Firewall Concepts MCQ Questions Answers

Quizack prepared for you the best and latest firewall concepts MCQs so that our users can learn and practice at the same time. Quizack also got some of the best interactive engines ready for our users. So you can prepare for firewall concepts questions without any problems.

Start Practice Start Quiz PDF Download

Firewall Concepts multiple choice questions List

1. Firewalls fall into ____ major processing mode categories

2. Firewall policies should govern ________.

3. After an antivirus server performs filtering, it may ________.

4. A network that needs to connect to the internet might have a ____ host and a service network.

5. A firewall designed specifically for home networks is called a ________ firewall.

6. A __________ is a system that protects the computer network from unauthorized access.

7. Which key is sharable in PKI (Public Key Infrastructure)?

8. Expand TACACS.

9. Keeping in mind the performance of Firewalls, the frequently used rules in the rule base________________.

10. HTTPS uses ___________ encryption technology to encrypt the communication between Client's system and Firewalls.

11. Which of the events listed below should be monitored?

12.

State whether True or False.

A Firewall installed at the Gateway makes the whole network secure.

13. Which of the traffic listed below should be generally blocked?

14. What is the range of reserved ports?

15. At which layer does the IPSec work?

16.

Firewall can perform NAT to keep the record of various NAT entries. In which of the following tables does Firewall make those entries?

17.

State whether True or False.

All the DoS attacks can be blocked with the Firewalls.

18. Which command is used to check whether a particular host is live or not?

19.

State whether True or False.

Logging should be enabled for all the rules in the Rule Base.

20. By using which command can you see the active TCP connections?

21.

State whether True or False.

The security of the Firewalls is a very important aspect.

22. At which layer do the Firewalls generally work in the OSI model?

23.

Suppose Sally is the Network Security Engineer for ABC Company. She is asked by her manager to create a security policy in the Firewalls so that their internal network ABC_INTERNAL(172.16.0.0/24) may be able to access the SMTP(25) service from the server MAIL_SERVER(192.168.1.15).NAT rule already exists for the network. How will Sally create the security policy in the Firewalls?

24. What is SSL?

25. What does AAA stand for?

26.

State whether True or False.

The vulnerabilities in the Network/System can be exploited by threats.

27. What is the range of dynamic ports?

28. What is Spoofing?

29. What does RADIUS stand for?

30. In a Stateful Inspection Firewall, the entries about the connection states are made in the_______________ table.

31. Layer 2 Tunneling Protocol is a type of__________.

32. How many TCP flags are present in the Firewalls concept?

33. At which layer do the Proxy Firewalls function?

34. Which of the following is a type of DoS attack?

35. Which of the following things should be kept in mind before implementing/configuring the Firewalls?

36. Which zone is the trusted zone in Firewalls architecture?

37. Which of the following is a Firewall technology?

38.

Suppose Mark is the Network Security Engineer for ABC Company. He is asked by his manager to create a security policy in the Firewalls so that their internal network ABC_INTERNAL(172.16.0.0/24)may be able to access the DNS service from the server DNS_SERVER(192.168.1.5). NAT rule already exists for the Network. How will Mark create the security policy in the Firewalls?

39. What is the CIA concept?

40. A TCP connection is complete when it receives the_____________Packet.

41. Which among the following Firewalls is the slowest?

42.

You are asked by your manager to publish a web server.

Which type of NATing will you use so that the Web Server can be accessed from the Internet?

43. Which Packet is sent by the source to initiate the connection in TCP 3-way handshake?

44.

State whether True or False.

When a rule is matched for a particular incoming/outgoing Packet and is executed, the Firewalls look for another rule in the rule base for the same Packet.

45. Syslog protocol is used for __________.

46. Which command is used to determine the route taken by a Packet?

47.

Suppose Adrian is the Network Security Engineer for ABC Company. He is asked by his manager to create a security policy in the Firewalls to open the HTTP service for a host_A(192.168.1.2) so that host_A may be able to access the Web Server(172.16.0.2). NAT rule already exists for the host. How will Adrian create the security policy in the Firewalls?

