Engineering Questions with Answers - Multiple Choice Questions

MCQs on Firewalls

1 - Question

Network layer firewall works as a __________
a) Frame filter
b) Packet filter
c) Content filter
d) Virus filter

View Answer

Answer: b
Explanation: As you know, firewalls are available as hardware appliances, as software-only, or a combination of the two. In every case, the purpose of a firewall is to isolate your trusted internal network (or your personal PC) from the dangers of unknown resources on the Internet and other network connections that may be harmful. The firewall prevents unauthorized access to your internal, trusted network from outside threats.




2 - Question

Network layer firewall has two sub-categories as _________
a) State full firewall and stateless firewall
b) Bit oriented firewall and byte oriented firewall
c) Frame firewall and packet firewall
d) Network layer firewall and session layer firewall

View Answer

Answer: a
Explanation: Most network layer firewalls can operate as stateful or stateless firewalls, creating two subcategories of the standard network layer firewall. Stateful firewalls have the advantage of being able to track packets over a period of time for greater analysis and accuracy — but they require more memory and operate more slowly. Stateless firewalls do not analyze past traffic and can be useful for systems where speed is more important than security, or for systems that have very specific and limited needs. For example, a computer that only needs to connect to a particular backup server does not need the extra security of a stateful firewall.




3 - Question

A firewall is installed at the point where the secure internal network and untrusted external network meet which is also known as __________
a) Chock point
b) Meeting point
c) Firewall point
d) Secure point

View Answer
Answer: a
Explanation: A firewall can be a PC, a router, a midrange, a mainframe, a UNIX workstation, or a combination of these that determines which information or services can be accessed from the outside and who is permitted to use the information and services from outside. Generally, a firewall is installed at the point where the secure internal network and untrusted external network meet, which is also known as a chokepoint.
 



4 - Question

Which of the following is / are the types of firewall?
a) Packet Filtering Firewall
b) Dual Homed Gateway Firewall
c) Screen Host Firewall
d) Dual Host Firewall

View Answer

Answer: a
Explanation: A firewall can be a PC, a midrange, a mainframe, a UNIX workstation, a router, or combination of these. Depending on the requirements, a firewall can consist of one or more of the following functional components: Packet-filtering router




5 - Question

A proxy firewall filters at _________
a) Physical layer
b) Data link layer
c) Network layer
d) Application layer

View Answer

Answer: d
Explanation: The application firewall is typically built to control all network traffic on any layer up to the application layer. It is able to control applications or services specifically, unlike a stateful network firewall, which is – without additional software – unable to control network traffic regarding a specific application. There are two primary categories of application firewalls, network-based application firewalls and host-based application firewalls.




6 - Question

A packet filter firewall filters at __________
a) Physical layer
b) Data link layer
c) Network layer or Transport layer
d) Application layer

View Answer

Answer: c
Explanation: In computing, a firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.[1] A firewall typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet, that is assumed not to be secure or trusted.[2] Firewalls are often categorized as either network firewalls or host-based firewalls.




7 - Question

What is one advantage of setting up a DMZ with two firewalls?
a) You can control where traffic goes in three networks
b) You can do stateful packet filtering
c) You can do load balancing
d) Improved network performance

View Answer

Answer: c
Explanation: DMZ stands for De-Militarized Zone. In a topology with a single firewall serving both internal and external users (LAN and WAN), it acts as a shared resource for these two zones. So load balancing can be done by adding another firewall.




8 - Question

What tells a firewall how to reassemble a data stream that has been divided into packets?
a) The source routing feature
b) The number in the header’s identification field
c) The destination IP address
d) The header checksum field in the packet header

View Answer

Answer: a
Explanation: The source routing feature provides a path address for the packet to help the firewall to reassemble the data stream that was divided into packets. After reassembling, the firewall can then filter the stream.




9 - Question

A stateful firewall maintains a ___________ which is a list of active connections.
a) Routing table
b) Bridging table
c) State table
d) Connection table

View Answer

Answer: a
Explanation: The routing table basically gives the state of each connection i.e. whether the connection is active or not. A routing table ensures the best performance for the stateful firewall.




10 - Question

A firewall needs to be __________ so that it can grow proportionally with the network that it protects.
a) Robust
b) Expansive
c) Fast
d) Scalable

View Answer

Answer: b
Explanation: The firewall has to be expansive because a network is expected to grow with time and if the firewall is unable to grow with it, the firewall won’t be able to handle the growing network traffic flow and will hence fail.

Get weekly updates about new MCQs and other posts by joining 18000+ community of active learners