10

Technology and Livelihood

Education
Activity Sheet
Quarter 2 – LO 3: Set Router /
WiFi / Wireless Access Point /
Repeater Configuration

Firewall Configuration

i|Page
 Quarter 2, Week 5

REGION VI – WESTERN VISAYAS

TLE Grade 10/12
Activity Sheet No. 5
First Edition, 2020

Published in the Philippines

By the Department of Education
Region 6 – Western Visayas

Republic Act 8293, section 176 states that: No copyright shall subsist in any
work of the Government of the Philippines. However, prior approval of the government
agency or office wherein the work is created shall be necessary for exploitation of such
work for profit. Such agency or office may, among other things, impose as a condition
the payment of royalties.

This Learning Activity Sheet is developed by DepEd Region 6 – Western

Visayas.

ALL RIGHTS RESERVED. No part of this learning resource may be

reproduced or transmitted in any form or by any means electronic or mechanical
without written permission from the DepEd Regional Office 6 – Western Visayas.

Development Team of TLE/TVE Activity Sheet

Writer : Allan B. Montenegro

Content/Language Validator : Edward E. Baña

Layout Artist:

Schools Division Quality Assurance Team:

Schubert Anthony C. Sialongo
Edward E. Baña
Allan B. Montenegro
Michelle P. Jordan
Division of Antique Management Team:
Felisa B. Beriong, CESO VI
Corazon C. Tingson
Gaudencio C. Riego, PhD
Schubert Anthony C. Sialongo
Edward E. Baña
Regional Management Team
Ma. Gemma M. Ledesma,
Dr. Josilyn S. Solana,
Dr. Elena P. Gonzaga,
Mr. Donald T. Genine,
(Learning Area EPS)
ii | P a g e
Introductory Message
Welcome to Computer System Servicing NC II Grade 10/12

The Learning Activity Sheet is a product of the collaborative efforts of the

Schools Division of Antique and DepEd Regional Office VI - Western Visayas through
the Curriculum and Learning Management Division (CLMD). This is developed to
guide the learning facilitators (teachers, parents and responsible adults) in helping the
learners meet the standards set by the K to 12 Basic Education Curriculum.

The Learning Activity Sheet is self-directed instructional materials aimed to

guide the learners in accomplishing activities at their own pace and time using the
contextualized resources in the community. This will also assist the learners in
acquiring the lifelong learning skills, knowledge and attitudes for productivity and
employment.

For learning facilitator:

The Computer System Servicing NC II Activity Sheet will help you facilitate
the leaching-learning activities specified in each Most Essential Learning Competency
(MELC) with minimal or no face-to-face encounter between you and learner. This will
be made available to the learners with the references/links to ease the independent
learning.

For the learner:

The Computer System Servicing NC II Activity Sheet is developed to help

you continue learning even if you are not in school. This learning material provides
you with meaningful and engaging activities for independent learning. Being an active
learner, carefully read and understand the instructions then perform the activities and
answer the assessments. This will be returned to your facilitator on the agreed
schedule.

iii | P a g e
 Learning Activity Sheets (LAS)
(For Technology and Livelihood Education)

Name of Learner: _____________________ Grade and Section: ________________

Date: ________________

COMPUTER SYSTEM SERVICING NC II ACTIVITY SHEET

FIREWALL CONFIGURATION
I. Learning Competency with Code
TLE_IACSS9-12SUCN-If-j-IIa-e-35
✓ 3.5 Configure security/firewall/advanced settings in accordance with manufacturer’s instruction and
end-user preferences

II. Background Information for Learners

Connecting personal computers to other IT systems
or the internet opens up a range of positive
possibilities — easy collaboration with others,
combining of resources, enhanced creativity — but it
also exposes users to dangers.
Hacking, identity theft, malware, and online
fraud are common threats users could face when
they expose themselves by linking their computers
to a network or the internet. https://www.kaspersky.com/content/en-
global/images/repository/isc/2017-images/KSY-53-
What if there was a way users could protect What_is_a_firewall__.jpg
themselves from the worst dangers by erecting an
invisible wall to filter out those threats? It would be
essential to have it — fortunately, it already exists. That invisible wall is what is known as a
firewall.
Erected between a computer and its connection to an external network or the web, a firewall
decides which network traffic is allowed to pass through and which traffic is deemed
dangerous. It essentially works to filter out the good from the bad, the trusted from the
untrusted.

