5.4.1 - Firewall Uses and Types

Flashcards covering IP filtering, port filtering, firewall functions, packet filtering, stateful inspection firewalls, and related concepts.

What is IP Filtering?

Accepting or denying traffic based on its source and/or destination IP address. Also includes Protocol ID/type (TCP, UDP, ICMP, routing protocols, and so on).

What is Port Filtering/Security?

Accepting or denying a packet based on source and destination Transport layer port numbers.

What is the basic function of a firewall?

Traffic filtering.

How is a packet filtering firewall configured?

Specifying rules in a network access control list (ACL).

What actions can be taken by a packet filtering firewall when a packet matches a rule?

To deny (block or drop the packet, and optionally log an event) or to accept (let the packet pass through the firewall).

At what layer of the OSI model does a packet filtering firewall work?

Layer 3 of the OSI model.

What is ingress and egress traffic?

Inbound and outbound traffic.

What does it mean for a packet filtering firewall to be stateless?

It does not preserve information about the connection between two hosts. Each packet is analyzed independently with no record of previously processed packets.

How does a circuit-level stateful inspection firewall address the problems of stateless firewalls?

By maintaining stateful information about the session established between two hosts (including malicious attempts to start a bogus session).

At what layer of the OSI model does a stateful firewall operate?

Layer 5 (Session) of the OSI model.