The network firewall is considered as the first line of defense against any cyber attack. It is able to protect different servers based on the firewall configuration. I believe questions and answers is the best way to understand something. Here, we will discuss some interview questions which helps you to understand more about firewall devices.
Q1. What is Network Security?
Ans: Network security is a process of securing IT infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure. IT infrastructure includes firewalls, routers, switches, servers and other devices which helps in hosting the software applications.
In simple terms, network security refers all activities related to protecting the confidentiality, integrity, and availability of software and hardware assets of an organization.
Q2. What is a Network Firewall?
Ans: Network firewall protects your network from unauthorized access. It filters traffic based on the configuration set by the firewall administrator. The firewall basically performs two functions, block and permit traffic based on configuration.
Q3. How does a firewall work?
Ans: Firewall filters network traffic based on the configuration set by the firewall administrator. It can permit or block any port number, web application, and network layer protocols based on configuration.
- 80 HTTP
- 443 HTTPS
- 20 & 21 FTP
- 23 Telnet
- 22 SSH
- 25 SMTP
Q4. What can a firewall protect IT infrastructure inside your organization?
Ans: Firewalls are configured to protect IT infrastructure from any type of unauthorized access. It secures network by implement defined security policies, hiding and protecting your internal network addresses, reporting on threats and activities. It also provides audit logs related to network traffic to the firewall administrator which helps them to identify the root cause of security breach.
Q5. Will IPSEC make firewalls obsolete?
Ans: To discuss this question, first we need to understand what IPSEC does? IPSEC provides host to host authentication and encryption. In simple terms, it provides a solution of integrity and confidentiality to end customer.
While the firewall is protecting network without doing encryption and host to host authentication. It monitors the traffic and permit or block based on configuration. It means we need both IPSEC and firewall, and we can think of combining firewalls with IPSEC-enabled hosts.
Q6. Where does a firewall fit in the security model?
Ans: A security model is a scheme for specifying and enforcing security policies. Firewalls secure perimeters of the network by implement defined security policies, hiding and protecting your internal network addresses, reporting on threats and activities.
Q7. What is VPN?
Ans: VPN stands for Virtual Private Network. It provides secure tunnel which protects your data from any intrusion. It is used to protect private web traffic from snooping, interference, and censorship. In simple terms, it established the connection between two private networks over the internet.
Types of VPN: Site-to-site VPN and Remote Access VPN.
Q8. What are the types of firewalls?
Ans: The National Institute of Standards and Technology (NIST), the organization from the US, divides firewalls into three basic types: Packet filters, Stateful inspection, and Proxy.
Packet filters permit or block packets based on port number, protocols source, and destination address.
Stateful inspection works on the principle of the state of active connections between client and server. It uses the state information to allow or block network traffic.
Proxy firewall combines stateful inspection technology to enable deep packet inspection. Here, firewall act as a proxy, a client makes a connection with firewall and then firewall makes a separate connection to the server on behalf of the client.
Q9. What is source routed traffic and why is it a threat?
Ans: Source routing is not very much used in practice. It allows a sender of a packet to partially or completely specify the route the packet takes through the network.
Generally, the router decides the route from destination to source. If source routed traffic allows through the firewall, an attacker can generate traffic claiming to be from a system “inside” the firewall. In general, such traffic wouldn’t route to the firewall properly, but with the source routing option, all the routers between the attacker’s machine and the target will return traffic along the reverse path of the source route. Implement such attacks are quite easy, therefore it is the big threat to firewall devices.
Q10. What is IP spoofing and how can it be prevented?
Ans: IP spoofing is a practice where an attacker illicitly impersonates another machine by manipulating IP packets. There are many tools available for IP Spoofing.
It can be prevented by following ways:
- Invest in spoofing detection software
- Implement best security practices for IT assets
- Choose reliable ISP
- Implement Cryptographic protocols such as HTTP Secure (HTTPS), Secure etc.
- Shell (SSH) and Transport Layer Security (TLS)
- Avoid Direct IP user authentication
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.