A firewall can serve as the platform for IPSec.TThe firewall can protect against attacks that bypass the firewallFA packet filtering firewall is typically configured to filter packets going in both directions.
TOne disadvantage of a packet filtering firewall is its simplicityFThe countermeasure to tiny fragment attacks is to discard packets with an inside source address if the packet arrives on an external interface.FA traditional packet filter makes filtering decisions on an individual packet basis and does not take into consideration any higher layer context.TA prime disadvantage of an application-level gateway is the additional processing overhead on each connection.TThe primary role of the personal firewall is to deny unauthorized remote access to the computer.TA DMZ is one of the internal firewalls protecting the bulk of the enterprise networkFA logical means of implementing an IPSec is in a firewall.TDistributed firewalls protect against internal attacks and provide protection tailored to specific machines and applications.
TAn important aspect of a distributed firewall configuration is security monitoring.TUnlike a firewall, an IPS does not block traffic.FSnort Inline enables Snort to function as an intrusion prevention capability.T_________ control determines the types of Internet services that can be accessed, inbound or outbound.A. Behavior B. DirectionC. Service D. UserService_________ control controls how particular services are used. A. Service B. Behavior C. User D. DirectionBehavior_________ control determines the direction in which particular service requests may be initiated and allowed to flow through the firewall. A. Behavior B. User C. Direction D. ServiceDirection________ control controls access to a service according to which user is attempting to access it. A. User B. Direction C. Service D. BehaviorUserThe _________ defines the transport protocol. A. destination IP address B. source IP address C. interface D. IP protocol fieldIP protocol fieldA __________ gateway sets up two TCP connections, one between itself and a TCP user on an inner host and one between itself and a TCP user on an outside host. A. packet filtering B. stateful inspection C. application-level D. circuit-levelcircuit-level
An example of a circuit-level gateway implementation is the __________ package. A. application-level B. SOCKS C. SMTP D. stateful inspectionSOCKSTypically the systems in the _________ require or foster external connectivity such as a corporate Web site, an e-mail server, or a DNS server. A. DMZ B. IP protocol field C. boundary firewall D. VPNDMZA _________ consists of a set of computers that interconnect by means of a relatively unsecure network and makes use of encryption and special protocols to provide security. A. proxy B. UTM C. VPN D. stateful inspection firewallVPNA _________ configuration involves stand-alone firewall devices plus host-based firewalls working together under a central administrative control. A. packet filtering firewall B. distributed firewall C. personal firewall D. stateful inspection firewalldistributed firewallTypical for SOHO applications, a __________ is a single router between internal and external networks with stateless or full packet filtering. A. single bastion T B. double bastion inline C. screening router D. host-resident firewallscreening router__________ are attacks that attempt to give ordinary users root access. A. Privilege-escalation exploits B. Directory transversals C. File system access D. Modification of system resourcesPrivilege-escalation exploits__________ scans for attack signatures in the context of a traffic stream rather than individual packets. A. Pattern matching B. Protocol anomaly C. Traffic anomaly D. Stateful matchingStateful matching__________ looks for deviation from standards set forth in RFCs. A. Statistical anomaly B. Protocol anomaly C. Pattern matching D. Traffic anomalyProtocol anomalyThe _________ attack is designed to circumvent filtering rules that depend on TCP header information. A. tiny fragment B. address spoofing C. source routing D. bastion hosttiny fragmentWhat are the techniques that firewall use to control access?The four techniques used by firewalls to control access and enforce a security policy are Service control, Direction control, User control and Behavior control.
What are firewall firewall techniques?A Firewall is a security solution for the computers or devices that are connected to a network, they can be either in form of hardware as well as in form of software. It monitors and controls the incoming and outgoing traffic (the amount of data moving across a computer network at any given time ).
|