Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 Exam ISSAP Topic 5 Question 32 Discussion

Actual exam question for ISC2's Information Systems Security Architecture Professional exam
Question #: 32
Topic #: 5
[All Information Systems Security Architecture Professional Questions]

You work as a Network Administrator for company Inc. The company has deployed an ASA at the network perimeter. Which of the following types of firewall will you use to create two different communications, one between the client and the firewall, and the other between the firewall and the end server?

Show Suggested Answer Hide Answer
Suggested Answer: D

manner of an application, whilst blocking other packets.

Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not

necessarily cause a security breach exploitable from outside the firewall. Conversely, intruders may hijack a publicly-reachable system and use

it as a proxy for their own purposes; the proxy then masquerades as that system to other internal machines. While use of internal address

spaces enhances security, attackers may still employ methods such as IP spoofing to attempt to pass packets to a target network. The proxy

firewall functions by maintaining two separate conversations, which are as follows:

One between the client and the firewall

One between the firewall and the end server

Answer options C, A, and B are incorrect. These firewalls do not function by creating two different communications.

A packet filter firewall is the basic system first generation firewall, which is a highly evolved and technical internet security feature now a days.

Packet filters act by inspecting the 'packets' which represent the basic unit of data transfer between computers on the Internet. If a packet

matches the packet filter's set of rules, the packet filter will drop the packet, or reject it (discard it, and send 'error responses' to the source).

This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (it stores no information on

connection 'state'). Instead, it filters each packet based only on information contained in the packet itself (most commonly using a

combination of the packet's source and destination address, its protocol, and, for TCP and UDP traffic, the port number).

A stateful firewall is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across

it. The firewall is programmed to distinguish legitimate packets for different types of connections. Only packets matching a known connection

state will be allowed by the firewall; others will be rejected.

The Endian Firewall is an open source Linux distribution that specializes on Routing/Firewalling and Unified Threat Management. It is being

developed by the Italian Endian Srl and the community. Endian is originally based on IPCop, which itself was a fork of Smoothwall, but is now

based on Linux From Scratch.


by Lezlie at May 04, 2022, 08:10 AM

Limited Time Offer

25%

Off

Get Premium ISSAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!


Save Cancel