Computer Networks and Firewall Systems

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the main goal of a firewall?

To allow unauthorized traffic to pass through
To slow down Internet traffic
To protect the network premises from Internet-based attacks (correct)
To monitor all incoming and outgoing traffic

What is the primary function of a stateful inspection firewall?

To act as an application proxy
To relay TCP segments
To block incoming traffic to high-numbered ports
To create a directory of outbound TCP connections (correct)

Which firewall technique determines the types of Internet services that can be accessed?

User control
Behavior control
Direction control
Service control (correct)

What is another name for a highly secured computer system that is exposed to the Internet and is used to protect the internal network?

Bastion Host (A) Signup and view all the answers

What is an application-level gateway also known as?

Application proxy (C) Signup and view all the answers

What type of firewall applies a set of rules to each incoming and outgoing IP packet?

Packet filtering firewall (D) Signup and view all the answers

What is a common implementation of firewall functionality?

As a software module in a router or LAN switch (B) Signup and view all the answers

Which type of firewall is used to control traffic at the session layer of the OSI model?

Circuit-level proxy firewall (C) Signup and view all the answers

What type of firewall acts as an intermediary between a client and a server?

Application proxy firewall (D) Signup and view all the answers

What is a bastion host typically used for?

As a platform for an application-level or circuit-level gateway (D) Signup and view all the answers

What is the primary purpose of a firewall?

To determine which connections should be allowed (C) Signup and view all the answers

What is the primary function of a circuit-level gateway?

To relay TCP segments without examining the contents (B) Signup and view all the answers

Which type of firewall monitors the status of network connections?

Stateful inspection firewall (C) Signup and view all the answers

What is the main purpose of using RBAC models?

To assign access rights to roles instead of individual users (C) Signup and view all the answers

What is the primary characteristic of a bastion host?

It is a critical strong point in the network's security (B) Signup and view all the answers

What is the purpose of an application-level gateway in terms of security?

To act as a relay of application-level traffic (A) Signup and view all the answers

What is the primary function of a host-based firewall?

To filter and restrict the flow of packets (A) Signup and view all the answers

What type of firewall is typically used to secure a server?

Host-based firewall (C) Signup and view all the answers

What is the purpose of a DMZ network?

To house systems that are externally accessible but need some protection (B) Signup and view all the answers

What is a characteristic of a virtual private network (VPN)?

It makes use of encryption and special protocols for security (D) Signup and view all the answers

What is the role of a firewall in a network?

To provide a protective barrier between an external source and an internal network (B) Signup and view all the answers

What is the primary function of a personal firewall?

To deny unauthorized remote access to a computer (D) Signup and view all the answers

What is a common location of a host-based firewall?

On a server (D) Signup and view all the answers

What is the purpose of a firewall in a DMZ network?

To house systems that are externally accessible but need some protection (C) Signup and view all the answers

Study Notes

Firewall Types

Stateful Inspection Firewall: Creates a directory of outbound TCP connections, allowing incoming traffic to high-numbered ports only for packets that fit the profile of one of the entries in the directory.
Application-Level Gateway (Proxy): Acts as a relay of application-level traffic, asking users for the name of the remote host to be accessed and relaying TCP segments.
Circuit-Level Gateway (Proxy): Does not permit an end-to-end TCP connection, setting up two connections: one between the gateway and a TCP user on an inner host, and one between the gateway and a TCP user on an outside host.

Firewall Basing and Locations

Firewall Basing: Can be implemented on a stand-alone machine running a common operating system, such as UNIX or Linux, or as a software module in a router or LAN switch.
Bastion Host: A system identified by the firewall administrator as a critical strong point in the network's security, typically serving as a platform for an application-level or circuit-level gateway.
Firewall Location: Positioned to provide a protective barrier between an external (potentially untrusted) source of traffic and an internal network.

Firewall Techniques and Configurations

Firewall Techniques: Service control, direction control, user control, and behavior control are used to restrict access to services.
Firewall Configurations: Can include a DMZ (demilitarized zone) network, which is an external network that separates the enterprise network from the Internet.
Virtual Private Networks (VPN): A set of computers that interconnect by unsecure network and make use of encryption and special protocols for security.

Other

RBAC (Role-Based Access Control) Models: Define a role as a job function within an organization, assigning access rights to roles instead of individual users.
Packet Filtering Firewall: Applies a set of rules to each incoming and outgoing IP packet and then forwards or discards it.