SlideShare a Scribd company logo

The Complete Questionnaires About Firewall

Vishal Kumar
Vishal Kumar

Hello Guys, here are the answers to the most frequently asked questions in an interview about Network firewalls. you will get here the answers of all the Firewall related Question asked in the interview.

Education
1 of 6
Download to read offline
1 WWW.Prohackers.in “The Complete Questionnaires about Firewall” By: -Vishal Kumar (CEH, CHFI, CISE, MCP) info@prohackers.in prorataallotment@hotmail.com
2 WWW.Prohackers.in  What is a Firewall? Firewall is a device that is placed between a trusted and an untrusted network. It deny or permit traffic that enters or leaves network based on pre-configured policies. Firewalls protect inside networks from unauthorized access by users on an outside network. A firewall can also protect inside networks from each other for example by keeping a Management network separate from a user network.  What is the difference between Gateway and Firewall? A Gateway joins two networks together and a network firewall protects a network against unauthorized incoming or outgoing access. Network firewalls may be hardware devices or software programs.  Firewalls work at which Layers? Firewalls work at layer 3, 4 & 7.  What is the difference between Stateful & Stateless Firewall? Stateful firewall – A Stateful firewall is aware of the connections that pass through it. It adds and maintains information about a user’s connections in a state table, referred to as a connection table. It than uses this connection table to implement the security policies for users connections. Example of stateful firewall are PIX, ASA, Checkpoint. Stateless firewalls – (Packet Filtering) Stateless firewalls on the other hand, does not look at the state of connections but just at the packets themselves.  What information does Stateful Firewall Maintains? Stateful firewall maintains following information in its State table:- 1.Source IP address. 2. Destination IP address. 3. IP protocol like TCP, UDP. 4. IP protocol information such as TCP/UDP Port Numbers, TCP Sequence Numbers, and TCP Flags.  How can we allow packets from lower security level to higher security level (Override Security Levels)? We use ACLs to allow packets from lower security level to higher security level.
3 WWW.Prohackers.in  What is the security level of Inside and Outside Interface by default? Security Level of Inside interface by default is 100. Security Level of Outside Interface by default is 0.  Explain DMZ (Demilitarized Zone)? If we need some network resources such as a Web server or FTP server to be available to outside users we place these resources on a separate network behind the firewall called a demilitarized zone (DMZ). The firewall allows limited access to the DMZ, but because the DMZ only includes the public servers, an attack there only affects the servers and does not affect the inside network.  How does a firewall process a packet? When a packet is received on the ingress interface, Firewall checks if it matches an existing entry in the connection table. If it does, protocol inspection is carried out on that packet. If it does not match an existing connection and the packet is either a TCP-SYN packet or UDP packet, the packet is subjected to ACL checks. The reason it needs to be a TCP-SYN packet is because a SYN packet is the first packet in the TCP 3- way handshake. Any other TCP packet that isn’t part of an existing connection is likely an attack. If the packet is allowed by ACLs and is also verified by translation rules, the packet goes through protocol inspection.  What are the values for timeout of TCP session, UDP session, ICMP session? TCP session – 60 minutes UDP session – 2 minutes ICMP session – 2 seconds  Explain TCP Flags? While troubleshooting TCP connections through the Firewall, the connection flags shown for each TCP connection provide information about the state of TCP connections to the Firewall.  What are the different types of ACL in Firewall? 1.Standard ACL 2.Extended ACL
4 WWW.Prohackers.in 3.Ethertype ACL (Transparent Firewall) 4.Webtype ACL (SSL VPN)  What is Transparent Firewall? In Transparent Mode, Firewall acts as a Layer 2 device like a bridge or switch and forwards Ethernet frames based on destination mac-address.  What is the need of Transparent Firewall? If we want to deploy a new firewall into an existing network it can be a complicated process due to various issues like IP address reconfiguration, network topology changes, current firewall etc. We can easily insert a transparent firewall in an existing segment and control traffic between two sides without having to readdress or reconfigure the devices.  Explain Ether-Type ACL? In Transparent mode, unlike TCP/IP traffic for which security levels are used to permit or deny traffic all non-IP traffic is denied by default. We create Ether- Type ACL to allow NON-IP traffic. We can control traffic like BPDU, IPX etc. with Ether-Type ACL.  What is Policy NAT? Policy NAT allows you to NAT by specifying both the source and destination addresses in an extended access list. We can also optionally specify the source and destination ports. Regular NAT can only consider the source addresses, not the destination address. In Static NAT it is called as Static Policy NAT. In Dynamic NAT it is called as Dynamic Policy NAT.  Give the order of preference between different types of NAT? 1. Nat exemption. 2. Existing translation in Xlate. 3.Static NAT – Static Identity NAT – Static Policy NAT – Static NAT
5 WWW.Prohackers.in – Static PAT 4. Dynamic NAT – NAT Zero – Dynamic Policy NAT – Dynamic NAT – Dynamic PAT  What is the difference between Auto NAT & Manual NAT? Auto NAT (Network Object NAT) – It only considers the source address while performing NAT. So, Auto NAT is only used for Static or Dynamic NAT. Auto NAT is configured within an object. Manual NAT (Twice NAT) – Manual NAT considers either only the source address or the source and destination address while performing NAT. It can be used for almost all types of NAT like NAT exempt, policy NAT etc. Unlike Auto NAT that is configured within an object, Manual NAT is configured directly from the global configuration mode.  Give NAT Order in terms of Auto NAT & Manual NAT? NAT is ordered in 3 sections. Section 1 – Manual NAT Section 2 – Auto NAT Section 3 – Manual Nat After-Auto
6 WWW.Prohackers.in Thanks for reading this presentation Please give us your feedback at info@prohackers.in asttitvakanoujia@hotmail.com Your feedback is most valuable for us for improving the presentation You can also suggest the topic on which you want the presentation Website: www.prohackers.in FB page: www.facebook.com/theprohackers2017 Join FB Group: www.facebook.com/groups/group.prohackers/ Watch us on: www.youtube.com//channel/UCcyYSi1sh1SmyMlGfB-Vq6A ***Thanks***

