Cyber Security Chapter-3: Network Defense Tools Firewalls Basics

Questions and Answers

PDF Questions PDF Answers

What is the primary purpose of a firewall?

To slow down internet traffic

To allow unrestricted access to all network traffic

To secure the inside network from external threats (correct)

To increase network speed

How does a firewall control traffic flow?

By increasing the speed of data transmission

It has no control over traffic flow

Based on predefined rules set in the firewall (correct)

By randomly allowing or denying traffic

Which networks are typically separated by a firewall?

School networks from corporate networks

LAN from WAN

Two external networks

Internal network from the internet (correct)

Based on the text, what is one of the methodologies that firewalls use to filter traffic?

Filtering based on source and destination addresses

Which statement describes the function of a firewall accurately?

Firewalls protect one side from the other side

How does a firewall influence the flow of traffic between two networks?

By controlling traffic based on specified rules

What is a limitation of circuit-level gateways mentioned in the text?

They do not check the packet content

Which type of firewall combines packet inspection technology with TCP handshake verification for enhanced protection?

Stateful Inspection Firewalls

What distinguishes Application Level Firewalls from other types of firewalls?

They operate at the application level

Which feature is NOT commonly associated with Next-Generation Firewalls?

Packet filtering based on source IP

Why do Stateful Inspection Firewalls put more strain on computing resources compared to circuit-level gateways?

Due to combining packet inspection and TCP handshake verification

In what scenario would a packet with malware but correct TCP handshake pass through circuit-level gateways?

If the correct TCP handshake is present

What is a big benefit of using cloud-based firewalls?

Scalability with organizational growth

What is the role of a proxy in a network transaction?

Act as a middle-man

Which statement is true about firewalls and proxies?

Firewalls involve proxies to manage network transactions.

What distinguishes cloud firewalls from hardware firewalls?

Scalability

Which network component does not know about the address space on the other side of the firewall?

Firewall

What type of program is required for each protocol or network transaction in a firewall setup?

Specific proxy program

What are the important components of a firewall rule?

Action, packet attributes, direction of the rule, and type of source

Which type of firewall filtering does not remember information about passing packets?

Stateless packet filtering

What is a potential drawback of stateless firewalls?

They are easily fooled by hackers

In a firewall rule, what does 'deny proto icmp type 8:0 from any to 192.168.1.0/24' indicate?

Denying ICMP 'ping' traffic to subnet 192.168.1.0/24

What would be the correct rule to allow incoming web traffic to 192.168.1.50?

allow proto tcp from any to 192.168.1.50:80

Why are stateful firewalls considered smarter than stateless firewalls?

Stateful firewalls remember information about previous packets

What is the primary function of proxy firewalls?

To filter incoming traffic between the network and the traffic source

How do proxy firewalls differ from stateful inspection firewalls?

Proxy firewalls perform deep packet inspection, checking the actual contents

What is the advantage of proxy firewalls in terms of network security?

They create an extra layer of separation, obscuring devices on the network

What is a potential drawback of using proxy firewalls?

They may create significant network slowdown due to extra steps

What is the primary purpose of circuit-level gateways?

To quickly approve or deny traffic without consuming significant resources

What does the TCP handshake verification performed by circuit-level gateways aim to achieve?

To ensure that the session the packet is from is legitimate