Principals of Information Security 4th Edition Questions
Chapter 6 Questions 1. What is the typical relationship among the untrusted network, the firewall, and the trusted network?
The relationship is that data is only limited to what firewalls allow via specific places called “ports”. There is the untrusted network on the outside, then the firewall which prevents unwanted or suspicious connections, and the trusted network is what lies within the bounds of the firewall.
2. What is the relationship between a TCP and UDP packet? Will any specific transaction usually involve both types of packets?
A TCP Packet sends information, and reports back to the sender on progress to assure that information has been sent and received. UDP on
…show more content…
8. Describe how the various types of firewalls interact with the network traffic at various levels of the OSI model.
Packet filtering firewalls include Static Filtering, dynamic filtering, and stateful inspection filtering these all work at the transport layer of the network. Packet filtering interacts with network traffic to confirm or deny it based on a rule set for a packet going up against a set of rules that is determined. Static filtering is up against a rule set for each packet, dynamic filtering filters packets depending on network traffic and usage limits, and stateful inspection examines packets and verifies where they are coming and going to determine via logs.
9. What is a hybrid firewall?
A Hybrid firewall “combine the elements of other types of firewalls that is, the elements of packet filtering and proxy services, or of packet filtering and circuit gateways.” (POIS P.256) It’s pretty nice because it takes all the network security protocols and kind of combines them in one package so a network can be improved without replacing several different firewall technologies.
10. List the five generations of firewall technology. Which generations are still in common use?
1st Generation: Static packet filtering (going up against a pre-defined set of rules)
2nd Generation: Application level firewalls, which are able to be configured via
Identify hardware and software needed to secure your choice of networks against all electronic threats.
Firewall: A firewall is a software or hardware-based network security system that controls the incoming and outgoing network traffic by analysing the data packets and
as a device in its domain and sends the packet to the host or pushes the packet to the next
The OSI (Open System Interconnection) model is a set of specifications that allow computers around the world to openly communicate. It is pivotal to understanding and developing computer to computer communications in a network. Each layer plays a role in the process of sending and receiving data. The application layer is the top layer (layer seven) it promotes communication between programs and lower-layer network services. The services at this layer allow the network to decipher a program's request and the program to decipher data sent from the network. The Application layer protocols, programs handles formatting, procedure, security, synchronization, and any other requirements with the network. The Presentation Layer (layer 6) acts as a translator. For instance these protocols decode the jpg/jpeg files sent within the Web server’s HTTP response. So, in the last step (the Application layer) we enter the Web address and it took us to the Web site. This step allows us to see the images and content of the site. The Session Layer (layer 5) regulates and controls the communication between two nodes on the network. It is an ongoing exchange of data between the two and keeps the connection between them for the duration. It keeps the communication secure, detects whether or not the communication has been cut off and if it has it determines where to restart the
The OSI Model is a model is used to define how data is theoretically passed on a network. Each layer is responsible and has its own duties for a network. The name of layer 3 in the OSI is the Network Layer. This layer is responsible for creating the paths for the transmission of data across the network. This layer provides routing and switching capabilities, as well as, internetworking, congestion control, and packet sequencing (Beal, 1999).
6) How does the use of border, internal, and host firewalls provide defense in depth?
A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It may be a hardware device or a software program running on a secure host computer. It must have at least two network interfaces, one of the network it is intended to protect, and one for the network it exposed
The private-public network edge is considered particularly vulnerable to intrusions, because the Internet is a publicly accessible network and falls under the management purview of multiple network operators. For these reasons, the Internet is considered an untrusted network. So are wireless LANs, which-without the proper
6. Describe (in plain English) at least one type of rule set you would want to add to a high level security network and why?
29. Firewall enhancements are desirable in all situations and should be deployed at any cost.
6. Describe (in plain English) at least one type of ruleset you would want to add to a high level security network and why?
There are two types of Internet Protocol (IP) traffic, such as Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). Some of the features that UDP possesses that are not provided by TCP/IP. First, UDP is a connectionless protocol (No handshake), which means packets sent from one node to another without making sure whether any packet may be lost during the transfer. TCP, on the other hand, makes sure to establish a connection in order to send the packets from one node to another without losing any packets. It is also known as handshake process, where nodes synchronize (SYN),
A firewall is a system or group of systems that enforces an access control policy between two or more networks. The means by which this control is accomplished varies widely, but in principle, the firewall is a pair of mechanisms, one that blocks traffic and one that permits traffic. Some firewalls emphasize blocking traffic, while others emphasize permitting traffic. The most important thing to recognize about a firewall is that it implements an access control policy. If you don't know what kind of access you want to permit or deny, or you let someone else or some product configure a firewall based on judgment other than yours, that entity is making policy for your whole organization.
Network security has changed significantly over the past years. There is more and more data to monitor and analyze in order to detect the activity of your data and systems. Securing a network has many variables. Password authentication, network access, patches, anti-virus protection, intrusion detection, firewall and network monitoring tools are just a few of the things you can do to protect yourself.
3. How is infrastructure protection (assuring the security of utility services) related to information security?