Recommended

netconf and yang
netconf and yangnetconf and yang
netconf and yangpavan penugonda
 
Mobile transportlayer
Mobile transportlayerMobile transportlayer
Mobile transportlayerRahul Hada
 
Firewall - Failover & Transparent Firewall
Firewall - Failover & Transparent Firewall Firewall - Failover & Transparent Firewall
Firewall - Failover & Transparent Firewall NetProtocol Xpert
 
Handover in Mobile Computing
Handover in Mobile ComputingHandover in Mobile Computing
Handover in Mobile ComputingKABILESH RAMAR
 
Indoor positioning system
Indoor positioning systemIndoor positioning system
Indoor positioning systemPRADEEP Cheekatla
 
Introduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingIntroduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingAnkita Mahajan
 
Lecture 15
Lecture 15Lecture 15
Lecture 15Joe Christensen
 
Nat
NatNat
NatHumaira Saleem
 

Recommended

netconf and yang
netconf and yangnetconf and yang
netconf and yangpavan penugonda
 
Mobile transportlayer
Mobile transportlayerMobile transportlayer
Mobile transportlayerRahul Hada
 
Firewall - Failover & Transparent Firewall
Firewall - Failover & Transparent Firewall Firewall - Failover & Transparent Firewall
Firewall - Failover & Transparent Firewall NetProtocol Xpert
 
Handover in Mobile Computing
Handover in Mobile ComputingHandover in Mobile Computing
Handover in Mobile ComputingKABILESH RAMAR
 
Indoor positioning system
Indoor positioning systemIndoor positioning system
Indoor positioning systemPRADEEP Cheekatla
 
Introduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingIntroduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingAnkita Mahajan
 
Lecture 15
Lecture 15Lecture 15
Lecture 15Joe Christensen
 
Nat
NatNat
NatHumaira Saleem
 
Mac protocols for ad hoc wireless networks
Mac protocols for ad hoc wireless networks Mac protocols for ad hoc wireless networks
Mac protocols for ad hoc wireless networks Divya Tiwari
 
PPT on Basic of Gateway
PPT on Basic of GatewayPPT on Basic of Gateway
PPT on Basic of GatewayNaveen Karn
 
IoT Wireless Technologies
IoT Wireless TechnologiesIoT Wireless Technologies
IoT Wireless TechnologiesNEXT INDUSTRIES SRL
 
MANET VS VANET
MANET VS VANETMANET VS VANET
MANET VS VANETMAHESHWARAND5
 
IEEE 802.11
IEEE 802.11IEEE 802.11
IEEE 802.11Abhishek Pachisia
 
IOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxIOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxDRREC
 
802 15-4 tutorial
802 15-4 tutorial802 15-4 tutorial
802 15-4 tutorialSHUBHAM MORGAONKAR
 
Wireless Sensor Networks ppt
Wireless Sensor Networks pptWireless Sensor Networks ppt
Wireless Sensor Networks pptDevdutta Chakrabarti
 
Mobile Computing UNIT-I TO III
Mobile Computing UNIT-I TO IIIMobile Computing UNIT-I TO III
Mobile Computing UNIT-I TO IIIRamesh Babu
 
Adhoc wireless networks and its issues
Adhoc wireless networks and its issuesAdhoc wireless networks and its issues
Adhoc wireless networks and its issuesMenaga Selvaraj
 
wireless sensor network ppt
wireless sensor network pptwireless sensor network ppt
wireless sensor network pptPramod Kuruvatti
 
Unit 3 cs6601 Distributed Systems
Unit 3 cs6601 Distributed SystemsUnit 3 cs6601 Distributed Systems
Unit 3 cs6601 Distributed SystemsNandakumar P
 
Vpn ppt
Vpn pptVpn ppt
Vpn pptNikhila Pothukuchi
 
Mobile WiMAX
Mobile WiMAXMobile WiMAX
Mobile WiMAXxotspot
 
Ip packet delivery
Ip packet deliveryIp packet delivery
Ip packet deliveryrajisri2
 
Basic Concepts in Wireless LAN
Basic Concepts in Wireless LANBasic Concepts in Wireless LAN
Basic Concepts in Wireless LANDr Shashikant Athawale
 
3. challenges
3. challenges3. challenges
3. challengesAbDul ThaYyal
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Open Source Grid Middleware Packages
Open Source Grid Middleware PackagesOpen Source Grid Middleware Packages
Open Source Grid Middleware PackagesShivaramBose
 
IoT Design Principles
IoT Design PrinciplesIoT Design Principles
IoT Design Principlesardexateam
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersNetProtocol Xpert
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.abidhassan225
 

More Related Content

What's hot

Mac protocols for ad hoc wireless networks
Mac protocols for ad hoc wireless networks Mac protocols for ad hoc wireless networks
Mac protocols for ad hoc wireless networks Divya Tiwari
 
PPT on Basic of Gateway
PPT on Basic of GatewayPPT on Basic of Gateway
PPT on Basic of GatewayNaveen Karn
 
IOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxIOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxDRREC
 
Mobile Computing UNIT-I TO III
Mobile Computing UNIT-I TO IIIMobile Computing UNIT-I TO III
Mobile Computing UNIT-I TO IIIRamesh Babu
 
Adhoc wireless networks and its issues
Adhoc wireless networks and its issuesAdhoc wireless networks and its issues
Adhoc wireless networks and its issuesMenaga Selvaraj
 
wireless sensor network ppt
wireless sensor network pptwireless sensor network ppt
wireless sensor network pptPramod Kuruvatti
 
Unit 3 cs6601 Distributed Systems
Unit 3 cs6601 Distributed SystemsUnit 3 cs6601 Distributed Systems
Unit 3 cs6601 Distributed SystemsNandakumar P
 
Mobile WiMAX
Mobile WiMAXMobile WiMAX
Mobile WiMAXxotspot
 
Ip packet delivery
Ip packet deliveryIp packet delivery
Ip packet deliveryrajisri2
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Open Source Grid Middleware Packages
Open Source Grid Middleware PackagesOpen Source Grid Middleware Packages
Open Source Grid Middleware PackagesShivaramBose
 
IoT Design Principles
IoT Design PrinciplesIoT Design Principles
IoT Design Principlesardexateam
 

What's hot (20)

Mac protocols for ad hoc wireless networks
Mac protocols for ad hoc wireless networks Mac protocols for ad hoc wireless networks
Mac protocols for ad hoc wireless networks
 
PPT on Basic of Gateway
PPT on Basic of GatewayPPT on Basic of Gateway
PPT on Basic of Gateway
 
IoT Wireless Technologies
IoT Wireless TechnologiesIoT Wireless Technologies
IoT Wireless Technologies
 
MANET VS VANET
MANET VS VANETMANET VS VANET
MANET VS VANET
 
IEEE 802.11
IEEE 802.11IEEE 802.11
IEEE 802.11
 
IOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxIOT PROTOCOLS.pptx
IOT PROTOCOLS.pptx
 
