8.3 Firewall Design and Implementation

Your page rank:

Total word count: 711
Pages: 3

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

You want to maintain tight security on your internal network, so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?

53

Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2012 system using TCP/IP port 21.

Which of the following actions is the remote system most likely to be performing?

Downloading a file

You want to allow your users to download files from a server running the TCP/IP protocol. You want to require user authentication to gain access to specific directories on the server.

Which TCP/IP protocol should you implement to provide this capability?

FTP

After blocking a number of ports to secure your server, you are unable to send email. To allow email service which of the following needs to be done?

Open port 25 to allow SMTP service

You administer a web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.testsim.com. You configured the website as follows:

IP address: 192.168.23.8
HTTP Port: 1030
SSL Port: 443

Users complain that they can’t connect to the website when they type www.westsim.com. What is the most likely source of the problem?

The HTTP port should be changed to 80

You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users.

Which solution should you use?

Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.

You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? (select all that apply)

Source address of a packet Port number Destination address of a packet

Which of the following describes how access lists can be used to improve network security?

An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.

You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accesible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information.

How should you place devices on the network to best protect the servers? (select two)

Put the Web server inside the DMZ Put the database server on the private network

When designing a firewall, what is the recommend approach for opening and closing ports?

Close all ports; open only ports required by applications inside the DMZ

Operate at Layer 2

Virtual firewall

Operates at Layer 3

Router firewall

Contains a hop in the path between hosts

Routed firewall

Does not count as a hop in the path between hosts

Virtual firewall

Each interface connects to a different network

Routed firewall

Your Cisco router has three network interfaces configured:

-S0/1/0 is a WAN interface that is connected to an ISP.
-F0/0 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24.
-F0/1 is connected to an Ethernet LAN segment with a network address of 192.168.2.0/24.

You have configured an access control list on this router using the following rules:

-deny IP 192.168.1.0 0.0.0.255 any
-deny IP 192.168.2.0 0.0.0.255 any

These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks.

However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface.

What should you do?

Add a permit statement to the bottom of the access list

Which firewall implementation creates a buffer network that can be used to host email or web servers?

DMZ

Which of the following are true about routed firewalls? (select two)

Supports multiple interfaces Counts as a router hop

Packet Filtering Firewall

OSI Layer 3

Circuit-level Proxy

OSI Layer 5

Application level Gateway

OSI Layer 7

Routed Firewall

OSI Layer 3

Transparent Firewall

OSI Layer 2

Each interfaces connects to the same network segment

virtual firewall

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending