Basic Firewall Concepts MCQ

1. Firewalls fall into ____ major processing mode categories

Note: This Question is unanswered, help us to find answer for this one

2. Firewall policies should govern ________.

Note: This Question is unanswered, help us to find answer for this one

3. After an antivirus server performs filtering, it may ________.

Note: This Question is unanswered, help us to find answer for this one

4. A network that needs to connect to the internet might have a ____ host and a service network.

Note: This Question is unanswered, help us to find answer for this one

5. A firewall designed specifically for home networks is called a ________ firewall.

Note: This Question is unanswered, help us to find answer for this one

6. A __________ is a system that protects the computer network from unauthorized access.

Note: This Question is unanswered, help us to find answer for this one

7. Which key is sharable in PKI (Public Key Infrastructure)?

Note: This Question is unanswered, help us to find answer for this one

8. Expand TACACS.

Note: This Question is unanswered, help us to find answer for this one

9. Keeping in mind the performance of Firewalls, the frequently used rules in the rule base________________.

Note: This Question is unanswered, help us to find answer for this one

10. HTTPS uses ___________ encryption technology to encrypt the communication between Client's system and Firewalls.

Note: This Question is unanswered, help us to find answer for this one

11. Which of the events listed below should be monitored?

Note: This Question is unanswered, help us to find answer for this one

12.

State whether True or False.

A Firewall installed at the Gateway makes the whole network secure.

Note: This Question is unanswered, help us to find answer for this one

13. Which of the traffic listed below should be generally blocked?

Note: This Question is unanswered, help us to find answer for this one

14. What is the range of reserved ports?

Note: This Question is unanswered, help us to find answer for this one

15. At which layer does the IPSec work?

Note: This Question is unanswered, help us to find answer for this one

16.

Firewall can perform NAT to keep the record of various NAT entries. In which of the following tables does Firewall make those entries?

Note: This Question is unanswered, help us to find answer for this one

17.

State whether True or False.

All the DoS attacks can be blocked with the Firewalls.

Note: This Question is unanswered, help us to find answer for this one

18. Which command is used to check whether a particular host is live or not?

Note: This Question is unanswered, help us to find answer for this one

19.

State whether True or False.

Logging should be enabled for all the rules in the Rule Base.

Note: This Question is unanswered, help us to find answer for this one

20. By using which command can you see the active TCP connections?

Note: This Question is unanswered, help us to find answer for this one

21.

State whether True or False.

The security of the Firewalls is a very important aspect.

Note: This Question is unanswered, help us to find answer for this one

22. At which layer do the Firewalls generally work in the OSI model?

Note: This Question is unanswered, help us to find answer for this one

23.

Suppose Sally is the Network Security Engineer for ABC Company. She is asked by her manager to create a security policy in the Firewalls so that their internal network ABC_INTERNAL(172.16.0.0/24) may be able to access the SMTP(25) service from the server MAIL_SERVER(192.168.1.15).NAT rule already exists for the network. How will Sally create the security policy in the Firewalls?

Note: This Question is unanswered, help us to find answer for this one

24. What is SSL?

Note: This Question is unanswered, help us to find answer for this one

25. What does AAA stand for?

Note: This Question is unanswered, help us to find answer for this one

26.

State whether True or False.

The vulnerabilities in the Network/System can be exploited by threats.

Note: This Question is unanswered, help us to find answer for this one

27. What is the range of dynamic ports?

Note: This Question is unanswered, help us to find answer for this one

28. What is Spoofing?

Note: This Question is unanswered, help us to find answer for this one

29. What does RADIUS stand for?

Note: This Question is unanswered, help us to find answer for this one

30. In a Stateful Inspection Firewall, the entries about the connection states are made in the_______________ table.

Note: This Question is unanswered, help us to find answer for this one

31. Layer 2 Tunneling Protocol is a type of__________.

Note: This Question is unanswered, help us to find answer for this one

32. How many TCP flags are present in the Firewalls concept?

Note: This Question is unanswered, help us to find answer for this one

33. At which layer do the Proxy Firewalls function?

Note: This Question is unanswered, help us to find answer for this one

34. Which of the following is a type of DoS attack?

Note: This Question is unanswered, help us to find answer for this one

35. Which of the following things should be kept in mind before implementing/configuring the Firewalls?

Note: This Question is unanswered, help us to find answer for this one

36. Which zone is the trusted zone in Firewalls architecture?

Note: This Question is unanswered, help us to find answer for this one

37. Which of the following is a Firewall technology?

Note: This Question is unanswered, help us to find answer for this one

38.

