Computer Network Security and Firewall
Principals of Information Security 4th Edition Questions
Chapter 6 Questions 1. What is the typical relationship among the untrusted network, the firewall, and the trusted network?
The relationship is that data is only limited to what firewalls allow via specific places called “ports”. There is the untrusted network on the outside, then the firewall which prevents unwanted or suspicious connections, and the trusted network is what lies within the bounds of the firewall.
2. What is the relationship between a TCP and UDP packet? Will any specific transaction usually involve both types of packets?
A TCP Packet sends information, and reports back to the sender on progress to assure that information has been sent and received. UDP on the other hand is designed more for speed after establishing a connection and is used to strive for the fastest data retrieval rate as possible, but for this type of packet, it’s less important that it reports back. I don’t believe there will be specific transactions that involve both types of packets. But TCP is better for assuring that data is being received completely, but UDP focuses on assuring data is retrieved as quickly as possible.
3. How is an application layer firewall different from a packet-filtering firewall? Why is an application layer firewall sometimes called a proxy server?
A packet-filtering firewall only allows “a particular packet with a particular source, destination, and port address to enter”. (POIS P.253) An application layer firewall is sometimes called a proxy server because it “runs special software that acts as a proxy for a service request” It is more to deal with outgoing connections and making connections within the DMZ zone of an organization.
4. How is static filtering different from dynamic filtering of packets? Which is perceived to offer improved security?
Static filtering works with rules that are already designated or “developed and installed with the firewall” and only a person can
Chapter 6 Questions 1. What is the typical relationship among the untrusted network, the firewall, and the trusted network?
The relationship is that data is only limited to what firewalls allow via specific places called “ports”. There is the untrusted network on the outside, then the firewall which prevents unwanted or suspicious connections, and the trusted network is what lies within the bounds of the firewall.
2. What is the relationship between a TCP and UDP packet? Will any specific transaction usually involve both types of packets?
A TCP Packet sends information, and reports back to the sender on progress to assure that information has been sent and received. UDP on the other hand is designed more for speed after establishing a connection and is used to strive for the fastest data retrieval rate as possible, but for this type of packet, it’s less important that it reports back. I don’t believe there will be specific transactions that involve both types of packets. But TCP is better for assuring that data is being received completely, but UDP focuses on assuring data is retrieved as quickly as possible.
3. How is an application layer firewall different from a packet-filtering firewall? Why is an application layer firewall sometimes called a proxy server?
A packet-filtering firewall only allows “a particular packet with a particular source, destination, and port address to enter”. (POIS P.253) An application layer firewall is sometimes called a proxy server because it “runs special software that acts as a proxy for a service request” It is more to deal with outgoing connections and making connections within the DMZ zone of an organization.
4. How is static filtering different from dynamic filtering of packets? Which is perceived to offer improved security?
Static filtering works with rules that are already designated or “developed and installed with the firewall” and only a person can