Cyber Security Chapter-3: Network Defense Tools Firewalls Basics

Questions and Answers

What is the primary purpose of a firewall?

To slow down internet traffic

To allow unrestricted access to all network traffic

To secure the inside network from external threats (correct)

To increase network speed

How does a firewall control traffic flow?

By increasing the speed of data transmission

It has no control over traffic flow

Based on predefined rules set in the firewall (correct)

By randomly allowing or denying traffic

Which networks are typically separated by a firewall?

School networks from corporate networks

LAN from WAN

Two external networks

Internal network from the internet (correct)

Based on the text, what is one of the methodologies that firewalls use to filter traffic?

Filtering based on source and destination addresses (B)

Which statement describes the function of a firewall accurately?

Firewalls protect one side from the other side (B)

How does a firewall influence the flow of traffic between two networks?

By controlling traffic based on specified rules (C)

What is a limitation of circuit-level gateways mentioned in the text?

They do not check the packet content (D)

Which type of firewall combines packet inspection technology with TCP handshake verification for enhanced protection?

Stateful Inspection Firewalls (D)

What distinguishes Application Level Firewalls from other types of firewalls?

They operate at the application level (B)

Which feature is NOT commonly associated with Next-Generation Firewalls?

Packet filtering based on source IP (A)

Why do Stateful Inspection Firewalls put more strain on computing resources compared to circuit-level gateways?

Due to combining packet inspection and TCP handshake verification (C)

In what scenario would a packet with malware but correct TCP handshake pass through circuit-level gateways?

If the correct TCP handshake is present (D)

What is a big benefit of using cloud-based firewalls?

Scalability with organizational growth (C)

What is the role of a proxy in a network transaction?

Act as a middle-man (A)

Which statement is true about firewalls and proxies?

Firewalls involve proxies to manage network transactions. (A)

What distinguishes cloud firewalls from hardware firewalls?

Scalability (B)

Which network component does not know about the address space on the other side of the firewall?

Firewall (B)

What type of program is required for each protocol or network transaction in a firewall setup?

Specific proxy program (A)

What are the important components of a firewall rule?

Action, packet attributes, direction of the rule, and type of source (B)

Which type of firewall filtering does not remember information about passing packets?

Stateless packet filtering (A)

What is a potential drawback of stateless firewalls?

They are easily fooled by hackers (A)

In a firewall rule, what does 'deny proto icmp type 8:0 from any to 192.168.1.0/24' indicate?

Denying ICMP 'ping' traffic to subnet 192.168.1.0/24 (A)

What would be the correct rule to allow incoming web traffic to 192.168.1.50?

allow proto tcp from any to 192.168.1.50:80 (A)

Why are stateful firewalls considered smarter than stateless firewalls?

Stateful firewalls remember information about previous packets (C)

What is the primary function of proxy firewalls?

To filter incoming traffic between the network and the traffic source (D)

How do proxy firewalls differ from stateful inspection firewalls?

Proxy firewalls perform deep packet inspection, checking the actual contents (D)

What is the advantage of proxy firewalls in terms of network security?

They create an extra layer of separation, obscuring devices on the network (B)

What is a potential drawback of using proxy firewalls?

They may create significant network slowdown due to extra steps (B)

What is the primary purpose of circuit-level gateways?

To quickly approve or deny traffic without consuming significant resources (A)

What does the TCP handshake verification performed by circuit-level gateways aim to achieve?

To ensure that the session the packet is from is legitimate (B)