![Principles of Information Security](https://www.bartleby.com/isbn_cover_images/9781285448367/9781285448367_largeCoverImage.gif)
Principles of Information Security
5th Edition
ISBN: 9781285448367
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Course Technology
expand_more
expand_more
format_list_bulleted
Question
Chapter 6, Problem 10RQ
Program Plan Intro
Firewall:
A firewall is security software which imposes a set of protocols to prevent specific types of data from moving among trusted and untrusted level of networks.
- Types of firewalls that are commonly used as follows:
- Application layer proxy firewalls
- Hybrid firewalls
- Packet filtering firewalls
- Media access control layer firewalls
Hybrid Firewall:
It combines the structures and utilities from above types of firewalls. It is mainly used to protect user’s servers and workstations from malicious problems and illegal access.
- “Unified Threat Management (UTM)” is one of the separate types of hybrid firewalls.
Expert Solution & Answer
![Check Mark](/static/check-mark.png)
Want to see the full answer?
Check out a sample textbook solution![Blurred answer](/static/blurred-answer.jpg)
Students have asked these similar questions
In the threat assessment, what is the difference between capacity and capability?
What do you think of the MITRE Threat Modeling approach? The article aligns this approach with the Cybersecurity Kill Chain by Lockheed Martin. What are your thoughts on this synergy? What are the strengths and/or weaknesses to a combined approach?
How precisely can a security framework help in the planning and implementation of a security infrastructure? As compared to other forms of governance, information security governance stands out due to its unique characteristics. Is there a person or group inside the company who should be responsible for making contingency plans?
Chapter 6 Solutions
Principles of Information Security
Ch. 6 - Prob. 1RQCh. 6 - Prob. 2RQCh. 6 - Prob. 3RQCh. 6 - Prob. 4RQCh. 6 - Prob. 5RQCh. 6 - Prob. 6RQCh. 6 - Prob. 7RQCh. 6 - Prob. 8RQCh. 6 - Prob. 9RQCh. 6 - Prob. 10RQ
Ch. 6 - Prob. 11RQCh. 6 - Prob. 12RQCh. 6 - Prob. 13RQCh. 6 - Prob. 14RQCh. 6 - Prob. 15RQCh. 6 - Prob. 16RQCh. 6 - Prob. 17RQCh. 6 - Prob. 18RQCh. 6 - Prob. 19RQCh. 6 - Prob. 20RQCh. 6 - Prob. 1ECh. 6 - Prob. 2ECh. 6 - Prob. 3ECh. 6 - Prob. 4ECh. 6 - Prob. 5ECh. 6 - Prob. 1CEDQCh. 6 - Prob. 2CEDQCh. 6 - Suppose that Ms. Hamir stacked the deck with her...
Knowledge Booster
Similar questions
- A. What conditions must be met to ensure that risk acceptance has been used properly? B. Discuss the concept of an organisation’s competitive advantage against competitors and how it has evolved over the years with the ongoing development of the IT industry. C. Explain why networking components need more examination from an information security perspective than from a systems development perspective. Why must this practice be periodically reviewed? D. With the aid of a diagram, discuss the contingency planning hierarchy. E. What is the DMZ? Discuss whether this is a good name for the function that this type of subnet performs.arrow_forwardExamine security management strategies and their ideas.arrow_forwardIn your own words, describe/explain the advantages of Threat Modeling and Intelligence gatheringarrow_forward
- How does one go about developing a threat model?arrow_forwardThe second step in threat modelling is to identify technologies and security measures that you are already aware of.arrow_forwardElaborate on the various dissimilarities between threat assessment, vulnerabilityassessment and risk assessment.arrow_forward
- A best practice for threat assessments within the seven domains of a typical IT infrastruture is "assume nothing, recognizing that things change." What do you think "assume nothing" means in this context?arrow_forwardHow does one decide between a top-down and a bottom-up strategy for information security?When compared to a bottom-up strategy, why is the top-down approach preferable?Analyze the similarities and differences between the two concepts and provide a detailed description of each idea's role within the larger organization.arrow_forwardHow can a security framework aid in security infrastructure design and implementation? Information security governance is unique. Should someone in the organization organize such an event?arrow_forward
- What are the similarities and differences between Microsoft's Security Development Lifecycle (SDL) and the SDLC? Do you think that the SDLC could be improved using some of the features of the SDL, and if so, which ones and why? The proponents of agile methodologies claim that the traditional SDLC suffers from a lack of predictability, or rather that development according to SDLC tries to predict a system's needs. How do agile methodologies approach this problem?arrow_forwardHow do you go about creating a threat model?|arrow_forwardA security framework may help a successful security infrastructure, but how? What are the fundamental contrasts in this respect between information security governance and other types of administration? Who should be in charge of developing such a plan inside the company?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
![Text book image](https://www.bartleby.com/isbn_cover_images/9781337405713/9781337405713_smallCoverImage.gif)
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,