1. Which is a characteristic of a packet filtering firewall?
- They are a stateful firewall.
- They implement simple permit or deny rule sets.
- They do not reliably filter fragmented packets.
- They are not susceptible to IP spoofing.
Explanation: There are several advantages of using a packet filtering firewall:
- Packet filters implement simple permit or deny rule sets.
- Packet filters have a low impact on network performance.
- Packet filters are easy to implement, and are supported by most routers.
- Packet filters provide an initial degree of security at the network layer.
- Packet filters perform almost all the tasks of a high-end firewall at a much lower cost.
2. True or False:
Packet filters cannot dynamically filter certain services.
- True
- False
Explanation: Packet filters cannot dynamically filter certain services. For example, sessions that use dynamic port negotiations are difficult to filter without opening access to a whole range of ports.
3. Which Windows Defender profile is suited for a home environment?
- Private
- Domain
- Public
Explanation: Access to public networks is assigned the restrictive Public firewall profile. The Private profile is for computers that are isolated from the internet by other security devices, such as a home router with firewall functionality. The Domain profile is chosen for connections to a trusted network, such as a business network that is assumed to have an adequate security infrastructure.
4. A host based firewall uses a virtual machine within which code is executed. The code inspects network packets and implements decision rules regarding packet acceptance and forwarding. Which host based firewall does this describe?
- Transparent firewall
- nftables
- Windows Defender
- Application Gateway Firewall
Explanation: Nftables is a Linux firewall application that uses a simple virtual machine in the Linux kernel. Code is executed within the virtual machine that inspects network packets and implements decision rules regarding packet acceptance and forwarding.
5. Which Microsoft Windows 10 tool has built-in virus and spyware protection?
- Application Gateway Firewall
- Windows Defender
- Transparent Firewall
- Next Generation Firewall
Explanation: Windows has built-in virus and spyware protection called Windows Defender. Windows Defender is turned on by default to provide real-time protection against infection.
6. Match the antimalware program with the respective description.
Explanation: Place the options in the following order:
| Spyware protection | This program scans for keyloggers. |
| Trusted / untrusted sources | This program warns you about unsafe programs about to be installed and unsafe websites before they are visited. |
| Antivirus protection | This program continuously monitors for viruses. When a virus is detected, the user is warned, and the program attempts to quarantine or delete the virus. |
| Phishing protection | This program blocks the IP addresses of known phishing websites and warns the user about suspicious sites. |
| Adware protection | This program continuously looks for programs that display commercial endorsements on your computer. |