Firewall Concepts MCQs
Firewall Concepts MCQs
These Firewall Concepts multiple-choice questions and their answers will help you strengthen your grip on the subject of Firewall Concepts. You can prepare for an upcoming exam or job interview with these 100 Firewall Concepts MCQs.
So scroll down and start answering.
1: What firewall based technology would you use to create a secure tunnel connection from a corporate headquarters to a remote branch office?
A. Tunnel
B. VPN
C. HTTPS
D. Radius
2: The basic concept of a SYN flooding attack lies in the design of what handshake that begins a TCP connection?
A. TCP
B. 3-way
C. 2-way
D. 4-way
3: What kind of firewall is the integrated Microsoft Windows firewall application?
A. Zone Based
B. Stateless
C. Stateful
D. Connection oriented firewall
4: Which of the following firewall's filtering process can be either Stateful, Stateless or both ?
A. Packet Filtering
B. MAC layer firewalls
C. Application Gateways
D. Circuit Gateways
5: Which of the following are the most common restrictions implemented in packet filtering firewalls?
A. Inbound Direction
B. Outbound Direction
C. All of the given options are valid
D. IP source and destination address
6: Ports up to which of the following are called well-known ports?
A. 1500
B. 1023
C. 255
D. 1025
7: Which particular firewall usually consists of two separate firewall devices?
A. MAC layer firewalls
B. Dynamic Filtering
C. Hybrid Firewall
D. Application –level firewall
8: What port do most DDOS DNS attacks occur on?
A. 443
B. 53
C. 80
D. 161
9: Zone Alarm is an example of which type of firewall?
A. corporate
B. proxy
C. personal
D. IDS
10: True/False: Application proxy firewalls are faster than Stateful Packet Inspection firewalls.
A. False
B. True
11: When configuring a firewall to deny port 3389 to a RDP server that is to receive the SYN packet, what is the address?
A. Connected
B. Source
C. Destination
D. Flag
12: When troubleshooting the flow of packets through a firewall, a datagram is called what at the network layer of the OSI model?
A. Bits
B. Frames
C. Packets
D. Segments
13: Which type of firewall involves firewall software installation directly on the user's system?
A. Commercial –Grade Firewall
B. Fourth Generation
C. Third Generation
D. Residential –Grade Firewall
14: When packets are being processed by a hardware firewall, one of the several steps in processing the packets is an error-checking procedure that is performed in the trailer section of an IP Packet, this is called what?
A. IFG
B. IPC (IP Check)
C. FQDN
D. CRC
15: Which of the following valid OSI layer are covered by packet filtering firewall operation ?
A. At the Application layer
B. Both Transport layer and Network layer
C. Network layer
D. Transport layer
16: Which of the following is not a VALID basic criteria for rule in the firewall policy?
A. Service
B. Source
C. User
D. Destination
17: Which of the following is another term for a packet of digital information?
A. header
B. datagram
C. data
D. footer
18: What main attributes are used at layer 4 of the OSI model to filter traffic on a firewall?
A. Frames and packets
B. Source and/or destination IP Addresses
C. Source and/or destination TCP/UDP ports
D. ICMP and IP
19: What types of firewalls are able to analyze the contents of packets and the IP headers for signs that the traffic is legitimate?
A. Software
B. Boundary
C. Stateless
D. Stateful
20: The practice of designing operational aspects of a system to work with a minimal amount of system privilege is called:
A. access denied
B. least privilege
C. failover firewall
D. IP forwarding
21: When referring to firewalls, what does SPI Stand for?
A. Source Packet Information
B. Stateful Packet Inspection
C. Shared Packet Interconnection
D. Stateless Packet Inspection
22: Which of the folllowing firewalls keeps track of the state of network connections ?
A. Dynamic Filtering
B. Stateful inspection
C. Static filtering
D. Stateless inspection
23: When designing a network that consists of a firewall, the firewall design needs to be "BLANK" so that it can grow with the network it protects.
A. Cost effective
B. Robust
C. Expensive
D. Scalable
24: You are a network administrator and you have been asked to add a deny all ICMP firewall stated that is sourced from the Internet; you add a deny all for ICMP, what common command would you use to test your newly added rule?
A. MTR
B. PING
C. ICMP
D. Traceroute
25: The Windows based program, ZoneAlarm is an example of a "BLANK" firewall?
A. IDS
B. Software
C. Corporate
D. Business
26: When referring to firewall concepts, what are application level gateways?
A. IP Servers
B. Proxy servers
C. HTTP servers
D. HTTP servers
27: What application controls what information is transmitted or received from an external source destined to a server, workstation, or computer that is based on a preset of rules and/or user preferences?
