When to use layer 4 and when to use layer 7 firewall? When to use both?
Added by Nuria L.
Step 1
Let's think step by step. Show more…
Show all steps
Your feedback will help us improve your experience
Akash M and 99 other AP CS educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
CASE STUDY - Firewall Lab Your company has just added a connection to the Internet. You wish to host your own Web server. You will need to allow HTTP and HTTPS to the Web server from the Internet. You will also maintain your own email server. The internal email server should only communicate with the Mail Relay host on your DMZ on SMTP. The only protocol the Mail Relay server should accept is SMTP and POP3. The Mail Relay should also be able to send mail out via SMTP and POP3. Customers query your Web server about the availability of products. Since your SQL server is on the Private LAN, you must allow the Web server to send SQL queries to it. SQL uses ports TCP 1433, 1434 and UDP 1433, 1434. All employees should be able to browse the Web from the internal networks. Because your boss is concerned about employees sending sensitive files out from your network, only two workstations are allowed to FTP files out. Those same workstations are the only two that will be allowed to use Telnet. (192.168.1.130 and 192.168.1.131.) Server IP address Assignments: Firewall Outside Interface 1.1.1.1 Inside Interface 192.168.1.1 DMZ Interface 192.168.2.1 Web Server 192.168.2.2 Firewall Lab - Lab 4 (12 points) Mail Server 192.168.1.2 Mail Relay Server 192.168.2.3 SQL Server 192.168.1.3 Internal Network 192.168.1.0 Netmask 255.255.255.0 Workstation-1 192.168.1.130 Workstation-2 192.168.1.131
Akash M.
Compare and contrast firewalls and intrusion prevention systems in terms of purpose, functionality, granularity and use cases.
Which of these ports would you be least likely to find open to a native service on a Linux host? a) 139 b) 53 c) 22 d) 443 2. What is the netmask of the network associated with host 128.227.224.196 having 8,190 hosts? a) 255.255.255.192 b) 255.255.192.0 c) 255.255.224.0 d) 255.255.255.0 3. Which of these precautions will not interfere with a traditional SSLStrip attack from working? a) Disallowing multiple MAC addresses for a single host in a network b) Always using https c) Using a separate process in each browser d) Navigating to a site whose HSTS super-cookie is loaded in your browser 4. Although nmap warns about -Pn slowing down a scan, proxychains nmap -Pn 10.70.184.1-254 -p 445 actually runs faster than the following nmap: proxychains nmap 10.70.184.1-254 -p 445. Why would that be? a) When -Pn isn't specified, both UDP and TCP ports are scanned. b) If ping fails, nmap will check an extra port (80) c) Because ICMP echo replies are always delivered as fast as port 445 replies. d) When -Pn isn't specified, the 10,000 most popular ports will be scanned. 5. What can Linux file access control lists do that normal file modes cannot do? a) They can provide special permission sets for individual users. b) They can set a file to run as the root user when executed, no matter who the owner of the file is. c) They can restrict permissions for a group of users in /etc/group d) They can set permissions on a link to a file. 6. Which of these ISO layer messages is likely to have the largest number of embedded protocol data units in it? a) Datalink. b) Session c) Network d) Application
Recommended Textbooks
Computer Science and Information Technology
Introduction to Programming Using Python
Computer Science - An Overview
Transcript
18,000,000+
Students on Numerade
Trusted by students at 8,000+ universities
Watch the video solution with this free unlock.
EMAIL
PASSWORD