FIREWALL
A firewall is a security device — computer
hardware or software — that can help protect
your network by filtering traffic and blocking
outsiders from gaining unauthorized access to
the private data on your computer.
Not only does a firewall block unwanted traffic,
it can also help block malicious software from
https://www.hotspotshield.com/imgs/learn/what-is-a-computer-
infecting your computer. firewall/pic.jpg
Firewalls can provide different levels of
protection. They key is determining how much protection you need.

1|Page
 FIREWALLS ARE PART OF YOUR NETWORK SECURITY
Firewalls represent a first line of defence in home network security.
Your home network is only as secure as its least protected device. That’s where a network
security system comes in.
A firewall shouldn’t be your only consideration for securing your home network. It’s important
to make sure all of your internet-enabled devices — including mobile devices — have the
latest operating system, web browsers, and security software.
Another consideration? Securing your wireless router. This might include changing the name
of your router from the default ID and password it came with from the manufacturer, reviewing
your security options, and setting up a guest network for visitors to your home.

WHAT DOES A FIREWALL DO?

A firewall acts as a gatekeeper. It monitors attempts to gain access to your operating system
and blocks unwanted traffic or unrecognized sources.
A firewall acts as a barrier or filter between your computer and another network such as the
internet. You could think of a firewall as a traffic controller. It helps to protect your network and
information by managing your network traffic, blocking unsolicited incoming network traffic, and
validating access by assessing network traffic for anything malicious like hackers and
malware.
Your operating system and your security software usually come with a pre-installed firewall. It’s
a good idea to make sure those features are turned on. Also, make sure your security settings
are configured to run updates automatically.

HOW DOES A FIREWALL WORK?

To start, a firewalled system analyzes network traffic based on rules. A firewall only welcomes
those incoming connections that it has been configured to accept. It does this by allowing or
blocking specific data packets — units of communication you send over digital networks —
based on pre-established security rules.
A firewall works like a traffic guard at your computer’s entry point, or port. Only trusted
sources, or IP addresses, are allowed in. IP addresses are important because they identify a
computer or source, just like your postal address identifies where you live.

TYPES OF FIREWALLS
There are software and hardware firewalls. Each format serves a different but important
purpose. A hardware firewall is physical, like a broadband router — stored between your
network and gateway. A software firewall is internal — a program on your computer that works
through port numbers and applications.
There also are cloud-based firewalls, known as Firewall as a Service (FaaS). One benefit of
cloud-based firewalls is that they can grow with your organization and, similar to hardware
firewalls, do well with perimeter security.
There are several different types of firewalls based on their structure and functionality. Here
are the different firewalls you can implement, depending on the size of your network and the
level of security you need.

2|Page
 Packet-filtering firewalls
A packet-filtering firewall is a management program that can block network traffic IP
protocol, an IP address, and a port number. This type of firewall is the most basic form of
protection and is meant for smaller networks.
While packet-filtering firewalls can be helpful, they also have limitations. Because all web
traffic is allowed, it doesn’t block web-based attacks. So, you need additional protection to
distinguish between friendly and malicious web traffic.

Stateful multi-layer inspection (SMLI) firewalls

The stateful multi-layer inspection firewall has standard firewall capabilities and keeps track
of established connections. It filters traffic based on state, port, and protocol, along with
administrator-defined rules and context. This involves using data from prior connections
and packets from the same connection.
Most firewalls rely on stateful packet inspection to keep track of all internal traffic. This
firewall is a step above packet-filtering in its use of multi-layer monitoring.
However, it is still unable to distinguish between good and bad web traffic, so you may
need additional software.

Next-generation firewalls (NGFW)

Next-generation firewalls are more sophisticated than packet-filtering and stateful
inspection firewalls. Why? They have more levels of security, going beyond standard
packet-filtering to inspect a packet in its entirety. That means not just the packet header,
but also a packet’s contents and source. NGFW are able to block more sophisticated and
evolving security threats like advanced malware.

Network address translation (NAT) firewalls

A NAT firewall is able to assess internet traffic and block unsolicited communications. In
other words, it only accepts inbound web traffic if a device on your private network solicited
it.

Host-based firewalls versus network-based firewalls

There are differences between host-based and network-based firewalls, along with benefits
of having both in place.
Network firewalls filter traffic going to and from the internet to secured local area networks
(LAN). They typically are used by businesses that need to protect a large network of
computers, servers, and employees. A network-based firewall is able to monitor
communications between a company’s computers and outside sources, as well as restrict
certain websites, IP addresses, or other services.
Host-based firewalls work similarly but are stored locally on a single computer or device. A
host-based firewall is a software application or a suite of applications that allows for more
customization. They are installed on each server, control incoming and outgoing traffic,
decide whether to allow traffic to individual devices, and protect the host.

What are some of the main risks of not having a firewall?

You might already engage in certain safe computer and internet use practices, including these:
✓ You don’t click on unknown links or attachments.
3|Page
 ✓ You only log on to trustworthy, known websites.
✓ You never give out any personal information unless it is absolutely necessary.
✓ You have strong, unique, complex passwords for each online account that you update
often.
Does that make you safe enough? The answer may be “no.” If you use the internet, it’s smart
to have a firewall in place. Cyber threats are widespread and evolving. It’s important to use
available defences to help protect your network, and the personal information stored on your
computer, against cybercrimes.

Here are the three main risks of not having a firewall:

Open access
Without a firewall, you’re accepting every connection into your network from anyone. You
wouldn’t have any way to detect incoming threats that could leave your devices vulnerable
to malicious users.

Lost or compromised data

Not having a firewall could leave your devices exposed, which could allow someone to gain
control over your computer or network. Cybercriminals could delete your data. Or they could
use it to commit identity theft or financial fraud.

Network crashes
Without a firewall, attackers could shut down your network. Getting it running again, and
attempting to recover your stored data, could involve your time and money.
Firewalls are a key part of security technology, especially when the different types of
firewalls work together to provide an umbrella of protection. Firewalls can help keep your
network, computer, and data safe and secure.

DESCRIBE AND COMPARE FIREWALL TYPES Hardware Firewall vs. Software

Firewall
Hardware and software firewalls protect data and
equipment on a network from unauthorized access.
A firewall should be used in addition to security
software.
Hardware and software firewalls have several
modes for filtering network data traffic:
• Packet filter – This is a set of rules that
allows or denies traffic based on criteria
such as IP addresses, protocols, or ports
used.
• Proxy firewall – This is a firewall installed
on a proxy server that inspects all traffic
and allows or denies packets based on
configured rules. A proxy server is a server
that is a relay between a client and a
destination server on the Internet.
• Stateful packet inspection – This is a
CISCO IT Essentials Offline Materials
firewall that keeps track of the state of

4|Page
 network connections traveling through the firewall. Packets that are not part of a
known connection are dropped.

Hardware Firewall
A hardware firewall is a physical filtering component that inspects data packets from the
network before they reach computers and other devices on a network. A hardware firewall is
a free-standing unit that does not use the resources of the computers it is protecting, so
there is no impact on processing performance.

Software Firewall
A software firewall is an application on a computer that inspects and filters data packets.
Windows Firewall is an example of a software firewall that is included in the Windows
operating system. A software firewall uses the resources of the computer, resulting in reduced
performance for the user.

CONFIGURING FIREWALL TYPES

A firewall selectively denies traffic to a computer or network segment. Firewalls generally
work by opening and closing the ports used by various applications. By opening only the
required ports on a firewall, you are implementing a restrictive security policy. Any packet
not explicitly permitted is denied. In contrast, a permissive security policy permits access
through all ports, except those explicitly denied. In the past, software and hardware were
shipped with permissive settings. As users neglected to configure their equipment, the
default permissive settings left many devices exposed to attackers. Most devices now ship
with settings as restrictive as possible, while still allowing easy setup.

Software Firewalls
Software firewalls can be either an independent application or part of the operating system.
There are several third-party software firewalls. There is also a software firewall built into
Windows 10.