Suppose Mark is the Network Security Engineer for ABC Company. He is asked by his manager to create a security policy in the Firewalls so that their internal network ABC_INTERNAL(172.16.0.0/24)may be able to access the DNS service from the server DNS_SERVER(192.168.1.5). NAT rule already exists for the Network. How will Mark create the security policy in the Firewalls?

Note: This Question is unanswered, help us to find answer for this one

39. What is the CIA concept?

Note: This Question is unanswered, help us to find answer for this one

40. A TCP connection is complete when it receives the_____________Packet.

Note: This Question is unanswered, help us to find answer for this one

41. Which among the following Firewalls is the slowest?

Note: This Question is unanswered, help us to find answer for this one

42.

You are asked by your manager to publish a web server.

Which type of NATing will you use so that the Web Server can be accessed from the Internet?

Note: This Question is unanswered, help us to find answer for this one

43. Which Packet is sent by the source to initiate the connection in TCP 3-way handshake?

Note: This Question is unanswered, help us to find answer for this one

44.

State whether True or False.

When a rule is matched for a particular incoming/outgoing Packet and is executed, the Firewalls look for another rule in the rule base for the same Packet.

Note: This Question is unanswered, help us to find answer for this one

45. Syslog protocol is used for __________.

Note: This Question is unanswered, help us to find answer for this one

46. Which command is used to determine the route taken by a Packet?

Note: This Question is unanswered, help us to find answer for this one

47.

Suppose Adrian is the Network Security Engineer for ABC Company. He is asked by his manager to create a security policy in the Firewalls to open the HTTP service for a host_A(192.168.1.2) so that host_A may be able to access the Web Server(172.16.0.2). NAT rule already exists for the host. How will Adrian create the security policy in the Firewalls?

Note: This Question is unanswered, help us to find answer for this one

48. What is the sequence in which the rules are executed in the Rule Base?

Note: This Question is unanswered, help us to find answer for this one

49. Auditing is the process of tracking ________________________ on a system.

Note: This Question is unanswered, help us to find answer for this one

50. What are the advantages of Stateful Inspection Firewall?

Note: This Question is unanswered, help us to find answer for this one

51. Which zone is the un-trusted zone in Firewalls architecture?

Note: This Question is unanswered, help us to find answer for this one

52. At which layer does the Circuit-Level Firewall work?

Note: This Question is unanswered, help us to find answer for this one

53. Which type of Firewalls keep a track on the state of the connection?

Note: This Question is unanswered, help us to find answer for this one

54. What does sniffing mean?

Note: This Question is unanswered, help us to find answer for this one

55. Suppose Eric is a Network Security Engineer in ABC Company. He is asked by his manager to block the access to unauthorized web sites being accessed by the users of the company. Can these unauthorized web sites be blocked with the Firewalls?

Note: This Question is unanswered, help us to find answer for this one

56.

Suppose Matt is the Network Security Engineer for XYZ Company. He is asked by his manager to create a security policy in the Firewalls so that host_A(172.16.0.3) may be able to access the HTTP service from the internet cloud. NAT rule already exists for the host. How will Matt create the security policy in the Firewalls?