A. Firewall
B. Server
C. Repeater
D. Router
28: Some firewalls deploy a technology that allows monitoring of traffic in and out of a network and alerts network staff when suspicious traffic patterns occur.
A. IDS
B. Switch
C. Router
D. Hub
29: Packets contain an 8-bit value that determines the maximum time the packet can remain the CPU, Memory, and Buffer circuits of a firewall before it is dropped or discarded, what is this called?
A. Time To Live
B. Checksum
C. Protocol
D. Fragment
30: What is a host based firewall?
A. A device that is installed by your Internet Service Provider
B. Software firewall installed on a server/workstation/desktop
C. A proxy server configured to handle http requests
D. A Firewall connected directly to the Network Interface Card of a Computer
31: Which of the following firewalls keeps track of the connection state?
A. Application layer firewall
B. Router enhanced firewall
C. Stateful packet filtering firewall
D. Packet filtering firewall
32: Which port does secure HTTP use?
A. 443
B. 441
C. 442
D. 8080
33: What port does FTP use for the control port?
A. 23
B. 21
C. 20
D. 22
34: In an IP packet header, which of the following is the address of the computer or device that is to receive the packet?
A. total length
B. flag
C. destination address
D. source address
35: You want to filter all traffic going to an internal web server from the Internet side of the firewall, what port will you filter on the firewall?
A. 25
B. 21
C. 80
D. 8080
36: Which of the following firewalls works at the application level?
A. application-level firewalls
B. circuit firewall
C. MAC layer firewalls
D. Packet filtering firewal
37: What device logically filters traffic at the edge of a computer network and the Internet?
A. Hub
B. Firewall
C. Switch
D. Router
38: Which of the following is TRUE?
A. All of the given options are correct
B. Firewalls can be categorized by processing mode, development era, or structure
C. Firewalls categorized by which level of technology they employ are identified by generation, with the later generations being more complex and more recently developed
D. The firewall may be a separate computer system, a software service running on an existing router or server, or a separate network containing a number of supporting devices
39: Which of the following 8-bit values identifies the maximum time the packet can remain in the system before it is dropped?
A. fragment
B. checksum
C. protocol
D. time to live
40: What is a DMZ zone?
A. Dedicated Master Zone
B. Donor Master Zone
C. Dual Master Zone
D. DeMilitarized Zone
41: Which of the following is not a recognized generation of Firewall?
A. Second generation
B. DMZ
C. Third Generation
D. First Generation
42: Which TCP port is used by Telnet?
A. 72
B. 110
C. 80
D. 23
43: FTP uses which of the following port as control port?
A. 22
B. 21
C. 23
D. 20
44: Your client asks you to create a rule for FTP access, what port(s) will you add on the firewall?
A. 8021
B. 20 and 21
C. 20
D. 2121
45: Your customer asks you to allow ALL hosts from the Internet to company's secure webserver (Secure HTTP), what port do you open on the firewall?
A. 22
B. 43
C. 443
D. 23
46: What is the primary purpose of a firewall?
A. Enables fast forwarding
B. Route hot packets
C. Route frames
D. Inspect packets
47: Which of the following server creates a secure tunnel connection?
A. authentication
B. RADIUS
C. tunnel
D. VPN
48: What happens when a packet arrives on an interface and a route exists in the local routing table and the firewall routes the packet back out the same interface the packet arrived on?
A. The Packet is allowed, but marked as low priority
B. The Packet is dropped
C. Interface will get disabled due to a routing conflict
D. Poison reverse routing is disabled and the packet is allowed
49: What it is called when a packet arrives at a firewall, gets analyzed and determines that no connection exists and the packet is dropped?
A. Connection Oriented Inspection
B. Stateful Packet Inspection
C. Stateless Packet Inspection
D. Stateful Frame Inspection
50: Which of the following firewall makes the filtering decision based on the media access control address of the source/destination of a packet ?
A. Packet Filtering
B. MAC layer Firewalls
C. Circuit Gateways
D. Application Gateways
List of Firewall Concepts MCQs...
Available in:
Firewall Concepts MCQs
Вопросы по концепциям брандмауэра на русском языке
Preguntas de Firewall Concepts en español
ファイアウォールの概念に関する日本語の質問
Firewall Concepts domande in lingua italiana
Questions Firewall Concepts en français
Questões de Conceitos de Firewall em Língua Portuguesa
Fragen zu Firewall-Konzepten in deutscher Sprache
中文防火墙概念问题
جدار الحماية يصور الأسئلة باللغات العربية
Soal-soal Konsep Firewall dalam bahasa Indonesia
Pertanyaan Konsep Firewall dalam bahasa Turki
