Chapter Questions
What is the difference between reactive and proactive design of firewalls?
What are major firewall implementations?
Compare hardware vs software implementations. What are their advantages and drawbacks?
Which firewall (software or hardware) is more vulnerable to the new (unseen) attacks?
How were first firewalls validated?
Can firewall provide a protection against all the attacks?
Why is a firewall called the first line of defense?
Which was the first operating system release to have a firewall incorporated?
One of the effective ways to reduce the firewall load and increase its efficiency is to cache the content of the most frequently used outside sources. What drawbacks does this policy have?
How does a firewall hide an internal address?
The firewall policy may include rules like:1 Everything is allowed unless specifically banned or2 Everything is banned unless specifically allowedWhich one would you recommend to apply and why?
How is dynamic filtering organized?
What is the difference between DMZ and two routers topologies?
What can firewall logging help with?
Is logging implemented in all firewalls?
Which network technology tasks can a firewall help to solve and how?
Name firewall basic operational models.
What are advantages and drawbacks of packet filters?
What is the difference between a packet filter and stateful inspection operations?
Describe the operation of the application proxy firewall.
What are the main functions of the application proxy firewalls and how are they implemented?
How is DPI realized?
What advantages does an application proxy have over other firewall models?
How does circuit-level gateway firewall operate?
Which firewall models are closer to each other in their functionality?
What is the most secure firewall architecture?
What is the difference between dual-homed and screened host gateways?
Which firewall architecture possesses the single point of failure problem?
Name the main phases in firewall design and implementation.
Which phase in firewall design do you consider as the most important and why?
Formulate main features of the good firewall design practice.
Which firewall parts need to get configured during the installations?
Is firewall testing done in a real or simulated environment?
What should firewall do with a traffic originated from the address of 127.0.0.1?
What will happen if the rule given in Firewall 7 rulesets will come first in the order?
What is 3C firewall design requirement?
Define the rules conflict. How to detect it?
Provide examples of fuzzified rules in firewall design.
What are the main advantages and drawbacks of the fuzzy firewalls?
What kind of hybrid systems, which a firewall is a part of, is employed for security enhancement?
How is machine learning employed to enhance a firewall effectiveness and efficiency?
How does load balancing between firewalls work?
Should load balancing get implemented in your organization firewall design?
Give a few examples of new developments in firewall technology.
What improvements in firewall design would you suggest?
Which tradeoffs in firewall design can you name?