Module 9: Quiz – Firewall Technologies (Answers) Network Security

1. What is one benefit of using a next-generation firewall rather than a stateful firewall?

  • reactive protection against Internet threats
  • support of TCP-based packet filtering
  • support of logging
  • integrated use of an intrusion prevention system (IPS)

Explanation: Stateful firewalls and next-generation firewalls provide better log information than a packet filtering firewall, both defend against spoofing, and both filter unwanted traffic. Next-generation firewalls provide the following benefits over stateful firewalls:

  • Granularity control within application​s
  • Website and application traffic filtering based on site reputation
  • Proactive rather than reactive protection from Internet threats
  • Enforcement of security policies based on multiple criteria including user, device, role, application, and threat profile
  • Improved performance with NAT, VPN, and stateful inspections
  • Integrated IPS

2. Which three layers of the OSI model include information that is commonly inspected by a stateful firewall? (Choose three.)

  • Layer 1
  • Layer 7
  • Layer 3
  • Layer 4
  • Layer 5
  • Layer 2

Explanation: A stateful firewall provides filtering at the network layer, but also analyzes traffic at OSI Layer 4 and Layer 5.

3. Which statement is a characteristic of a packet filtering firewall?

  • They filter fragmented packets.
  • They have a high impact on network performance.
  • They are susceptible to IP spoofing.
  • They examine each packet in the context of the state of a connection.

Explanation: Packet filtering firewalls have a low impact on network performance. They are stateless, examining each packet individually and they do not filter fragmented packets well.

4. Which type of firewall is supported by most routers and is the easiest to implement?

  • packet filtering firewall
  • next generation firewall
  • stateful firewall
  • application gateway firewall

Explanation: A packet filtering firewall uses a simple policy table look-up that filters traffic based on specific criteria and is considered the easiest firewall to implement.

5. Which type of traffic is usually blocked when implementing a demilitarized zone?

  • traffic that is returning from the public network and traveling to the DMZ network
  • traffic originating from the private network and traveling to the DMZ network
  • traffic originating from the DMZ network and traveling to the private network
  • traffic that is returning from the DMZ network and traveling to the private network

Explanation: A firewall will usually block traffic that is originating from the DMZ network and traveling to the private network. If traffic originated from the private network and the DMZ is sending returning traffic to the private network, then it will be allowed.

6. What are two characteristics of an application gateway firewall? (Choose two.)

  • Provides an integrated intrusion prevention and detection feature.
  • Performs most filtering and firewall control in software.
  • Uses a simple policy table look-up to filter traffic based on Layer 3 and Layer 4 information.
  • Analyzes traffic at Layers 3, 4, 5 and 7 of the OSI model.
  • Uses connection information maintained in a state table and analyzes traffic at OSI Layers 3, 4, and 5.

Explanation: An application gateway firewall is able to filter information at Layers 3, 4, 5, and 7 of the OSI reference model. When using this type of firewall, most firewall control and filtering is done in software.

7. Which type of firewall generally has a low impact on network performance?

  • next generation firewall
  • application gateway firewall
  • stateful firewall
  • stateless firewall

Explanation: A stateless firewall uses a simple policy table look-up that filters traffic based on specific criteria and causes minimal impact on network performance.

8. Which type of firewall is commonly part of a router firewall and allows or blocks traffic based on Layer 3 or 4 information?

  • next generation firewall
  • stateful firewall
  • packet filtering firewall
  • proxy firewall

Explanation: A packet filtering firewall uses a simple policy table look-up that filters traffic based on specific criteria. These firewalls are usually part of a router firewall. They permit or deny traffic based on Layer 3 and Layer 4 information.

9. How does a firewall handle traffic that is originating from the DMZ network and traveling to a private network?

  • Traffic is usually blocked when it is originating from the DMZ network and traveling to a private network.
  • Traffic is usually not filtered using firewall rules when it is originating from the DMZ network and traveling to a private network.
  • Traffic is usually allowed when it is originating from the DMZ network and traveling to a private network.
  • Traffic is allowed when it is originating from the private network, but the response traffic from the DMZ network will be blocked.

Explanation: A firewall will usually block traffic that is originating from the DMZ network and traveling to the private network. If traffic originated from the private network and the DMZ is sending returning traffic to the private network, then it will be allowed.

10. Which two protocols are stateless and do not generate connection information needed to build a state table? (Choose two.)

  • TCP
  • HTTP
  • UDP
  • FTP
  • ICMP

Explanation: Connectionless protocols, such as ICMP and UDP, are not stateful and do not generate connection information for a state table.

11. What are two benefits of implementing a firewall in a network? (Choose two.)

  • A firewall will inspect network traffic and forward traffic based solely on the Layer 2 Ethernet MAC address.
  • A firewall will sanitize protocol flow.
  • A firewall will prevent unauthorized traffic from being tunneled or hidden as legitimate traffic through an enteprise network.
  • A firewall will provide accessibility of applications and sensitive resources to external untrusted users.
  • A firewall will reduce security management complexity.

Explanation: There are several benefits of using a firewall in a network:

  • It prevents the exposure of sensitive hosts, resources, and applications to untrusted users.
  • It sanitizes protocol flow, which prevents the exploitation of protocol flaws.
  • It blocks malicious data from servers and clients.
  • It reduces security management complexity by off-loading most of the network access control to a few firewalls in the network.

12. When implementing a ZPF, which statement describes a zone?

  • A zone is a group of hardened computers known as bastion hosts.
  • A zone is a group of one or more devices that provide backup and disaster recovery mechanisms.
  • A zone is a group of administrative devices that protect against rogue access point installations.
  • A zone is a group of one or more interfaces that have similar functions or features.

Explanation: When implementing a zone-based policy firewall (ZPF), a zone is a group of one or more interfaces that have similar functions or features.


Related Articles

guest
0 Comments
Inline Feedbacks
View all comments