Lab 7
1. What are some common risks, threats, and vulnerabilities commonly found in the LAN-to-WAN Domain that must be mitigated through a layered security strategy?
A layered security strategy will encompass Rouge protocols such as Bit mining and P2P, Unauthorized network scanning and probing, and unauthorized access to the network.
2. What is an Access Control List (ACL) and how is it useful in a layered security strategy?
An ACL is a Control list which will allow or deny traffic or devices based on specifications defined in the ACL. This ACL generally is applied and configured on Firewalls. It is useful in a layered security approach because from an External standpoint it become the first line of defense when hosts attempt to connect to the network.
3. What is a Bastion Host? Provide an example of when a Bastion Host should be used and how.
A "Bastion Host" is a host that is minimally configured software firewall containing only necessary software/services. These are also referred to as bare metal or “lite” and is managed to be overly secure through a minimalist approach. All traffic coming is directed to the Bastion or “screened host”. Outbound traffic is not sent through it. The most common threat to the Bastion Host is to the operating system that is not hardened with additional security applications.
4. Provide at least two examples of how the enclave requirement to place a firewall at the perimeter can be accomplished.
a. Placing a firewall between two routers and another firewall before a DMZ would be the best requirement choice to use
5. What is the difference between a traditional IP Stateful Firewall and a Deep Packet Inspection Firewall?
a. IP Stateful firewall inspection takes place in layer 4, when traffic attempts to traverse the firewall a requested a source port and a destination port pair become part of the session allowing the source to receive information. Stateful inspection firewalls solve the vulnerability of permitting all the high numbered
A layered security strategy will encompass Rouge protocols such as Bit mining and P2P, Unauthorized network scanning and probing, and unauthorized access to the network.
2. What is an Access Control List (ACL) and how is it useful in a layered security strategy?
An ACL is a Control list which will allow or deny traffic or devices based on specifications defined in the ACL. This ACL generally is applied and configured on Firewalls. It is useful in a layered security approach because from an External standpoint it become the first line of defense when hosts attempt to connect to the network.
3. What is a Bastion Host? Provide an example of when a Bastion Host should be used and how.
A "Bastion Host" is a host that is minimally configured software firewall containing only necessary software/services. These are also referred to as bare metal or “lite” and is managed to be overly secure through a minimalist approach. All traffic coming is directed to the Bastion or “screened host”. Outbound traffic is not sent through it. The most common threat to the Bastion Host is to the operating system that is not hardened with additional security applications.
4. Provide at least two examples of how the enclave requirement to place a firewall at the perimeter can be accomplished.
a. Placing a firewall between two routers and another firewall before a DMZ would be the best requirement choice to use
5. What is the difference between a traditional IP Stateful Firewall and a Deep Packet Inspection Firewall?
a. IP Stateful firewall inspection takes place in layer 4, when traffic attempts to traverse the firewall a requested a source port and a destination port pair become part of the session allowing the source to receive information. Stateful inspection firewalls solve the vulnerability of permitting all the high numbered