8.1 Firewalls

Which of the following prevents access based on website ratings and classifications?
Content filter
You manage a server that runs your company website. The web server has reached its capacity, and the number of clients requests is greater than the server can handle.

You would like to find a solution so that static web content can be offloaded to a different server, while the web server continues to process dynamic content.

Which solution should you implement?

Proxy Server
Based on the diagram, which type of proxy server is handling the client’s request?
Reverse Proxy Server
Which of the following network services or protocols uses TCP/IP port 22?
SSH
Which port number is used by SNMP?
161
Which protocols and port numbers are used by BOOTP/DHCP?
TCP 67

UDP 67

To increase security on your company’s internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions.

Which port needs to be enabled to allow secure transactions?

443
You are monitoring network traffic on your network and you see a large amount of traffic between a Windows workstation and a Windows server on the following ports:

-137
-138
-139

What is the source of this network traffic?

The workstation is using NetBIOS to access shared resources on the server.
You are monitoring network traffic on your network, and you see traffic between two network hosts on port 2427.

What is the source on this network traffic?

Someone is using Voice over IP (VoIP) to make a telephone call.
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling.

You want to protect the laptop from Internet-based attacks.

Which solution should you use?

Host-based firewall
You have just installed a packet-filtering firewall on your network. Which options will you be able to set on your firewall?
Destination address of a packet.

Source address of a packet.

Port number.

You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs.

Which type of firewall should you install?

Application-level
A small startup company has hired you to harden their new network.

Because funds are limited, you have decided to implement a unified treat management (UTM) device that provides multiple security features in a single network appliance:

-Firewall
-VPN
-Anti-spam
-Antivirus

You join the UTM device to the company’s Active Directory domain. The company’s traveling sales force will use the VPN functionality provided by the UTM device to connect to the internal company network from hotel and airport public WiFi networks.

What weaknesses exist in this implementation?

The UTM represents a single point of failure.
Match the firewall on the right with the OSI layer at which it operates.
Packet Filtering – OSI Layer 3

Circuit-level proxy – OSI Layer 5

Application-level gateway – OSI Layer 7

Routed Firewall – OSI layer 3

Transparent Firewall – OSI layer 2