48. What is the sequence in which the rules are executed in the Rule Base?

49. Auditing is the process of tracking ________________________ on a system.

50. What are the advantages of Stateful Inspection Firewall?

51. Which zone is the un-trusted zone in Firewalls architecture?

52. At which layer does the Circuit-Level Firewall work?

53. Which type of Firewalls keep a track on the state of the connection?

54. What does sniffing mean?

55. Suppose Eric is a Network Security Engineer in ABC Company. He is asked by his manager to block the access to unauthorized web sites being accessed by the users of the company. Can these unauthorized web sites be blocked with the Firewalls?

56.

Suppose Matt is the Network Security Engineer for XYZ Company. He is asked by his manager to create a security policy in the Firewalls so that host_A(172.16.0.3) may be able to access the HTTP service from the internet cloud. NAT rule already exists for the host. How will Matt create the security policy in the Firewalls?

57. Generally, a Firewall can not be managed by which of the following:

58. Which of the following are the functions of a Firewall?

59. What exactly is the Stateful Packet Filtering?

60. What is the action on Packet when we apply the action, REJECT?

61. Which of the following ports is used by IMAP?

62. What are the functions of a Desktop Firewall?

63. Over which of the following can a VPN be established?

64.

65. Which of the following things should be kept in mind while troubleshooting the Firewall problems?

66. What exactly is spoofing?

67. What exactly is a DoS?

68. Which layer of the OSI model is used by Packet filtering?

69. The______________ TCP flag can launch a DoS attack.

70. What is the mode of operation of Firewalls?

71. Which of the following are hash algorithms?

72. Which protocol is used by the DNS?

73. Which of the following can lead to the denial of service attacks?

74. Which of the reasons listed below lead to common attacks?

75. Port-Scanning tools helps the administrator in which of the following?

76. Which of the sources listed below are secured by Desktop Firewalls?

77. Which of the following tools can be used to monitor the Packets?

78. Digital Certificates are used for___________.

79. Which of the following are Encryption algorithms?

80. Which of the protocols listed below will you scan at the Gateway to block the Spam Mails?

81. Which of the following is helped by Logging?

82. Which of the following is an INVALID common architectural implementation of firewall?

83. Which generation firewalls are either application-level firewalls or proxy servers?

84. Which of the following is not a vaild categorization of Firewall based on processing mode?

85. What layer of the OSI model do Circuit Layer Firewalls operate at?

86. Which of the following is not a vaild categorization of Firewall based on structure?

87. Which level proxy provides protection at the session layer of OSI?

88. Which of the following host is sometimes called a dual-homed gateway or bastion host?

89. Which of the following can have different components of the firewall for different systems?

90. What layer(s) does an SPI firewall generally operate at?

91. In an IP packet header, which of the following describes the length of the header in 32-bit words and is a 4-bit value?

92. Which of the following is FALSE about Circuit Gateways?

93. Which generation firewalls are stateful inspection firewalls?

94. Which of the following is a mechanism designed into operating system kernel ?

95. Which of the following servers in the DMZ needs only list a limited number of public IP addresses?

96. What is a Cisco Access Control List (ACL) considered as?

97. Which of the following is not a VALID processing –mode category of firewalls?

98. A dynamic or Stateful Packet Inspection firewall maintains active "BLANK" sessions and "BLANK" pseudo sessions.

99. Which of the following is not a VALID subset of packet filtering firewalls?

100. What do circuit layer Firewalls monitor?

Related MCQ's

Core Java

Apache Flex

Google App Engine

Gamification

Git

Google Glass Programming

Active connections:

Active connections are sets of nodes that share an edge between them. An active connection can be viewed as a path in the network; however, the path may not necessarily be a physical link between two nodes. There exist paths between nodes that do not represent any actual physical contacts between those nodes. Such paths include, for example, social media accounts or online communication between users.

Network layer:

A Network Layer (NL) is the lowest level interface between the physical layers and the logical layers. A network layer function is to provide an abstraction of the physical layers, providing common services for the upper layers.

What is a bridging table?

A bridging table is used to map MAC addresses with IP addresses. When two devices need to communicate over networks, they must agree upon how to identify themselves.

What are packet attributes?

Attributes such as source address and destination address are called packet attributes.

What is the header's identification field?

The header’s identification field is used to identify the type of header.

Load balancing;

Load balancing is the practice of distributing a workload to multiple servers in order to achieve better performance than would be possible with a single server. This can be achieved by spreading an application's load over several computers, or by having several applications each running on a separate computer.

