Charles McBride

CIST 1601

Chapter 6 Review

1. Firewall acts as a barrier or filter between the trusted and untrusted networks. The system
administrator puts a filter to let it check the data from untrusted networks and stop suspicious
data from entering the trusted network.
2. TCP and UDP perform two different functions. TCP is a transport protocol keeping records of the
data transferred and notifying the sender about its status. While UDP is involved with the speed
of the data and does not care about reporting back. There is no transaction involved.
3. Both are different because of the unique quality of the packet filtering firewall as it notices data
packets for the destination, generated source, etc. information. The application layer firewall
may be incorporating software applications. These applications are incorporated to function as
proxies which give the application layer firewall a name of proxy servers as well.
4. Dynamic filtering has the capabilities to change its rules according to the packet transfer
patterns while static filters have fixed rules. The ability of dynamic filtering to change with the
changing circumstances make it more secure.
5. The stateful inspection is a tabular form of system connections information that is responsible
for keeping track of external and internal network connections.
6. Circuit gateway, unlike a firewall functions at the transport layer which is used to prevent a
direct connectivity between two different networks.
7. Cache servers are an important resource that saves precious bandwidth by storing the
frequently used information that uses network bandwidth on the local cache server. When the
user requires this information again, the cache server will provide this information without a
need to use the network resources to communicate with the actual source.
8. In the OSI model, different firewalls act as the transport level to confront any external threats to
the trusted network.
9. Different firewalls can be also utilized to function in collaboration with each other, hence known
as the hybrid firewall.
10. Static packet filtering, application level firewalls, inspection firewalls, dynamic packet filtering
firewalls, and kernel proxy are the five generations of firewall technology. Each of them are still
in use today, but it depends on the security needs of which firewall comes into play.
11. Commercial grade firewall appliance is the hardware like a standalone computer and the
software application. On the other hand, a commercial grade firewall is referred to the actual
software application.
12. The routers that connect computers to the internet are referred to as residential SOHO
appliances. Their function is to get data form the internet network and filter the data. They work
like stateful firewalls.
13. When internet data hits the computer the first line of defense are the residential SOHO
firewalls. The firewall computers are the second line of defense.
14. Screened host architectures provide a dedicated firewall while screen subnet architectures
provide a DMZ which is more secure.
15. A sacrificial host is defending the network without firewall while a bastion has a firewall. Both
are in the frontline to the outer data entering the trusted network.
16. The military term incorporated into network security. It stands for demilitarized zone and is a
space where the existence of a trusted network is decided.
17. The effectiveness of the firewall compared to its cost, its future reliability in accordance to
growing network demands and what is not included in the firewall package are the three
fundamental inquiries to be made.
18. It’s a kind of identity assurance check for the users who want to become involved with a
network. It is a widely supported identity check strategy as compared to TACACS.
19. A content filter should be placed between the trusted and untrusted network. This filter allows
the administrator to limit access to the content of a specific network.
20. Virtual private network or VPN is a security tool used on the internet to connect to a private
network and make a virtual network. It is becoming more widely used due to the fact that
companies can make a virtual network between a lot of its different distinct networks that are
physically away from each other.