802 15-4 tutorial
802 15-4 tutorial802 15-4 tutorial
802 15-4 tutorial
 
Wireless Sensor Networks ppt
Wireless Sensor Networks pptWireless Sensor Networks ppt
Wireless Sensor Networks ppt
 
Mobile Computing UNIT-I TO III
Mobile Computing UNIT-I TO IIIMobile Computing UNIT-I TO III
Mobile Computing UNIT-I TO III
 
Adhoc wireless networks and its issues
Adhoc wireless networks and its issuesAdhoc wireless networks and its issues
Adhoc wireless networks and its issues
 
wireless sensor network ppt
wireless sensor network pptwireless sensor network ppt
wireless sensor network ppt
 
Unit 3 cs6601 Distributed Systems
Unit 3 cs6601 Distributed SystemsUnit 3 cs6601 Distributed Systems
Unit 3 cs6601 Distributed Systems
 
Vpn ppt
Vpn pptVpn ppt
Vpn ppt
 
Mobile WiMAX
Mobile WiMAXMobile WiMAX
Mobile WiMAX
 
Ip packet delivery
Ip packet deliveryIp packet delivery
Ip packet delivery
 
Basic Concepts in Wireless LAN
Basic Concepts in Wireless LANBasic Concepts in Wireless LAN
Basic Concepts in Wireless LAN
 
3. challenges
3. challenges3. challenges
3. challenges
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
 
Open Source Grid Middleware Packages
Open Source Grid Middleware PackagesOpen Source Grid Middleware Packages
Open Source Grid Middleware Packages
 
IoT Design Principles
IoT Design PrinciplesIoT Design Principles
IoT Design Principles
 

Similar to The Complete Questionnaires About Firewall

ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersNetProtocol Xpert
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.abidhassan225
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Lec # 13 Firewall.pptx
Lec # 13 Firewall.pptxLec # 13 Firewall.pptx
Lec # 13 Firewall.pptxskknowledge
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet BawaPuneet Bawa
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix FirewallSouvik Santra
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding FirewallsLikan Patra
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2sweta dargad
 
CN. Presentation for submitting project term pptx
CN. Presentation for submitting project term pptxCN. Presentation for submitting project term pptx
CN. Presentation for submitting project term pptxsaad504633
 

Similar to The Complete Questionnaires About Firewall (20)

ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & Answers
 
A firewall is a network security device.
A firewall is a network security device.A firewall is a network security device.
A firewall is a network security device.
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall & its Services
Firewall & its ServicesFirewall & its Services
Firewall & its Services
 
Firewall
FirewallFirewall
Firewall
 
Firewall
FirewallFirewall
Firewall
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Firewalls
FirewallsFirewalls
Firewalls
 
Lec # 13 Firewall.pptx
Lec # 13 Firewall.pptxLec # 13 Firewall.pptx
Lec # 13 Firewall.pptx
 
Firewall
Firewall Firewall
Firewall
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Firewalls by Puneet Bawa
Firewalls by Puneet BawaFirewalls by Puneet Bawa
Firewalls by Puneet Bawa
 
Internetworking With Pix Firewall
Internetworking With Pix FirewallInternetworking With Pix Firewall
Internetworking With Pix Firewall
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding Firewalls
 
Firewall
FirewallFirewall
Firewall
 
Firewall configuration
Firewall configurationFirewall configuration
Firewall configuration
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
 
CN. Presentation for submitting project term pptx
CN. Presentation for submitting project term pptxCN. Presentation for submitting project term pptx
CN. Presentation for submitting project term pptx
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
 
Network & security startup
Network & security startupNetwork & security startup
Network & security startup
 

More from Vishal Kumar

Threat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceThreat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceVishal Kumar
 
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)Vishal Kumar
 
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) ProtocolE-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) ProtocolVishal Kumar
 
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using MetasploitPrivileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using MetasploitVishal Kumar
 
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC SessionExploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC SessionVishal Kumar
 
Auditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrackAuditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrackVishal Kumar
 
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext PasswordsDumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext PasswordsVishal Kumar
 
Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Vishal Kumar
 
The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)Vishal Kumar
 
Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Vishal Kumar
 
The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)Vishal Kumar
 
Hawkeye the Credential Theft Maalware
Hawkeye the Credential Theft MaalwareHawkeye the Credential Theft Maalware
Hawkeye the Credential Theft MaalwareVishal Kumar
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionVishal Kumar
 
Owasp top 10 security threats
Owasp top 10 security threatsOwasp top 10 security threats
Owasp top 10 security threatsVishal Kumar
 
Exploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web applicationExploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web applicationVishal Kumar
 
Mirroring web site using ht track
Mirroring web site using ht trackMirroring web site using ht track
Mirroring web site using ht trackVishal Kumar
 
Collecting email from the target domain using the harvester
Collecting email from the target domain using the harvesterCollecting email from the target domain using the harvester
Collecting email from the target domain using the harvesterVishal Kumar
 
Information gathering using windows command line utility
Information gathering using windows command line utilityInformation gathering using windows command line utility
Information gathering using windows command line utilityVishal Kumar
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 

More from Vishal Kumar (20)

Threat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement MatriceThreat Hunting Procedures and Measurement Matrice
Threat Hunting Procedures and Measurement Matrice
 
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
 
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) ProtocolE-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
E-Mail Security Protocol - 1 Privacy Enhanced Mail (PEM) Protocol
 
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using MetasploitPrivileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
Privileges Escalation by Exploiting Client-Side Vulnerabilities Using Metasploit
 
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC SessionExploiting Client-Side Vulnerabilities and Establishing a VNC Session
Exploiting Client-Side Vulnerabilities and Establishing a VNC Session
 
Auditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrackAuditing System Password Using L0phtcrack
Auditing System Password Using L0phtcrack
 
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext PasswordsDumping and Cracking SAM Hashes to Extract Plaintext Passwords
Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
 
Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2 Fundamental of Secure Socket Layer (SSL) | Part - 2
Fundamental of Secure Socket Layer (SSL) | Part - 2
 
The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)The Fundamental of Electronic Mail (E-mail)
The Fundamental of Electronic Mail (E-mail)
 
Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1Fundamental of Secure Socket Layer (SSl) | Part - 1
Fundamental of Secure Socket Layer (SSl) | Part - 1
 
The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)The Fundamental of Secure Socket Layer (SSL)
The Fundamental of Secure Socket Layer (SSL)
 
Hawkeye the Credential Theft Maalware
Hawkeye the Credential Theft MaalwareHawkeye the Credential Theft Maalware
Hawkeye the Credential Theft Maalware
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL Injection
 
Owasp top 10 security threats
Owasp top 10 security threatsOwasp top 10 security threats
Owasp top 10 security threats
 
Exploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web applicationExploiting parameter tempering attack in web application
Exploiting parameter tempering attack in web application
 
Mirroring web site using ht track
Mirroring web site using ht trackMirroring web site using ht track
Mirroring web site using ht track
 
Collecting email from the target domain using the harvester
Collecting email from the target domain using the harvesterCollecting email from the target domain using the harvester
Collecting email from the target domain using the harvester
 
Information gathering using windows command line utility
Information gathering using windows command line utilityInformation gathering using windows command line utility
Information gathering using windows command line utility
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
 
Social engineering
Social engineeringSocial engineering
Social engineering
 

Recently uploaded

9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 

Recently uploaded (20)