5|Page
Windows Defender Firewall

To turn Microsoft Defender Firewall on or off

Standard Procedure:
1. Select the Start button > Settings > Update & Security > Windows Security and
then Firewall & network protection. Open Windows Security settings
2. Select a network profile.
3. Under Microsoft Defender Firewall, switch the setting to On. If your device is connected to
a network, network policy settings might prevent you from completing these steps. For
more info, contact your administrator.
4. To turn it off, switch the setting to Off. Turning off Windows Defender Firewall could make
your device (and network, if you have one) more vulnerable to unauthorized access. If
there's an app you need to use that's being blocked, you can allow it through the firewall,
instead of turning the firewall off.

Short Cut:

Windows key + R,
type WF.msc, and
then press ENTER.

Windows Defender Firewall

Windows Defender Firewall has three network profiles types:

1. Domain profile: Used for networks where there is a system of account authentication
against a domain controller (DC), such as an Azure Active Directory DC
2. Private profile: Designed for and best used in private networks such as a home
network
3. Public profile: Designed with higher security in mind for public networks like Wi-Fi
hotspots, coffee shops, airports, hotels, or stores

6|Page
To allow/block inbound or outbound
connections for a specific profile, click
Advanced Setting, right-click on the root
of Windows Defender Firewall with
Advanced Security > Properties.

Maintain the default settings in Windows

Defender Firewall whenever possible.
These settings have been designed to
secure your device for use in most
network scenarios. One key example is
the default Block behavior for inbound
connections.

Please note that by default Windows

Defender Firewall in Windows 10 blocks
all incoming connections and allows all
outgoing ones.

Inbound refers to connections coming-

in to a specific device (host/server) from
a remote location. e.g. A Web Browser
connecting to your Web Server is an
inbound connection (to your Web
Server). Outbound refers to
connections going-out to a specific device from a device/host.

If you want to block Internet access from your computer

Select Outbound Connection -> Block on all three tabs. In this case, outgoing connections will
be denied for all programs except those allowed (Windows 10 has several pre-configured rules for
system processes: access to Windows Update, Windows Store, updating the Windows Defender
antivirus signatures, etc.).

➢ Let’s try to add the Mozilla

Firefox browser to the list of
allowed programs.
1. Click on the Allow an app or
feature through Windows
Defender Firewall button in the
left pane.
2. A list of allowed Windows
applications and services
appears in the list.
3. To add a new rule, click Allow
another app.

7|Page
Use the Browse button
to specify the path to the
executable file that you
want to allow access to
the Internet. We selected
our browser’s executable
file C:\Program
Files\Mozilla
Firefox\firefox.exe

Click OK and
select for
which network
profiles this
rule should be
active.

➢ You can configure Windows Defender Firewall rules more finely from the wf.msc
console. Here you can create separate allowing or blocking rules for a specific
program, protocol (TCP/UDP/ ICMP/IPsec), IP address or port number.

To create a new outbound rule,

right click on Outbound Rules -
> New Rule.

8|Page
Next, follow a simple wizard to help
you to create your own rule in
Windows Defender Firewall.

In this example, we’ve enabled

outbound connections for the
putty.exe client.

Select Allow the connection and

provide a name for the rule.

9|Page
The new rule will
appear in
the Outbound
rules list. You can
disable it via
the Disable
rule option in
context menu. This
does not delete the
rule, but it
becomes inactive.

Best practices for configuring Windows Defender Firewall

✓ Keep default settings.
✓ Understand rule precedence for inbound rules.
✓ Create rules for new applications before first launch.
✓ Establish local policy merge and application rules.
✓ Know how to use "shields up" mode for active attacks.
✓ Create outbound rules.
✓ Document your changes.

For more readings about Windows Defender Firewall you may open this link.
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-
practices-configuring

III. Accompanying DepEd Textbook and Educational Sites (With Possible Materials for
experiments/activities)
✓ https://www.kaspersky.com/resource-center/definitions/firewall, Retrieved on November 4,
2020, 8:05 AM
✓ https://us.norton.com/internetsecurity-emerging-threats-what-is-firewall.html, Retrieved on
November 4, 2020, 8:15 AM
✓ https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/best-
practices-configuring, Retrieved on November 4, 2020, 8:26 AM
✓ CISCO IT Essentials Offline Materials, Retrieved on November 4, 2020, 9:15 AM
✓

10 | P a g e
 IV. Activity Proper

1. Activity: Blocking a Program/Application in Windows 10 Firewall

Instruction: Open your Computer or go an internet café nearby and open the link provided below.
Decide for a program/application to be blocked and follow the infographic procedure in
that page after opening the link.
http://bit.do/blocking-a-program