Note: This Question is unanswered, help us to find answer for this one

57. Generally, a Firewall can not be managed by which of the following:

Note: This Question is unanswered, help us to find answer for this one

58. Which of the following are the functions of a Firewall?

Note: This Question is unanswered, help us to find answer for this one

59. What exactly is the Stateful Packet Filtering?

Note: This Question is unanswered, help us to find answer for this one

60. What is the action on Packet when we apply the action, REJECT?

Note: This Question is unanswered, help us to find answer for this one

61. Which of the following ports is used by IMAP?

Note: This Question is unanswered, help us to find answer for this one

62. What are the functions of a Desktop Firewall?

Note: This Question is unanswered, help us to find answer for this one

63. Over which of the following can a VPN be established?

Note: This Question is unanswered, help us to find answer for this one

64.

Note: This Question is unanswered, help us to find answer for this one

65. Which of the following things should be kept in mind while troubleshooting the Firewall problems?

Note: This Question is unanswered, help us to find answer for this one

66. What exactly is spoofing?

Note: This Question is unanswered, help us to find answer for this one

67. What exactly is a DoS?

Note: This Question is unanswered, help us to find answer for this one

68. Which layer of the OSI model is used by Packet filtering?

Note: This Question is unanswered, help us to find answer for this one

69. The______________ TCP flag can launch a DoS attack.

Note: This Question is unanswered, help us to find answer for this one

70. What is the mode of operation of Firewalls?

Note: This Question is unanswered, help us to find answer for this one

71. Which of the following are hash algorithms?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

72. Which protocol is used by the DNS?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

73. Which of the following can lead to the denial of service attacks?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

74. Which of the reasons listed below lead to common attacks?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

75. Port-Scanning tools helps the administrator in which of the following?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

76. Which of the sources listed below are secured by Desktop Firewalls?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

77. Which of the following tools can be used to monitor the Packets?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

78. Digital Certificates are used for___________.

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

79. Which of the following are Encryption algorithms?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

80. Which of the protocols listed below will you scan at the Gateway to block the Spam Mails?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

81. Which of the following is helped by Logging?

Note: This question has more than 1 correct answers

Note: This Question is unanswered, help us to find answer for this one

82. Which of the following is an INVALID common architectural implementation of firewall?

Note: This Question is unanswered, help us to find answer for this one

83. Which generation firewalls are either application-level firewalls or proxy servers?

Note: This Question is unanswered, help us to find answer for this one

84. Which of the following is not a vaild categorization of Firewall based on processing mode?

Note: This Question is unanswered, help us to find answer for this one

85. What layer of the OSI model do Circuit Layer Firewalls operate at?

Note: This Question is unanswered, help us to find answer for this one

86. Which of the following is not a vaild categorization of Firewall based on structure?

Note: This Question is unanswered, help us to find answer for this one

87. Which level proxy provides protection at the session layer of OSI?

Note: This Question is unanswered, help us to find answer for this one

88. What layer(s) does an SPI firewall generally operate at?

Note: This Question is unanswered, help us to find answer for this one

89. In an IP packet header, which of the following describes the length of the header in 32-bit words and is a 4-bit value?

