Firewall Quiz Questions And Answers

1. What port does secure HTTP use?

TCP port 550

TCP port 443

TCP port 399

TCP port 250

Secure HTTP, also known as HTTPS, uses TCP port 443. This port is specifically designated for secure communication over the internet. When a user accesses a website with HTTPS, the data exchanged between the user's browser and the website is encrypted to ensure confidentiality and integrity. TCP port 443 is commonly used for secure web browsing, online banking, e-commerce transactions, and other secure online activities.

Explanation

Secure HTTP, also known as HTTPS, uses TCP port 443. This port is specifically designated for secure communication over the internet. When a user accesses a website with HTTPS, the data exchanged between the user's browser and the website is encrypted to ensure confidentiality and integrity. TCP port 443 is commonly used for secure web browsing, online banking, e-commerce transactions, and other secure online activities.

2. Application-level gateway is also known as a proxy firewall.

True

False

An application-level gateway is a type of firewall that operates at the application layer of the network protocol stack. It acts as an intermediary between the client and the server, examining and filtering network traffic based on the application-specific rules. This type of firewall can provide additional security measures by inspecting the content of the application data. Therefore, it is correct to say that an application-level gateway is also known as a proxy firewall.

Explanation

An application-level gateway is a type of firewall that operates at the application layer of the network protocol stack. It acts as an intermediary between the client and the server, examining and filtering network traffic based on the application-specific rules. This type of firewall can provide additional security measures by inspecting the content of the application data. Therefore, it is correct to say that an application-level gateway is also known as a proxy firewall.

3. What is an IPS?

Intrusion Prevention System

Intrinsic Prevention Security

Intrusion Prevention Security

Intrusive Prevention Security

An IPS stands for Intrusion Prevention System, which is a security technology designed to detect and prevent unauthorized access or attacks on a network or computer system. It actively monitors network traffic, analyzes it for potential threats, and takes immediate action to block or mitigate any suspicious or malicious activities. It helps to protect the system from various types of attacks, such as malware, viruses, unauthorized access attempts, and denial of service attacks.

Explanation

An IPS stands for Intrusion Prevention System, which is a security technology designed to detect and prevent unauthorized access or attacks on a network or computer system. It actively monitors network traffic, analyzes it for potential threats, and takes immediate action to block or mitigate any suspicious or malicious activities. It helps to protect the system from various types of attacks, such as malware, viruses, unauthorized access attempts, and denial of service attacks.

4. What is a network layer firewall also called?

Stateful Filters

Packet Filters

Area Filters

SecuredN

A network layer firewall is also called a "Packet Filter." This type of firewall operates at the network layer of the OSI model and examines each packet's header information to determine whether to allow or block it based on predefined rules. Packet filtering firewalls are commonly used to filter traffic based on IP addresses, ports, and protocols, providing a basic level of security for a network by controlling the flow of packets.

Explanation

A network layer firewall is also called a "Packet Filter." This type of firewall operates at the network layer of the OSI model and examines each packet's header information to determine whether to allow or block it based on predefined rules. Packet filtering firewalls are commonly used to filter traffic based on IP addresses, ports, and protocols, providing a basic level of security for a network by controlling the flow of packets.

5. A ____ filtering firewall can react to an emergent event and update or create rules to deal with the event.

Dynamic

Static

Stateful

Stateless

A dynamic filtering firewall is able to react to an emergent event and update or create rules to deal with the event. This means that it can adapt and modify its filtering rules in real-time based on the current network conditions or threats. Unlike static filtering firewalls, which have predetermined rules that do not change, a dynamic filtering firewall provides greater flexibility and responsiveness in handling unexpected events or changes in the network environment. Additionally, stateful firewalls can maintain information about the state of network connections, allowing them to make more informed decisions when filtering traffic.

