chapter 7 and 8 first 5 review questions Guide to Firewalls and Network Security

Total Questions Answered: 10

Download All the Answers By Clicking Add To Cart.

$10.00Add to cart


Chapter 7 Review Questions

  1. Why were application-level proxies originally developed?

Application-level proxies were developed originally to run on network devices or appliances. These proxies are specialized firewall software applications (Whitman & Michael, 2012). The devices or appliances are saved from being overwhelmed with the help of application-level proxies when they are dealing with multiple protocols.

  1. What proxy server functions are similar to packet-filtering firewall functions?


The main similarity between the proxy server and packet-filtering is the way they function as both of them function according to rules setup by the network administrator. The decision to authorize the chunk of data to pass through the network is made based on these rules.

  1. What can proxy servers do better than packet filters?

Proxy servers scan the entire data part of the IP while the packet filters scan only the header part. In case of proxy server, the two computers communicating are not connected directly as a proxy wall is present between them. In packet filters the two computers communicate directly leaving loop holes for the hackers and other wrong doers.

  1. Why do proxy servers reassemble packets before sending them on their way?

The proxy server reassembles the packets to conceal the identity of the client. This is how the client is saved from eternal threats as the external attackers are unable to see the real location of the client incorporating proxy servers.

 

 

  1. Which is the most effective way proxy servers conceal internal clients?

The proxy servers appears as if it was the actual client. It rebuilds the packets and conceals the information contained in the packets that is related to the identity of the actual clients. This is the most effective way to protect the clients and conceal them.  

Chapter 8 Review Questions

  1. How can you minimize the chance that security vulnerabilities will arise in a bastion host?

There are different strategies adopted to minimize the vulnerabilities of a bastion system. The most effective is to limit the number of the services offered by the bastion host to just one. As we increase the number of the services offered by the bastion host, the probability of risk increases and more loop holes are created.

  1. A bastion host provides only one network service, and that service is a firewall. True or False?


In an ideal situation a bastion host may provide one network service like the firewall service but it is not economically viable to host just one service. Therefore, the statement is False.

  1. Which functions are required to a greater degree when configuring a bastion host than with other firewall-related tasks?

Setting up a bastion host requires the similar setting of rules as in the case of a firewall. What is different in the case of a bastion host is that we also need to do auditing and backup whenever a bastion host is going to be configured. These functions are required to a greater degree.

  1. If it’s ideal to run only one service on a bastion host, what are the obstacles to configuring multiple hosts on a network?

It is off course ideal to run only one service on a bastion host but the main obstacles is that we are driven by resource optimization and the practicality and economic viability of the technological resources has to be considered in setting up any network resource including the bastion host.

  1. The speed with which a bastion host works is a function of what system component?

Bastion host is part of a data communication network. The speed with which the bastion host works is dependent on multiple but not solely on specific network component. The availability of the network speed or the bandwidth effects the speed of the bastion host as well.

References

Whitman, Michael. (2012) Guide to Firewalls and Network Security. 3rd  edition, Course             Technology,Cengage Learning. ISBN: 9781111135393.

Download All the Answers By Clicking Add To Cart.

$10.00Add to cart


OR

Please Contact Educational Expert Tutors for help with this Assignment/Exam or any Other!