Untitled Question 9 15 pts (TCO B) Compare and contrast a state-based firewall t
ID: 3737012 • Letter: U
Question
Untitled Question 9 15 pts (TCO B) Compare and contrast a state-based firewall to a proxy firewall. Discuss the advantages, similarities, and differences of each. Differentiate a perimeter firewall from a client firewall (TCO B) Given the commands shown below, identify the ACL type. Explain what happens when the ACL is applied. 2 configure termina.l interface FastEthernete/e ip address 192.168.200.1 255.255.255.0 ip access-group 100 in access-list 100 permit top host 9.168.00.10 any eq ww time-range TWODAYS access-list 100 permit tcp host 192.168.200.10 any eq login time-range ONETIME time-range TWODAYS periodic Tuesday Thursday 14:00 to 22:00 time-range ONETIME absolute start 04:00 12 February 2011 end 18:00 12 February 2011 End Question 11 15 pts (TCO C) Discuss how scanning fits into steps or sequences when hacking an organization. Describe the tools and objectives of scanning by a hacker. 8 1 Question 12 15 pts (TCO C) Describe specific situations in which TACACS+ would be used rather than RADIUSExplanation / Answer
1>State-based firewall is a network firewall that tracks the network associated with it and it also tracks the operating system.Actually the firewall is configured distinguish the different types of connections. It is also referred to as dynamic-packet filtering, which is a security feature also included in business network. State-based firewall treats each network frame or packet individually.
Advantage of State-based firewall:-
(i)It allows direct communication between Client and Server by maintaining a transparent mode.
(ii)Sometimes it also implement algorithm and complex security models making the connections more secure.
(iii)It must keeps track of all connections to normal filtering by port, protocol and IP address.
Proxy firewall maintains the balance between the security and functionality. It provides security that is better than other type of firewall technologies. It limits what application can our network support. Proxy firewalls provide increased security over packet- filtering firewalls. It acts as a intermediary for the client request that seeks the resource frpm other server.
Advantage of proxy firewall:-
(i)It provides comprehensive protocol aware-security for the protocol which they support.Proxy firwall works at the application layer which provides better security than the products which focus on the packet infoemation.
(ii)Proxy firewall have hidden topology of the internal protected network. Internal Ip address is hidden from the external world because proxy service do not allow the direct communication external servers and the internal computers.
(iii)It is easier in proxy firewall to identify the methods of attack. It also provide the valuable backup of the logs that exist in the server which is being protected by the proxy.
Perimeter Firewall controls the network traffic by entering or leaving the host into organisation or outer boundary. It provides a first line of defense against attack and block access to inappropriate content inside the organisation.It is essential components for detecting and protecting the network from unwanted traffic.The most common type of perimeter firewall is known as a static packet filter firewall. Perimeter firewall can be thought of as a having internal or external interface.Perimeter firewall typically blocks incoming network traffic which contains broadcast traffic.
Client Firewall are the internet firewall configuration which have a collection of rules that contains the traffic. Each configuration is connected to a tunnel resource. A firewall client is a computer with installed firewall client software and enabled.
2>The ACL type commands are:-
ip address 192.168.200.1 255.255.255.0
ip access-group 100 in.
When ACL is applied it modify standard access list WAAS device for controlling the access to interface or application.Within ACL configuration mode we can use the editing commands like list,delete and move to display the current condition entries.ACL's which are defined WAE take precedence over the WAAS application.
3>Scanning is the second most important phase of information gathering that hackers use for the network. Scanning is the process which allows us to get deeper into the process to get the data.So, the objective of scanning by a hacker is clear that after scanning they can get each and every data from a system.
Scanning tools are:-
(i)NMAP:- NMAP stands for Network mapper and it is free open source tools for network scanning and network security.For our concern it is the best network scanner till date.It uses raw IP packet to determine what host are available in network .
(ii)Mitech Network Scanner:- It is the best netwrok scanner for windows platform. It scan for opened TCP and UDP ports.
(iii)SoftPerfect Network scanner:- It is most important be taking features and performance into an account. It's interface is very clean and user friendly. In this procces we only need to enter the IP's we need to scan.
Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.