Note: This Question is unanswered, help us to find answer for this one

90. Which of the following is FALSE about Circuit Gateways?

Note: This Question is unanswered, help us to find answer for this one

91. Which generation firewalls are stateful inspection firewalls?

Note: This Question is unanswered, help us to find answer for this one

92. Which of the following is a mechanism designed into operating system kernel ?

Note: This Question is unanswered, help us to find answer for this one

93. Which of the following servers in the DMZ needs only list a limited number of public IP addresses?

Note: This Question is unanswered, help us to find answer for this one

94. What is a Cisco Access Control List (ACL) considered as?

Note: This Question is unanswered, help us to find answer for this one

95. Which of the following is not a VALID processing –mode category of firewalls?

Note: This Question is unanswered, help us to find answer for this one

96. A dynamic or Stateful Packet Inspection firewall maintains active "BLANK" sessions and "BLANK" pseudo sessions.

Note: This Question is unanswered, help us to find answer for this one

97. Which of the following is not a VALID subset of packet filtering firewalls?

Note: This Question is unanswered, help us to find answer for this one

98. What do circuit layer Firewalls monitor?

Note: This Question is unanswered, help us to find answer for this one

99. Network-based firewalls and Host-based firewalls are valid categories of which of the following firewall ?

Note: This Question is unanswered, help us to find answer for this one

100. A "BLANK" flowing through a firewall is another term for a packet of digital information.

Note: This Question is unanswered, help us to find answer for this one

101. Which particular generation firewall are stateless in nature ?

Note: This Question is unanswered, help us to find answer for this one

102. Ports up to "BLANK" are considered well known ports.

Note: This Question is unanswered, help us to find answer for this one

103. What device should be the front line defense in your network?

Note: This Question is unanswered, help us to find answer for this one

104. A Stateful Packet Inspection firewall maintains a "BLANK", which is also just a list of active connections.

Note: This Question is unanswered, help us to find answer for this one

105. What technology is used on firewalls that process stateful packet inspections at the hardware level and as close to the line rate as possible?

Note: This Question is unanswered, help us to find answer for this one

106. What kind of firewall is the opensource IPtables firewall commonly found on Linux Distros?

Note: This Question is unanswered, help us to find answer for this one

107. What specific chip design allows firewalls to accelerate packet processing to analyze and filter packets between an untrusted and trusted network?

Note: This Question is unanswered, help us to find answer for this one

108. Which of the following firewall makes the filtering decision based on the media access control address of the source/destination of a packet ?

Note: This Question is unanswered, help us to find answer for this one

109. What it is called when a packet arrives at a firewall, gets analyzed and determines that no connection exists and the packet is dropped?

Note: This Question is unanswered, help us to find answer for this one

110. What happens when a packet arrives on an interface and a route exists in the local routing table and the firewall routes the packet back out the same interface the packet arrived on?

Note: This Question is unanswered, help us to find answer for this one

111. Which of the following server creates a secure tunnel connection?

Note: This Question is unanswered, help us to find answer for this one

112. What is the primary purpose of a firewall?

Note: This Question is unanswered, help us to find answer for this one

113. Your customer asks you to allow ALL hosts from the Internet to company's secure webserver (Secure HTTP), what port do you open on the firewall?

Note: This Question is unanswered, help us to find answer for this one

114. Your client asks you to create a rule for FTP access, what port(s) will you add on the firewall?

Note: This Question is unanswered, help us to find answer for this one

115. FTP uses which of the following port as control port?

Note: This Question is unanswered, help us to find answer for this one

116. Which TCP port is used by Telnet?

Note: This Question is unanswered, help us to find answer for this one

117. Which of the following is not a recognized generation of Firewall?

Note: This Question is unanswered, help us to find answer for this one

118. What is a DMZ zone?

Note: This Question is unanswered, help us to find answer for this one

119. Which of the following 8-bit values identifies the maximum time the packet can remain in the system before it is dropped?

Note: This Question is unanswered, help us to find answer for this one

120. Which of the following is TRUE?

Note: This Question is unanswered, help us to find answer for this one

121. What device logically filters traffic at the edge of a computer network and the Internet?

Note: This Question is unanswered, help us to find answer for this one

122. Which of the following firewalls works at the application level?

Note: This Question is unanswered, help us to find answer for this one

123. You want to filter all traffic going to an internal web server from the Internet side of the firewall, what port will you filter on the firewall?

Note: This Question is unanswered, help us to find answer for this one

124. In an IP packet header, which of the following is the address of the computer or device that is to receive the packet?

Note: This Question is unanswered, help us to find answer for this one

125. What port does FTP use for the control port?

Note: This Question is unanswered, help us to find answer for this one

126. Which port does secure HTTP use?

Note: This Question is unanswered, help us to find answer for this one

127. Which of the following firewalls keeps track of the connection state?

Note: This Question is unanswered, help us to find answer for this one

128. What is a host based firewall?

Note: This Question is unanswered, help us to find answer for this one

129. Packets contain an 8-bit value that determines the maximum time the packet can remain the CPU, Memory, and Buffer circuits of a firewall before it is dropped or discarded, what is this called?