9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 

The Complete Questionnaires About Firewall

  • 1. 1 WWW.Prohackers.in “The Complete Questionnaires about Firewall” By: -Vishal Kumar (CEH, CHFI, CISE, MCP) info@prohackers.in prorataallotment@hotmail.com
  • 2. 2 WWW.Prohackers.in  What is a Firewall? Firewall is a device that is placed between a trusted and an untrusted network. It deny or permit traffic that enters or leaves network based on pre-configured policies. Firewalls protect inside networks from unauthorized access by users on an outside network. A firewall can also protect inside networks from each other for example by keeping a Management network separate from a user network.  What is the difference between Gateway and Firewall? A Gateway joins two networks together and a network firewall protects a network against unauthorized incoming or outgoing access. Network firewalls may be hardware devices or software programs.  Firewalls work at which Layers? Firewalls work at layer 3, 4 & 7.  What is the difference between Stateful & Stateless Firewall? Stateful firewall – A Stateful firewall is aware of the connections that pass through it. It adds and maintains information about a user’s connections in a state table, referred to as a connection table. It than uses this connection table to implement the security policies for users connections. Example of stateful firewall are PIX, ASA, Checkpoint. Stateless firewalls – (Packet Filtering) Stateless firewalls on the other hand, does not look at the state of connections but just at the packets themselves.  What information does Stateful Firewall Maintains? Stateful firewall maintains following information in its State table:- 1.Source IP address. 2. Destination IP address. 3. IP protocol like TCP, UDP. 4. IP protocol information such as TCP/UDP Port Numbers, TCP Sequence Numbers, and TCP Flags.  How can we allow packets from lower security level to higher security level (Override Security Levels)? We use ACLs to allow packets from lower security level to higher security level.
  • 3. 3 WWW.Prohackers.in  What is the security level of Inside and Outside Interface by default? Security Level of Inside interface by default is 100. Security Level of Outside Interface by default is 0.  Explain DMZ (Demilitarized Zone)? If we need some network resources such as a Web server or FTP server to be available to outside users we place these resources on a separate network behind the firewall called a demilitarized zone (DMZ). The firewall allows limited access to the DMZ, but because the DMZ only includes the public servers, an attack there only affects the servers and does not affect the inside network.  How does a firewall process a packet? When a packet is received on the ingress interface, Firewall checks if it matches an existing entry in the connection table. If it does, protocol inspection is carried out on that packet. If it does not match an existing connection and the packet is either a TCP-SYN packet or UDP packet, the packet is subjected to ACL checks. The reason it needs to be a TCP-SYN packet is because a SYN packet is the first packet in the TCP 3- way handshake. Any other TCP packet that isn’t part of an existing connection is likely an attack. If the packet is allowed by ACLs and is also verified by translation rules, the packet goes through protocol inspection.  What are the values for timeout of TCP session, UDP session, ICMP session? TCP session – 60 minutes UDP session – 2 minutes ICMP session – 2 seconds  Explain TCP Flags? While troubleshooting TCP connections through the Firewall, the connection flags shown for each TCP connection provide information about the state of TCP connections to the Firewall.  What are the different types of ACL in Firewall? 1.Standard ACL 2.Extended ACL
  • 4. 4 WWW.Prohackers.in 3.Ethertype ACL (Transparent Firewall) 4.Webtype ACL (SSL VPN)  What is Transparent Firewall? In Transparent Mode, Firewall acts as a Layer 2 device like a bridge or switch and forwards Ethernet frames based on destination mac-address.  What is the need of Transparent Firewall? If we want to deploy a new firewall into an existing network it can be a complicated process due to various issues like IP address reconfiguration, network topology changes, current firewall etc. We can easily insert a transparent firewall in an existing segment and control traffic between two sides without having to readdress or reconfigure the devices.  Explain Ether-Type ACL? In Transparent mode, unlike TCP/IP traffic for which security levels are used to permit or deny traffic all non-IP traffic is denied by default. We create Ether- Type ACL to allow NON-IP traffic. We can control traffic like BPDU, IPX etc. with Ether-Type ACL.  What is Policy NAT? Policy NAT allows you to NAT by specifying both the source and destination addresses in an extended access list. We can also optionally specify the source and destination ports. Regular NAT can only consider the source addresses, not the destination address. In Static NAT it is called as Static Policy NAT. In Dynamic NAT it is called as Dynamic Policy NAT.  Give the order of preference between different types of NAT? 1. Nat exemption. 2. Existing translation in Xlate. 3.Static NAT – Static Identity NAT – Static Policy NAT – Static NAT
  • 5. 5 WWW.Prohackers.in – Static PAT 4. Dynamic NAT – NAT Zero – Dynamic Policy NAT – Dynamic NAT – Dynamic PAT  What is the difference between Auto NAT & Manual NAT? Auto NAT (Network Object NAT) – It only considers the source address while performing NAT. So, Auto NAT is only used for Static or Dynamic NAT. Auto NAT is configured within an object. Manual NAT (Twice NAT) – Manual NAT considers either only the source address or the source and destination address while performing NAT. It can be used for almost all types of NAT like NAT exempt, policy NAT etc. Unlike Auto NAT that is configured within an object, Manual NAT is configured directly from the global configuration mode.  Give NAT Order in terms of Auto NAT & Manual NAT? NAT is ordered in 3 sections. Section 1 – Manual NAT Section 2 – Auto NAT Section 3 – Manual Nat After-Auto
  • 6. 6 WWW.Prohackers.in Thanks for reading this presentation Please give us your feedback at info@prohackers.in asttitvakanoujia@hotmail.com Your feedback is most valuable for us for improving the presentation You can also suggest the topic on which you want the presentation Website: www.prohackers.in FB page: www.facebook.com/theprohackers2017 Join FB Group: www.facebook.com/groups/group.prohackers/ Watch us on: www.youtube.com//channel/UCcyYSi1sh1SmyMlGfB-Vq6A ***Thanks***