| 1: |
What restrictions are typically placed on clients inside a
corporate network, in terms of what Internet-based servers they are allowed to
use? |
| A1: |
Answer: Although the answer is
somewhat subjective, most of the time, clients inside a company can connect to
any Internet servers that they want to connect to. |
| 2: |
What restrictions are typically placed on clients on the
Internet who want to connect to servers inside a corporate network, assuming
that corporation uses a firewall? |
| A2: |
Answer: The corporate firewall
typically prevents Internet-based clients from connecting to servers inside the
corporate network, except for those servers that are intended specifically for
use by the general public. |
| 3: |
How does a firewall figure out the IP address of a host that is
trying to initiate a new TCP connection? |
| A3: |
Answer: The firewall looks at
TCP segments that have the TCP SYN flag set, and only that flag. That segment is
the first segment in a new TCP connection. The firewall then simply looks at the
source IP address of the packet. |
| 4: |
How does a firewall figure out what application protocol is
being used? |
| A4: |
Answer: The firewall looks at
TCP segments that have the TCP SYN flag set, and only that flag. That segment is
the first segment in a new TCP connection. The firewall looks at the destination
TCP port number, which is the well-known port that particular application
protocol uses. |
| 5: |
What term does a firewall typically use to refer to the
corporate network? |
| A5: |
Answer: The inside
network |
| 6: |
What term does a firewall typically use to refer to a small LAN
that is less secure than the internal corporate network, but more secure than
the Internet connection? |
| A6: |
Answer: The DMZ |
| 7: |
Consider the following statement: "Firewalls let packets go
from the corporate network to the Internet, but they do not let packets go from
the Internet back to the corporate network." State whether you agree or
disagree, and explain why. |
| A7: |
Answer: Disagree. Firewalls
let packets through in both directions because packets must flow in both
directions for an application to be useful. Firewalls allow packets in both
directions, but only for packets that meet the rules configured on the
firewall. |
| 8: |
What does IDS stand for? |
| A8: |
Answer: Intrusion detection
system |
| 9: |
Comparing network-based IDS devices and firewalls, which one is
typically in the path through which packets are forwarded? |
| A9: |
Answer: Firewall |
| 10: |
Define "signature" in terms of use with IDS and anti-virus
software. |
| A10: |
Answer: The word "signature"
refers to the description of which packets and files look like attempts by a
cracker to deny service or to put a virus on a computer. |
| 11: |
Which two TCP/IP applications most often allow the transfer of
files to a computer, with those files possibly containing a computer
virus? |
| A11: |
Answer: Web (HTTP) and e-mail
(POP3) |
Sections
Comments (0 posted)
Syndication