2. Exercises / Activities
2.1 Multiple Choice. Encircle the correct answer from the given choices below.
1. These are the common threats when linking your computer to a network or the internet,
except.
a. Hacking c. identity theft
b. cloud storage d. online fraud

2. The most basic form of protection and is meant for smaller networks.
a. Stateful multi-layer inspection (SMLI) firewalls
b. Packet-filtering firewalls
c. Next-generation firewalls (NGFW)
d. Network address translation (NAT) firewalls

3. More sophisticated than packet-filtering and stateful inspection firewalls.

a. Stateful multi-layer inspection (SMLI) firewalls
b. Packet-filtering firewalls
c. Next-generation firewalls (NGFW)
d. Network address translation (NAT) firewalls

4. This involves using data from prior connections and packets from the same connection.
a. Stateful multi-layer inspection (SMLI) firewalls
b. Packet-filtering firewalls
c. Next-generation firewalls (NGFW)
d. Network address translation (NAT) firewalls

5. The risk that attackers could shut down your network if without a firewall.
a. Open access c. Network crashes
b. Lost or compromised data d. None

6. The risk that you’re accepting every connection into your network from anyone if without
a firewall.
a. Open access c. Network crashes
b. Lost or compromised data d. None

7. This is a firewall that keeps track of the state of network connections traveling through
the firewall.
a. Stateful packet inspection c. Packet Filter
b. Proxy Firewall d. None

11 | P a g e
 8. This is a set of rules that allows or denies traffic based on criteria such as IP addresses,
protocols, or ports used.
a. Stateful packet inspection c. Packet Filter
b. Proxy Firewall d. None

9. Multiple Computers can be protected in this type of firewall.

a. Proxy Firewall c. Software Firewall
b. Hardware Firewall d. Windows Defender Firewall

10. Refers to connections coming-in to a specific device (host/server) from a remote

location.
a. Open Access c. Outbound Connections
b. Packet Filter d. Inbound Connections

3. Reflection
Facebook is one of the most popular social media platforms in the world. Although it has
various benefits and is one of the most powerful creations, it also contains many
disadvantages. Some of them are addiction, time-waster, and causes distractions. Person
can lead to spending his precious time on Facebook, rather than doing something
productive. For children to become productive, parents must do something to limit the
usage of these platform at home.

How to limit the usage of social media platform like Facebook? Discuss.

12 | P a g e
 3.1 Scoring Rubric

Needs Approaching Good Excellent

Improvement standards
3Pt 5Pts 7Pts 10Pts
You put
thought into
this, but there
is no real
There is no What you are writing about is What you are writing
evidence of
clear or clear. You answered the about is clear and well-
Ideas and learning.
specific question. Some support may expressed, including
Content More specific
explanation in be lacking, or your sentences specific examples to
information is
answer to the may be a bit awkward. demonstrate what you
needed or
question. Overall, a decent job. learned. Well done!
you need to
follow the
directions
more closely.
Only one term
Your answer included all
from the
the terms from the lesson
lesson is Your answer included several
Use of No terms from that applied to the
used in the terms from the lesson,
terms the lesson are question asked. All terms
answer. Try demonstrating adequate
used. are fully defined and
for a few understanding of the material.
used in the proper
more, next
context.
time.
Some
sentences are
Sentences are Sentences are complete
complete and
Sentence incomplete or and they connect to one
easy to Sentences are complete and
Fluency too long. It another easily when they
understand. able to be understood.
makes reading are read out loud. Your
Others
them difficult. writing 'flows.'
require some
work.
Few end Mistakes Use of punctuation marks and No punctuation or
marks or using end capitals, as well as spelling, is structural mistakes. No
capital letters. marks or mostly correct. Few errors spelling errors. Your
Answers capitals as exist in your answer. writing shows full
Conventions contain well as awareness of the rules of
numerous spelling English use.
spelling or mistakes
structural make the
errors. writing hard to
read.

13 | P a g e
 14 | P a g e
Multiple Choice
1. B
2. B
3. C
4. A
5. C
6. A
7. A
8. C
9. B
10. D
4. Answer Key