1.6 – Windows Networking - Configuring Windows Firewall

Questions and Answers

What is the primary function of Windows Defender Firewall?

• To prevent unauthorized access to the system. (correct)
• To manage application updates.
• To monitor hardware performance.
• To speed up network connections.

Under what condition should Windows Defender Firewall be enabled?

• Only when installing new software.
• Only when experiencing network issues.
• Only when using a public Wi-Fi network.
• Always, to protect against unauthorized access. (correct)

Which of the following is required to make changes to the Windows Defender Firewall configuration?

• Guest account.
• Standard user account.
• No special permissions are needed.
• Elevated permissions. (correct)

What are the two main network security postures in Windows Defender Firewall?

Private and Public. (A)

How does Windows Defender Firewall adapt its security settings when you connect to a public Wi-Fi network?

It prevents local network access to your resources. (A)

What does blocking all incoming connections in Windows Defender Firewall achieve?

It prevents all network access to your system. (B)

What does a host-based firewall like Windows Defender Firewall monitor?

Applications running on the system. (C)

When would you create a custom firewall rule in Windows Defender Firewall?

To specify unique criteria for allowing or disallowing access. (C)

If you want to allow remote desktop access only when you are on your home network, what setting would you configure in Windows Defender Firewall?

Enable remote desktop only on the private network. (A)

In the advanced settings of Windows Defender Firewall, what type of rules can you configure to manage network traffic?

Both inbound and outbound rules. (A)

What is the purpose of specifying a port number when creating a custom firewall rule?

To allow or disallow a specific type of network traffic. (D)

What are the three options you can choose when configuring how Windows Defender Firewall handles a connection in a custom rule?

Allow, block, or require IPsec authentication. (B)

If you create a firewall rule to allow inbound web server traffic on port 80 and 443, and deselect 'Public' network, on which networks will the rule apply?

Only on domain and private networks. (C)

What is the first step to allowing a specific app through the Windows Defender Firewall?

Access Windows Defender Firewall through the Control Panel. (A)

If you want to create a firewall rule that only applies when your computer is connected to your company's network, which network location type should you select?

Domain. (D)

Where can you find the advanced settings to customize inbound and outbound rules in Windows Defender Firewall?

In the main Windows Defender Firewall settings screen. (D)

If an application is being blocked by the firewall, how can you allow it to communicate on a private network?

By enabling the application for private networks in the allowed apps list. (B)

When creating a new inbound rule based on a port, what does Windows Defender Firewall ask you to specify?

Whether the port uses TCP or UDP. (D)

What would be the most secure setting for handling connections in a custom firewall rule if you are unsure about the safety of the traffic?

Block the connection. (D)

Which of the following actions will reset all firewall settings to their original configurations?

Restoring defaults in Windows Defender Firewall. (B)

Flashcards

Windows Defender Firewall

Integrated into Windows to prevent unauthorized system access; should always be enabled.

Public and Private Networks

Security configuration profiles in Windows Defender Firewall that adapt to different network environments (home vs. public Wi-Fi).

Block All Incoming Connections

An option to completely block all incoming connections, useful for high-security environments.

Firewall Connection Notifications

Notifications Windows gives when programs try to connect to your system, which can be enabled or disabled.

Host-Based Firewall

A firewall that monitors applications running on your system, controlling network access on a per-application basis.

Application Access Customization

Customizable settings to specify which applications are allowed or disallowed access on private or public networks.

Firewall Rule Customization

Options to specify ports for allowing or disallowing access, along with predefined exceptions and custom rule creation.

Accessing Firewall Settings

Access to the Windows Defender Firewall settings.

Inbound Rule

A type of firewall rule that filters traffic coming into your network.

Port Number

A communications endpoint in a network to which services are directed.

TCP (Transmission Control Protocol)

A protocol used for reliable communication over an IP network.

Firewall Rule Actions

Allow access to a service. Allow only if secure, or Block.

IPSec

A secure set of protocols used to provide a private and authenticated connection over a network.

Network Scope for Rules

Applying a firewall rule to only domain and private networks.

Study Notes

• Windows has an integrated firewall called Windows Defender Firewall.
• It should always be enabled.
• Elevated permissions are required to change configuration settings.

Network Security Postures

• Windows Defender Firewall has different security postures for different networks.
• It recognizes when a computer is on a public versus a private network.
• Private networks automatically allow other devices on the local network to connect for file or application sharing.
• Public networks change the security posture to prevent unauthorized access to resources.
• Windows Defender Firewall allows customization of public and private configurations.

Customization Options

• The customized settings screen includes an option to block all incoming connections, even for allowed apps.
• This prevents anyone on the network from gaining access to your system/applications.
• Notifications can be enabled or disabled to inform users when applications try to connect.
• As a host-based firewall, Windows Defender Firewall is aware of all applications currently running.
• Security settings can be customized to allow or disallow application access from other network users.
• A list of applications can be enabled or disabled for either private or public network access.
• Customization can extend to specifying a particular port number to allow or disallow access.
• There are predefined exceptions or firewall rules.
• Custom firewall rules that include a number of different criteria to allow or disallow access can be configured.
• Defender Firewall is identical in Windows 10 and Windows 11.
• The Windows Defender Firewall control panel allows users to:
  • Allow an app or feature through the firewall
  • Change notification settings
  • Turn on or off the firewall
  • Restore default settings
  • Customize rules using advanced settings

Firewall Rules

• A simple firewall rule can enable remote desktop access on private or public networks.
• Advanced settings offer more options for configuring firewall rules.
• Inbound rules are preconfigured and deal with specific applications.
• Firewall rule creation includes a number of configurable options.
• Rules can be applied to specific applications.
• Rules can be created based on TCP or UDP ports.
• Rules can allow a connection, allow a secure connection, or block a connection.
• Rules can be applied to domain, private, or public networks.
• When creating a rule, Defender Firewall requests a name for the rule.