Principles of Information Security Ch. 6

ITS-221 Chapter 6

Review Questions

1. What is the typical relationship among the untrusted network, the firewall, and the trusted network?

2. What is the relationship between a TCP and UDP packet? Will any specific transaction usually involve both types of packets?

3. How is an application layer firewall different from a packet-filtering firewall? Why is an application layer firewall sometimes called a proxy server?

4. How is static filtering different from dynamic filtering of packets? Which is perceived to offer improved security?

5. What is stateful inspection? How is state information maintained during a network connection or transaction?

6. What is a circuit gateway, and how does it differ from the other forms of firewalls?

7. What special function does a cache server perform? Why is this useful for larger organizations?

8. Describe how the various types of firewalls interact with the network traffic at various levels of the OSI model.

9. What is a hybrid firewall?

10. List the five generations of firewall technology. Which generations are still in common use?

11. How does a commercial-grade firewall appliance differ from a commercial-grade firewall system? Why is this difference significant?

Firewall appliances are stand-alone, self-contained combinations of computing hardware and software which frequently have many of the features of a general-purpose computer with the addition of firmware-based instructions that increase reliability and minimize the likelihood of being compromised. Firewall systems consist of application software that is configured for the firewall application and run on a general-purpose computer.

12. Explain the basic technology that makes residential/SOHO firewall appliances effective in protecting a local network. Why is this usually adequate for protection?

Residential/SOHO devices are also known as broadband gateways or DSL/cable modem routers. These...