Packet filter firewall filters:

Packet filter firewall filters in computer networks are used to block packets based on their content. They operate at the Network Layer (Layer 3) of the OSI model. Packet filters have three main components: filtering criteria, filtering actions, and logging.

What do you mean by proxy firewall filters?

In a computer network proxy firewall filters are used to control which programs can talk to which services on the Internet. Proxy firewalls are often built into routers, but they may also be standalone appliances.

What is a hardware and software firewall?

Hardware firewall:

A hardware firewall is a device that performs security functions such as blocking unauthorized access to a private network, monitoring network activity, and providing intrusion detection capabilities. Hardware firewalls are typically installed between the public network and the internal network.

Software firewalls:

A software firewall is a layer of security that sits between the user and the network. In a computer network Software firewalls help prevent unauthorized users from accessing sensitive data on the network. They provide protection against malicious attacks and viruses.

What is an Outside Network?

The outside network is the part of your organization's network or the server that is accessible from other organizations.

Windows firewall:

Windows firewall is a security feature included in Windows operating systems. The purpose of this feature is to prevent unauthorized users from accessing resources on a private network.

What is firewall encryption?

Firewall encryption is a method for encrypting data between a client device and a server using a shared key.

Using Two Firewalls:

Using two firewalls, we can create a secure environment for our users. A firewall protects the internal network from external threats while a second firewall provides additional protection against attacks originating within the company.

What do you mean by a personal firewall?

It is a program that runs on your computer and monitors all incoming and outgoing network connections. The firewall checks whether any of these connections are malicious or unsafe.

What a firewall creates?

A firewall creates a secure zone within a network. A firewall acts as a gatekeeper for the network. All traffic enters the protected zone via the firewall, and only authorized users can access it.

Azure Firewall:

A virtual appliance that protects networks connected to Microsoft Azure services against attacks such as SYN flooding and TCP false connection detection (FACK). It controls traffic entering and exiting Azure Virtual Networks (VNET) through firewalling rules. The Azure Firewall provides network security based on Ip address reputation, policy settings, and threat intelligence.

What is an IP packet?

An IP packet is a unit of data sent between hosts across a TCP/IP network. An IP packet contains a sender's IP address, a receiver's IP address, and a protocol identifier.

What is a routing table?

The routing table is a list of routes that tell a router where to send data traveling between networks.

Stateful firewall means:

A stateful firewall means that it keeps track of the data packets that pass through the firewall. This helps the firewall to decide what kind of action to take when a packet arrives. Stateful firewalls use deep packet inspection (DPI), which inspects each layer of the protocol stack individually. DPI allows the firewall to examine every bit of information passed between two endpoints.

What a stateful firewall maintains?

It maintains information about all the connections it has established so far. The firewall uses this information to decide whether to let a connection proceed or drop it.

Packet filtering firewall:

The Packet Filtering Firewall (PF) is a security device that can be used to filter traffic based on the source and destination IP address, protocol, port number, or other criteria. The PF can also inspect packets for specific content such as HTML, text, executable files, etc.

What is Network Address Translation (NAT)?

Network Address Translation (NAT) refers to the process of translating private IP addresses into public IP addresses while maintaining the original IP addresses.

Security breach:

Security breaches occur when unauthorized individuals gain access to confidential information. The most common way this happens is when someone steals or misplaces a laptop containing sensitive data. Another way it occurs is when hackers break into a company's computer systems and steal information.

What is the main difference between stateful and stateless packet filtering methods?

The main difference between stateful packet filtering and stateless packet filtering is that the former requires more resources than the latter. For example, if a firewall has to keep track of every single packet passing through it, then it needs more memory and CPU power than a stateless firewall. A stateful firewall may require more processing power because it must analyze each packet before allowing it to pass through.

What is the basic principle behind the firewall?

The basic principle behind the firewall is that it prevents unauthorized access to the computer system. In other words, it filters out unwanted incoming connections. When a new connection attempt is made, the firewall examines the source IP address of the request. Depending on its configuration, the firewall either accepts or rejects the connection. If the firewall accepts the connection, it opens up a port in order to allow the communication to proceed.

How does the firewall prevent unauthorized access?

The firewall prevents unauthorized access to the host computer by examining the IP addresses of the requests coming from outside the firewall. If the firewall finds that the IP address matches the IP address of the host computer, then it allows the connection to continue. Otherwise, it blocks the connection.

