The firewall may be a single computer system or a set of two or more
systems that cooperate to perform the firewall function. T
A firewall can serve as the platform for IPSec.
T
The firewall can protect against attacks that bypass the firewall
F
A packet filtering firewall is typically configured to filter packets going
in both directions.
T
One disadvantage of a packet filtering firewall is its simplicity
F
The
countermeasure to tiny fragment attacks is to discard packets with
an inside source address if the packet arrives on an external interface.
F
A traditional packet filter makes filtering decisions on an individual
packet basis and does not take into consideration any higher layer context.
T
A prime disadvantage of an application-level gateway is the additional
processing overhead on each connection.
T
The primary role of the personal firewall is to deny unauthorized
remote access to the computer.
T
A DMZ is one of the internal firewalls protecting the bulk of the
enterprise network
F
A logical means of implementing an IPSec is in a firewall.
T
Distributed firewalls protect against internal attacks and provide
protection tailored to specific machines and applications.
T
An important aspect of a distributed firewall configuration is security
monitoring.
T
Unlike a firewall, an IPS does not block traffic.
F
Snort Inline enables Snort to
function as an intrusion prevention
capability.
T
_________ control determines the types of Internet services that can be accessed, inbound or outbound.
A. Behavior B. Direction
C. Service D. User
Service
_________ control controls how particular services are used.
A. Service B. Behavior
C. User D. Direction
Behavior
_________ control determines the direction in which particular service requests may be initiated and allowed to flow through the firewall.
A. Behavior B. User
C. Direction D. Service
Direction
________ control controls access to a service according to which user is attempting to access it.
A. User B. Direction
C. Service D. Behavior
User
The _________ defines the transport protocol.
A. destination IP address B. source IP address
C. interface D. IP protocol field
IP protocol field
A __________ gateway sets up two TCP connections, one between itself and a TCP user on an inner host and one between itself and a TCP user on an outside host.
A. packet filtering B. stateful inspection
C. application-level D. circuit-level
circuit-level
An example of a circuit-level gateway implementation is the __________ package.
A. application-level B. SOCKS
C. SMTP D. stateful inspection
SOCKS
Typically the systems in the _________ require or foster external connectivity such as a corporate Web site, an e-mail server, or a DNS server.
A. DMZ B. IP protocol field
C. boundary firewall D. VPN
DMZ
A _________ consists of a set of computers that interconnect by means of a relatively unsecure network and makes use of encryption and special protocols to provide security.
A. proxy B. UTM
C. VPN D. stateful inspection firewall
VPN
A _________ configuration involves stand-alone firewall devices plus host-based firewalls working together under a central administrative control.
A. packet filtering firewall B. distributed firewall
C. personal firewall D. stateful inspection firewall
distributed firewall
Typical for SOHO applications, a __________ is a single router between internal and external networks with stateless or full packet filtering.
A. single bastion T B. double bastion inline
C. screening router D. host-resident firewall
screening router
__________ are attacks that attempt to give ordinary users root access.
A. Privilege-escalation exploits B. Directory transversals
C. File system access D. Modification of system resources
Privilege-escalation exploits
__________ scans for attack signatures in the context of a traffic stream rather than individual packets.
A. Pattern matching B. Protocol anomaly
C. Traffic anomaly D. Stateful matching
Stateful matching
__________ looks for deviation from standards set forth in RFCs.
A. Statistical anomaly B. Protocol anomaly
C. Pattern matching D. Traffic anomaly
Protocol anomaly
The _________ attack is designed to circumvent filtering rules that depend on TCP header information.
A. tiny fragment B. address spoofing
C. source routing D. bastion host
tiny fragment
What are the techniques that firewall use to control access?
The four techniques used by firewalls to control access and enforce a security policy are Service control, Direction control, User control and Behavior control.
What are firewall firewall techniques?
A Firewall is a security solution for the computers or devices that are connected to a network, they can be either in form of hardware as well as in form of software. It monitors and controls the incoming and outgoing traffic (the amount of data moving across a computer network at any given time ).