Note: This Question is unanswered, help us to find answer for this one

130. Some firewalls deploy a technology that allows monitoring of traffic in and out of a network and alerts network staff when suspicious traffic patterns occur.

Note: This Question is unanswered, help us to find answer for this one

131. What application controls what information is transmitted or received from an external source destined to a server, workstation, or computer that is based on a preset of rules and/or user preferences?

Note: This Question is unanswered, help us to find answer for this one

132. When referring to firewall concepts, what are application level gateways?

Note: This Question is unanswered, help us to find answer for this one

133. The Windows based program, ZoneAlarm is an example of a "BLANK" firewall?

Note: This Question is unanswered, help us to find answer for this one

134. You are a network administrator and you have been asked to add a deny all ICMP firewall stated that is sourced from the Internet; you add a deny all for ICMP, what common command would you use to test your newly added rule?

Note: This Question is unanswered, help us to find answer for this one

135. When designing a network that consists of a firewall, the firewall design needs to be "BLANK" so that it can grow with the network it protects.

Note: This Question is unanswered, help us to find answer for this one

136. Which of the folllowing firewalls keeps track of the state of network connections ?

Note: This Question is unanswered, help us to find answer for this one

137. When referring to firewalls, what does SPI Stand for?

Note: This Question is unanswered, help us to find answer for this one

138. The practice of designing operational aspects of a system to work with a minimal amount of system privilege is called:

Note: This Question is unanswered, help us to find answer for this one

139. What types of firewalls are able to analyze the contents of packets and the IP headers for signs that the traffic is legitimate?

Note: This Question is unanswered, help us to find answer for this one

140. What main attributes are used at layer 4 of the OSI model to filter traffic on a firewall?

Note: This Question is unanswered, help us to find answer for this one

141. Which of the following is another term for a packet of digital information?

Note: This Question is unanswered, help us to find answer for this one

142. Which of the following is not a VALID basic criteria for rule in the firewall policy?

Note: This Question is unanswered, help us to find answer for this one

143. Which of the following valid OSI layer are covered by packet filtering firewall operation ?

Note: This Question is unanswered, help us to find answer for this one

144. When packets are being processed by a hardware firewall, one of the several steps in processing the packets is an error-checking procedure that is performed in the trailer section of an IP Packet, this is called what?

Note: This Question is unanswered, help us to find answer for this one

145. Which type of firewall involves firewall software installation directly on the user's system?

Note: This Question is unanswered, help us to find answer for this one

146. When troubleshooting the flow of packets through a firewall, a datagram is called what at the network layer of the OSI model?

Note: This Question is unanswered, help us to find answer for this one

147. When configuring a firewall to deny port 3389 to a RDP server that is to receive the SYN packet, what is the address?

Note: This Question is unanswered, help us to find answer for this one

148. True/False: Application proxy firewalls are faster than Stateful Packet Inspection firewalls.

Note: This Question is unanswered, help us to find answer for this one

149. Zone Alarm is an example of which type of firewall?

Note: This Question is unanswered, help us to find answer for this one

150. What port do most DDOS DNS attacks occur on?

Note: This Question is unanswered, help us to find answer for this one

151. Which particular firewall usually consists of two separate firewall devices?

Note: This Question is unanswered, help us to find answer for this one

152. Ports up to which of the following are called well-known ports?

Note: This Question is unanswered, help us to find answer for this one

153. Which of the following are the most common restrictions implemented in packet filtering firewalls?

Note: This Question is unanswered, help us to find answer for this one

154. Which of the following firewall's filtering process can be either Stateful, Stateless or both ?

Note: This Question is unanswered, help us to find answer for this one

155. What kind of firewall is the integrated Microsoft Windows firewall application?

Note: This Question is unanswered, help us to find answer for this one

156. The basic concept of a SYN flooding attack lies in the design of what handshake that begins a TCP connection?

Note: This Question is unanswered, help us to find answer for this one

157. What firewall based technology would you use to create a secure tunnel connection from a corporate headquarters to a remote branch office?

Note: This Question is unanswered, help us to find answer for this one