a safe
mode, while the software is likely to stop working, leaving the protected system
vulnerable.
14. How do screen host architectures for firewalls differ from screened
subnet firewall architectures? Which of these offers more security for the
information assets that remain on the trusted network?
- Screened host firewalls combine the packet filtering router with a separate,
dedicated firewall, such as an application proxy server. This approach allows the
router to prescreen packets to minimize the network traffic and load on the
internal proxy. The architecture of screened subnet firewall provides a DMZ. The
DMZ can be a dedicated port on the firewall device linking a single bastion host,
or it can be connected to a screened subnet. Screened subnet firewalls offer
more security than screen host firewall.
17. What are the three questions that must be addressed when selecting a
firewall for a specific organization?
- Question 1 - Do you want to have redundancy and scalability? - This is related
to your organization kind - whether you are a small tiny startup or medium to big
enterprise. The first one will do without redundancy and scalability.
- Question 2 - Do you need a hardware-based firewall, or are you working in the
cloud? - This one is quite essential because cloud providers give you to use
excellent Ingress controllers. They are highly scalable secured firewalls, and
usually, there is no need for an additional software-based firewall. In the other
case, you have to take care of your security and support.
- Question 3 - Do you plan to have intrusion detection and prevention? - This one
is essential if you plan to implement any defensive reaction force in your
organization. For a small organization, usually, system administrators take this
duty, and you could not need such a feature. In bigger ones, such a feature is a
must.
- RADIUS stands for Remote Authentication Dial-In User Service. In this method,
users dial-up a modem that connects to a centralized user authentication service.
This service then returns a reply of "accept" or "decline," and the access point
either allows or rejects the connection. Its advantage over TACACS (Terminal
Access Controller Access Control System) is that it provides a single centralized
server to authenticate user access and reports directly back to the remote access
server (RAS).
19. What is a content filter? Where is it placed in the network to gain the best
result for the organization?
- the term VPN refers to “Virtual Private Networks,” so users can protect networks
while connected to the public network. You can mask your online identity through
a VPN by encrypting your internet traffic. Because of this limitation, it is now
harder for third parties to log on and steal data about you. It is useful due to its
Data privacy and protection are of paramount importance to corporations when
utilizing virtual private networks. As users interact via the Internet instead of face-
to-face, virtual private networks have gained popularity as a means to enhance
privacy, as users’ IP addresses are swapped with those of the VPN.
- I think the best software firewall programs depend on the type of computer you
have and also how much you use the Internet. The link above lists the top 10
software firewalls. I would pick Avira because it is free and is top-rated and still
receives high scores for protection.
The first person to address the group was the network design consultant, Susan
Hammer. She
reviewed the critical points from her earlier design report, going over the options it
had presented and outlining the tradeoffs in those design choices.
When she finished, she sat down and Kelvin addressed the group again: “We
need to break
the logjam on this design issue. We have all the right people in this room to make
the right
the choice for the company. Now here are the questions I want us to consider over
the next three
hours.” Kelvin pressed the key on his PC to show a slide with a list of discussion
questions on
the projector screen.
Questions:
1. What questions do you think Kelvin should have included on his slide to
start the discussion?
- What kind of security protection do we want?
- Do we want it to be the best and most protection possible?
- Is it in the budget for our company to do this?
- Are we able to produce a security frame like this?
- More importance would have to lean on the higher security maintenance side of
things. This is because they already been hacked into before and the fact they
will be much more protected in the case of an emergency like this happening
again to them.