Preview

Lab 7

Good Essays
Open Document
Open Document
928 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Lab 7
1. What are some common risks, threats, and vulnerabilities commonly found in the LAN-to-WAN Domain that must be mitigated through a layered security strategy?
A layered security strategy will encompass Rouge protocols such as Bit mining and P2P, Unauthorized network scanning and probing, and unauthorized access to the network.
2. What is an Access Control List (ACL) and how is it useful in a layered security strategy?
An ACL is a Control list which will allow or deny traffic or devices based on specifications defined in the ACL. This ACL generally is applied and configured on Firewalls. It is useful in a layered security approach because from an External standpoint it become the first line of defense when hosts attempt to connect to the network.
3. What is a Bastion Host? Provide an example of when a Bastion Host should be used and how.
A "Bastion Host" is a host that is minimally configured software firewall containing only necessary software/services. These are also referred to as bare metal or “lite” and is managed to be overly secure through a minimalist approach. All traffic coming is directed to the Bastion or “screened host”. Outbound traffic is not sent through it. The most common threat to the Bastion Host is to the operating system that is not hardened with additional security applications.

4. Provide at least two examples of how the enclave requirement to place a firewall at the perimeter can be accomplished.
a. Placing a firewall between two routers and another firewall before a DMZ would be the best requirement choice to use
5. What is the difference between a traditional IP Stateful Firewall and a Deep Packet Inspection Firewall?
a. IP Stateful firewall inspection takes place in layer 4, when traffic attempts to traverse the firewall a requested a source port and a destination port pair become part of the session allowing the source to receive information. Stateful inspection firewalls solve the vulnerability of permitting all the high numbered

You May Also Find These Documents Helpful

  • Powerful Essays

    1. Briefly explain how the Gufw internal Ubuntu host IP ststeful firewall can be used in a layered security strategy at the Workstation Domain level.…

    • 1518 Words
    • 5 Pages
    Powerful Essays
  • Satisfactory Essays

    | * Patch history * VPN * Firewall * Stateful Inspection * Whitelists-Blacklists * Boundary Encryption * Backups and archiving…

    • 409 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Unit 5 Problem Set 1

    • 522 Words
    • 3 Pages

    2. Which of the following mechanisms is most often used in firewall rules to allow traffic…

    • 522 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    A level of security is the IP stateful firewall a security appliance that is used to filter IP packets and block unwanted IP, TCP, and UDP packet types from entering and leaving the network.…

    • 801 Words
    • 4 Pages
    Good Essays
  • Good Essays

    Cs150 Unit 3 Assignment

    • 498 Words
    • 2 Pages

    Firewalls are hardware or software-based network security system that controls the outgoing and incoming network traffic by analyzing the data packets and determining whether they should be allowed through or not based upon the settings. A firewall establishes a barrier between a trusted, secure internal network and another network that is not assumed to be secure and trusted. Many computers and other hardware such as routers and modems have built-in firewall capabilities. These firewalls can be effective with little or no configuration. Software firewalls can be installed on your computer and can be configured according to your needs. Many software firewalls have user defined controls for setting up safe file and printer sharing and to block unsafe applications from running on your computer. Software firewalls may also incorporate privacy controls and web content…

    • 498 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    The network infrastructure is the first line of defense between the Internet and public facing web servers. Firewalls provide the first line of defense in network security infrastructures. They accomplish this by comparing corporate policies about users' network access rights to the connection information surrounding each access attempt. User policies and connection information must match up, or the firewall does not grant access to network resources; this helps avert break-ins.…

    • 1214 Words
    • 4 Pages
    Powerful Essays
  • Satisfactory Essays

    In the WAN domain, enforce encryption, and VPN tunneling for remote connections. Configure routers, and network firewalls to block Ping requests to reduce chance of Denial of Service attacks. Deployment of…

    • 386 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    access control list (ACL) A collection of access control entries that defines the access that all users and groups have to an object.…

    • 4603 Words
    • 19 Pages
    Good Essays
  • Good Essays

    unit 7 lab 10

    • 595 Words
    • 3 Pages

    Software firewalls are installed on individual computers and they need sufficient configuration to be effective. Software firewalls contain a set of related programs, usually located at a network gateway server, that protect the resources of a private network from users on other networks or from internal users. Software firewalls allow application screening to verify the interaction between the requesting client and the requested resource.…

    • 595 Words
    • 3 Pages
    Good Essays
  • Good Essays

    IS3230 Final Exam Answers

    • 939 Words
    • 4 Pages

    9. When considering access control security options to mitigate vulnerabilities within the infrastructure, it is ________.…

    • 939 Words
    • 4 Pages
    Good Essays
  • Better Essays

    Unit 8 eCommerce P1

    • 1328 Words
    • 6 Pages

    Firewall: A firewall is a software or hardware-based network security system that controls the incoming and outgoing network traffic by analysing the data packets and determining whether they should be allowed through or not, based on a rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted.…

    • 1328 Words
    • 6 Pages
    Better Essays
  • Powerful Essays

    Access Control Lists

    • 3039 Words
    • 13 Pages

    Access Control Lists are used by OS’s such as Windows and UNIX. An ACL is a table that informs the OS of each users access rights to an object within the system, the object could be a program, a single file or a folder. Although ACL’s do the same task in a similar way, the different OS’s each have a different way of carrying it out.…

    • 3039 Words
    • 13 Pages
    Powerful Essays
  • Good Essays

    Testbacksecurity

    • 2284 Words
    • 10 Pages

    A firewall is a mechanism that keeps certain kinds of network traffic out of a private network.…

    • 2284 Words
    • 10 Pages
    Good Essays
  • Powerful Essays

    Sonicwall

    • 1842 Words
    • 8 Pages

    High performance security engine Integrated intrusion prevention Advanced IPSec and SSL VPN Streamlined GUI and advanced management wizards Application intelligence, control and visualization Dual-band wireless Content/URL filtering Gateway Anti-Virus and Anti-Spyware Service Comprehensive Anti-Spam Service Multiple security zones WAN/ISP redundancy and failover Comprehensive centralized management Enforced Client Anti-Virus…

    • 1842 Words
    • 8 Pages
    Powerful Essays
  • Powerful Essays

    HP S Intrusion Prevention System (IPS) N Series Data sheet Product overview The HP S Intrusion Prevention System (IPS) N Series achieves a new level of inline, real-time protection, providing proactive network security for today's and tomorrow's real-world network traffic and data centers. The IPS platform's next-generation architecture adds significant capacity for deep packet traffic inspection, and its modular software design enables the addition of valuable network protection services to its proven intrusion prevention solution. This new industry-leading IPS platform redefines intrusion prevention as a foundation for comprehensive network security.…

    • 3933 Words
    • 16 Pages
    Powerful Essays