🏷️ LIMITED TIME OFFER: GET 20% OFF GRADE+ YEARLY SUBSCRIPTION →
Log in
HomeTextbook Notes300,000US110,000

PRINCIPLES OF INFORMATION SECURITY Chapter Notes -Local Area Network, Intrusion Detection System, File Transfer Protocol

27 views2 pages
tagriv
30 Jun 2022
School
Keiser University
Department
Computer Science
Course
PRINCIPLES OF INFORMATION SECURITY
Professor

For unlimited access to Textbook Notes, a Class+ subscription is required.

Document Summary

At intersections where equipment like routers and switches are used, packet filtering firewalls run inline. These firewalls don"t route packets; instead, they check each one against a list of predetermined standards such as the permitted ip addresses, packet type, port number, and other information from the packet protocol headers. Generally speaking, difficult packets are unceremoniously dropped, which means they are not transmitted and eventually vanish from existence. This is another relatively quick method of identifying malicious content. However, they don"t check the packets themselves. gateway for applications. The single point of entry and exit for the network is this form of device, which is technically a proxy but is also referred to as a proxy firewall. Application-level gateways filter packets based on a variety of factors, such as the http request string, in addition to the service for which they are meant, as indicated by the destination port.

Get access

Grade+20% off
$8 USD/m$10 USD/m
Billed $96 USD annually
Grade+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
40 Verified Answers
Class+
$8 USD/m
Billed $96 USD annually
Class+
Homework Help
Study Guides
Textbook Solutions
Class Notes
Textbook Notes
Booster Class
30 Verified Answers

Related Documents

CSE 127 Lecture Notes - Lecture 17: Attack Surface, Https, Network Address Translation
turquoiseplatypus250
CAB240 Lecture Notes - Lecture 12: Ingress Filtering, Egress Filtering, Network Layer
tancoyote287
BTM 200 Lecture Notes - Lecture 15: Virtual Private Network, Extranet, Communications Protocol
c_padilive-concordia-ca

Related Questions

@ Shilpa is saying C and E 

@ Others are saying  A and D 

If you only sure the answer then only response else no need 

A security architect is reviewing the following proposed corporate firewall architecture and configuration:

Both firewalls are stateful and provide Layer 7 filtering and routing. The company has the following requirements:

Web servers must receive all updates via HTTP/S from the corporate network.

Web servers should not initiate communication with the Internet.

Web servers should only connect to preapproved corporate database servers.

Employees' computing devices should only connect to web services over ports 80 and 443.

Which of the following should the architect recommend to ensure all requirements are met in the MOST secure manner? (Choose two.)

A Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP 80,443
B Add the following to Firewall_A: 15 PERMIT FROM 192.168.1.0/24 TO 0.0.0.0 TCP 80,443
C Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP/UDP 0-65535
D Add the following to Firewall_B: 15 PERMIT FROM 0.0.0.0/0 TO 10.0.0.0/16 TCP/UDP 0-65535
E Add the following to Firewall_B: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0 TCP/UDP 0-65535
F Add the following to Firewall_B: 15 PERMIT FROM 192.168.1.0/24 TO 10.0.2.10/32 TCP 80,443

 

A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications. The SD-WAN routers are managed through a SaaS, and the same security policy is applied to staff whether working in the office or at a remote location. The main requirements are the following:

1. The network supports core applications that have 99.99% uptime.

2. Configuration updates to the SD-WAN routers can only be initiated from the management service.

3. Documents downloaded from websites must be scanned for malware.

Which of the following solutions should the network architect implement to meet the requirements?

Options:

A Reverse proxy, stateful firewalls, and VPNs at the local sites
B IDSs, WAFs, and forward proxy IDS
C DoS protection at the hub site, mutual certificate authentication, and cloud proxy
D IPSs at the hub, Layer 4 firewalls, and DLP