Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
7 Cards in this Set
- Front
- Back
|
What is a Firewall? |
Firewall is a device that is placed between a trusted and an untrusted network. It deny or permit traffic that enters or leaves network based on pre-configured policies. |
|
|
What is the difference between Gateway and Firewall? |
A Gateway joins two networks together and a network firewall protects a network against unauthorized incoming or outgoing access. Network firewalls may be hardware devices or software programs. |
|
|
What is the difference between Stateful & Stateless Firewall? |
Stateful firewall - A Stateful firewall is aware of the connections that pass through it. It adds and maintains information about users connections in state table, referred to as a connection table. It than uses this connection table to implement the security policies for users connections. Example of stateful firewall are PIX, ASA, Checkpoint. Stateless firewalls - (Packet Filtering) Stateless firewalls on the other hand, does not look at the state of connections but just at the packets themselves.Example of a packet filtering firewall is the Extended Access Control Lists on Cisco IOS Routers. |
|
|
What information does Stateful Firewall Maintains? |
Stateful firewall maintains following information in its State table:- 1.Source IP address. 2.Destination IP address. 3.IP protocol like TCP, UDP. 4.IP protocol information such as TCP/UDP Port Numbers, TCP Sequence Numbers, and TCP Flags. |
|
|
What are the security-levels in Cisco ASA? |
ASA uses Security levels to determine the Trustworthiness of a network attached to the respective interface. The security level can be configured between 0 to 100 where higher numbers are more trusted than lower. By default, the ASA allows traffic from a higher security level to a lower security level only. |
|
|
How can we allow packets from lower security level to higher security level (Override Security Levels)? |
We use ACLs to allow packets from lower security level to higher security level. |
|
|
Same Security level traffic is allowed or denied in ASA? |
By default same security level traffic is not allowed. To allow it we use command:-ASA(config)# same-security-traffic permit inter-interface. |