Why should we use a firewall?

A firewall is used to protect and secure computers from being attacked by hackers. Hackers often try to gain control over a computer by sending malicious software to it. A firewall acts like an obstacle that stands between the hacker and the target computer. By blocking the hacker’s attempts at accessing the computer, a firewall can help keep your computer safe.

What is a Security rule?

Security rule is defined as a set of conditions that determine whether certain types of traffic are allowed or not. These conditions include:
• Source IP address
• Destination IP address
• Protocol type
• Port number
• Application name etc

Incoming traffic:

Incoming traffic refers to all network traffic that enters the protected network segment. It includes both internal and external traffic. Internal traffic refers to traffic that originates within the protected network segment. External traffic refers to traffic that comes into the protected network segment from outside the protected network segment.

What is Outgoing network traffic or Outgoing traffic?

Outgoing network traffic refers to all network activity that leaves the protected network segment. The term “outgoing” implies that this traffic will be sent to another location. Outbound traffic is also known as egress traffic.

What is an internal network?

The internal network is a private network that is isolated from the public Internet. This network is usually connected to a company’s intranet.

Network security device:

Network security devices are hardware devices that perform functions related to network security. They are designed to provide protection against attacks such as viruses, worms, spyware, malware, denial-of-service (DoS) attacks, and others.

What is an incoming packet?

An incoming packet is any data packet that arrives at a router. An incoming packet contains information about where it came from and where it is going.

Stateful Packet Inspection:

It is inspection is a way of inspecting packets in real-time. It uses stateful techniques to examine each packet individually. As a result, its inspection provides better performance than traditional packet filtering methods.

What is an outgoing packet?

An outgoing packet is any data packet sent out of a router. An outgoing packet may contain information about where it was sent to and who it was addressed to.

Destination address:

It is the IP address of the computer or other resource to which a packet is destined.

What do you know about a destination port?

The destination port is the TCP/UDP port that corresponds to the application layer protocol that is associated with a particular connection. For example, HTTP requests on port 80 use TCP protocol, and HTTPS requests on port 443 use SSLv3 protocol.

What are security policies?

A set of rules defines the behavior of network traffic in a specific area. For example, you could define a policy for allowing or denying access to certain websites. You could also create a policy to allow only specific applications to connect to a specific service. A firewall can be configured by using a combination of several different types of policies.

Types of firewall:

There are two types of firewalls:

Perimeter and host.

Perimeter firewalls protect the entire network.
Host firewalls protect individual hosts.

What is firewall technology?

The most common type of firewall software today is based on the concept of a layered architecture to secure your network. In general, there are four layers in a firewall system: Application Layer, Transport Layer, Network Layer, and Physical Layer.

What is a stateful inspection firewall?

A stateful inspection firewall inspects every packet entering the network. It keeps track of what has been seen before and what hasn’t. If the same type of packet is detected again, the firewall compares its contents with the previous one. If they match, then the firewall allows the packet to pass through. If not, the firewall drops the packet. In addition, if a new attack tool appears, the firewall updates its definition of an acceptable or unacceptable packet.

Quizack's work in the realm of firewall concepts:

Quizack not only prepared for you the best and latest firewall concepts MCQ with answers but also kept them up to date. Quizack team always works hard to maintain its standards why Quizack kept the difficulty hard so you can prepare for the real-world experience.

Quizack aims to make our users learning rapid and effective. Quizack didn’t put any time restrictions on firewall concepts practice questions so you can practice as much as you like. Quizack focuses on smart learning to save our users time.

If you prepare from Quizack we guarantee your success, whether it’s an interview, firewall concepts quiz, or your skill development.

Quizack’s firewall concepts quiz and pdf:

Quizack being one of the bests, also prepared for you a firewall concept online test of multiple choice questions so that you can test your knowledge and get an idea of much do you know about Firewall concepts. You can always test your skills on firewall concepts by taking Quizack’s firewall concepts online assessment.

Quizack wants our user's success so the Quizack team created a firewall concepts MCQ with answers pdf for the users who don’t have permanent access to the internet or always traveling. Now you can learn whenever wherever you are by getting our firewall concepts questions and answers pdf.

Quizack prepared all this with hard work and ambitious hearts. If you are a professional and find any mistakes your cooperation will be appreciated.