Explanation

A dynamic filtering firewall is able to react to an emergent event and update or create rules to deal with the event. This means that it can adapt and modify its filtering rules in real-time based on the current network conditions or threats. Unlike static filtering firewalls, which have predetermined rules that do not change, a dynamic filtering firewall provides greater flexibility and responsiveness in handling unexpected events or changes in the network environment. Additionally, stateful firewalls can maintain information about the state of network connections, allowing them to make more informed decisions when filtering traffic.

6. The ____ is an intermediate area between a trusted network and an untrusted network.

DMZ

Domain

Firewall

Perimeter

A DMZ, or Demilitarized Zone, is an intermediate area between a trusted network and an untrusted network. It acts as a buffer zone that separates the internal network from the external network, providing an additional layer of security. The DMZ typically contains servers and services that need to be accessible from the internet, such as web servers or email servers. By placing these systems in the DMZ, it helps to protect the internal network from potential threats originating from the untrusted network while still allowing controlled access to specific services.

Explanation

A DMZ, or Demilitarized Zone, is an intermediate area between a trusted network and an untrusted network. It acts as a buffer zone that separates the internal network from the external network, providing an additional layer of security. The DMZ typically contains servers and services that need to be accessible from the internet, such as web servers or email servers. By placing these systems in the DMZ, it helps to protect the internal network from potential threats originating from the untrusted network while still allowing controlled access to specific services.

7. What were the second generation firewalls called?

State Secured Filters

Circuit Level Getaways

Unit Secured Filters

Generation of Filters III

The second generation firewalls were called State Secured Filters.

Explanation

The second generation firewalls were called State Secured Filters.

8. In ____ mode, the data within an IP packet is encrypted, but the header information is not.

Tunnel

Transport

Public

Symmetric

In tunnel mode, the data within an IP packet is encrypted, but the header information is not. This means that the payload of the packet is encrypted, providing secure communication between two endpoints, while the header information remains visible. Tunnel mode is often used when creating a virtual private network (VPN) to securely connect two networks over an untrusted network, such as the internet.

Explanation

In tunnel mode, the data within an IP packet is encrypted, but the header information is not. This means that the payload of the packet is encrypted, providing secure communication between two endpoints, while the header information remains visible. Tunnel mode is often used when creating a virtual private network (VPN) to securely connect two networks over an untrusted network, such as the internet.

9. The Next-Generation Firewalls (NGFWs) belong to which generation?

First

Second

Third

Fourth

The Next-Generation Firewalls (NGFWs) belong to the third generation of firewalls. NGFWs are an advanced form of firewalls that combine traditional firewall capabilities with additional features such as intrusion prevention, application awareness, and deep packet inspection. These features allow NGFWs to provide more advanced threat detection and prevention capabilities compared to previous generations of firewalls.

Explanation

The Next-Generation Firewalls (NGFWs) belong to the third generation of firewalls. NGFWs are an advanced form of firewalls that combine traditional firewall capabilities with additional features such as intrusion prevention, application awareness, and deep packet inspection. These features allow NGFWs to provide more advanced threat detection and prevention capabilities compared to previous generations of firewalls.

10. ____ is the protocol for handling TCP traffic through a proxy server.

Https

Socks

FTP

Telnet

The correct answer is Socks. Socks is the protocol used for handling TCP traffic through a proxy server. It allows clients to connect to a proxy server and then make requests through the proxy to the destination server. This enables the client to hide its identity and location, as well as bypass any restrictions or firewalls that may be in place. Socks is commonly used for activities such as anonymous browsing, accessing geo-restricted content, and enhancing security and privacy.

Explanation

The correct answer is Socks. Socks is the protocol used for handling TCP traffic through a proxy server. It allows clients to connect to a proxy server and then make requests through the proxy to the destination server. This enables the client to hide its identity and location, as well as bypass any restrictions or firewalls that may be in place. Socks is commonly used for activities such as anonymous browsing, accessing geo-restricted content, and enhancing security and privacy.