Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
38 Cards in this Set
- Front
- Back
Default Firewall Policies |
1 |
|
What is a security zone? |
. |
|
What is a Alias? |
.An alias is a name that identified a group of interfaces, networks, hosts or users |
|
What is policy precedence? |
. |
|
What is DNS? |
. |
|
What is NAT? |
At its most basic level, NAT changes the IP address of a packet from one value to a different value |
|
What is a FQDN? |
. |
|
What is Static Routing? |
. |
|
What port does HTTP use? |
Port 80 |
|
What port does HTTPS use? |
Port 443 |
|
What port does FTP use? |
Port 21 |
|
What port does SMTP use? |
Port 25 |
|
What port does DNS use? |
Port 53 |
|
What is a policy? |
A policy is a rule to control what traffic the Firebox allows or denies |
|
What are the two types of policies? |
Packet Filter and Proxy Policy or ALG's |
|
What is a Packet Filter? |
Examines the IP header of each packet at the network and transport protocol packet layers. If the packet header information is legitimate and the content of the packet header matches the criteria set in the policy, the Firebox allows the packet |
|
What is a Proxy Policy? |
Examines both the IP header information and the content of each packet at the application layer to make sure that both connections are secure. |
|
What is ALG? |
Application Layer Gateway, it performs the same functions as a Proxy Policy, but also provides transparent connection management |
|
What is a difference between Packet Filter and Proxy Policy? |
Only a Proxy Policy looks at the packet body, attachments, RFC compliance, and Commands |
|
What are the four interface types? |
1. Trusted 2. Optional 3. External 4. Custom |
|
What is a Trusted Interface? |
Connects to the trusted network you want to protect |
|
What is an Optional Interface? |
Connects to a network with mixed trust, typically a DMZ where you connect web servers or other externally-accessible network resources |
|
What is an External Interface? |
Connects to an external network, such as the Internet |
|
What is a Custom Interface? |
Connects to an internal network with a security zone that you define |
|
What are the Built-In Aliases? (6) |
1. Any-Trusted 2. Any-Optional 3. Any-External 4. Any-BOVPN 5. Firebox 6. Any |
|
What is an incoming connection? |
Connections originate from a less trusted security zone, such as external and send traffic to a more trusted security zone such as Trusted or Optional |
|
What is an outgoing connection? |
Connections originate from a more trusted security zone, such as Trusted and send traffic to a less trusted security zone? |
|
What are the five default policies? |
1. FTP 2. WatchGuard Web UI 3. Ping 4. Watchguard 5. Outgoing |
|
Do the default policies allow incoming connections? |
No |
|
What additional policies are added if you use RapidDeploy Quickstart? |
1. HTTP-Proxy 2. HTTPS-Proxy |
|
If you remove the default Outgoing policy, which policies will you need to add to browse the web? |
1. HTTP port 80 2. HTTPS port 443 3. DNS port 53 |
|
What two default policies control management connections to the Firebox? |
1. WatchGuard Web UI - Web 2. WatchGuard - WSM |
|
By default the policies Watchguard Web UI and Watchguard allow connections from what networks? |
Trusted and Optional |
|
Policy Precendence |
1. The higher the policy appears on the list, the higher its precedence 2. If two policies can apply to a connection, the higher policy controls the connection 3. By default, Policy Manager orders policies from most to least specific |
|
What are the primary purposes of NAT? |
1. Increase the number of computers that can operate off a single publicly routable IP address 2. Hide the private IP address of hosts on your LAN |
|
What three types of NAT does Fireware OS Support? |
1. Dynamic NAT - Applies to outbound traffic 2. Static NAT - Applies to inbound traffic 3. 1-to-1 NAT - Applies to both directions of traffic |
|
Which Proxy Action do you use for an FTP policy that applies to traffic from Any-Trusted to Any-External? A. FTP-Client B. FTP-Server |
A. FTP-Client |
|
If the detail level in two policies are equal, which policy takes precedence? Proxy or Packet filter? |
Proxy policy |