{"id":79150,"date":"2021-12-02T22:34:12","date_gmt":"2021-12-02T22:34:12","guid":{"rendered":"https:\/\/papersspot.com\/blog\/2021\/12\/02\/it120-cybersecurity-principles-class-exercise-applying-firewall-rules-name-examine\/"},"modified":"2021-12-02T22:34:12","modified_gmt":"2021-12-02T22:34:12","slug":"it120-cybersecurity-principles-class-exercise-applying-firewall-rules-name-examine","status":"publish","type":"post","link":"https:\/\/papersspot.com\/blog\/2021\/12\/02\/it120-cybersecurity-principles-class-exercise-applying-firewall-rules-name-examine\/","title":{"rendered":"IT120 Cybersecurity Principles Class Exercise: Applying Firewall Rules Name: ( ) Examine"},"content":{"rendered":"<p>IT120 Cybersecurity Principles <\/p>\n<p> Class Exercise: Applying Firewall Rules<\/p>\n<p> Name: ( )<\/p>\n<p> Examine the following rules for a packet filtering firewall that protects a corporate Web Server and answer the questions below. Circle (or highlight) PASS or DENY and list the rule that applies to the question.<\/p>\n<p> Remember rules are executed in order depending if the traffic is entering the system (Ingress Rules) or leaving the network (Egress Rules)<\/p>\n<p> The comment next to the rule gives the reason for the rule.<\/p>\n<p> Note: the final rule (or default rule) is DENY ALL which means that if none of the rules apply the packet will be denied.<\/p>\n<p> Ingress Rules<\/p>\n<p> I.1 If source IP address = 10.*.*.*, DENY [private IP address range]<\/p>\n<p> I.2 If source IP address = 172.16.*.* to 172.31.*.*, DENY [private IP address range]<\/p>\n<p> I.3 If source IP address = 192.168.*.*, DENY [private IP address range]<\/p>\n<p> I.4 If source IP address = 60.80.*.*, DENY [internal address range]<\/p>\n<p> I.5 If source IP address = 12.26.3.4, DENY [black-holed address of attacker]<\/p>\n<p> I.6 If TCP SYN=1 AND FIN=1, DENY [crafted attack packet]<\/p>\n<p> I.7 If destination IP address = 60.47.3.11 AND TCP destination port=80, PASS [connection to a public Web server] <\/p>\n<p> I.8 If destination IP address = 60.47.3.11 AND TCP destination port=443, PASS [secure connection to a public Web server] <\/p>\n<p> I.9 If TCP destination port = 20, DENY [FTP data connection]<\/p>\n<p> I.10 If TCP destination port = 21, DENY [FTP supervisory control connection]<\/p>\n<p> I.11 If TCP destination port = 23, DENY [Telnet data connection]<\/p>\n<p> I.12 If TCP destination port = 135 through 139, DENY [NetBIOS connection for clients]<\/p>\n<p> I.13 If TCP destination port = 513, DENY [UNIX rlogin without password]<\/p>\n<p> I.14 If TCP destination port = 514, DENY [UNIX rsh launch shell without login]<\/p>\n<p> I.15 If TCP destination port = 22, PERMIT [SSH for secure login)<\/p>\n<p> I.16 If UDP destination port=69, DENY [Trivial File Transfer Protocol; no login necessary<\/p>\n<p> I.17 If TCP SYN=1 AND ACK=0, DENY [attempt to open a connection from the outside]]<\/p>\n<p> I.18 If ICMP Type = 0, PASS [allow incoming echo reply messages]<\/p>\n<p> I.19 If ICMP Type = 8, PASS [allow outgoing echo reply messages]<\/p>\n<p> I.20 DENY ALL<\/p>\n<p> Egress Rules<\/p>\n<p> E.1 If source IP address = 10.*.*.*, DENY [private IP address range]<\/p>\n<p> E.2 If source IP address = 172.16.*.* to 172.31.*.*, DENY [private IP address range]<\/p>\n<p> E.3 If source IP address = 192.168.*.*, DENY [private IP address range]<\/p>\n<p> E.4 If source IP address NOT = 60.80.*.*, DENY [not in internal address range]<\/p>\n<p> E.5 If ICMP Type = 8, PASS [allow outgoing echo messages]<\/p>\n<p> E.6 If Protocol=ICMP, DENY [drop all other outgoing ICMP messages]<\/p>\n<p> E.7 If TCP RST=1, DENY [do not allow outgoing resets; used in host scanning]<\/p>\n<p> E.8 If source IP address = 60.47.3.9 and TCP source port = 80, PERMIT [public Web Server]<\/p>\n<p> E.9 If source IP address = 60.47.3.9 and TCP source port = 443, PERMIT [public secure Web Server]<\/p>\n<p> E.10 If TCP source port=0 through 49151, DENY [well-known and registered ports]<\/p>\n<p> E.11 If UDP source port=0 through 49151, DENY [well-known and registered ports]<\/p>\n<p> E.12 If TCP source port =49152 through 65,536, PASS [allow outgoing client connections]<\/p>\n<p> E.13 If UDP source port = 49152 through 65,536, PERMIT [allow outgoing client connections]<\/p>\n<p> E.14 DENY ALL<\/p>\n<p> *Note: A ping message, requesting an Echo reply. ICMP Type 8: ECHO Request, <\/p>\n<p> Type 0: ECHO Reply<\/p>\n<p> Questions<\/p>\n<p> The firewall receives an external HTTP request for a Web page in the corporate web server (TCP destination port 80, IP destination address 60.47.3.9) coming from the IP address 172.30.7.16.<\/p>\n<p> PASS DENY Rule ______________<\/p>\n<p> The Web server inside the firewall pings the Internet host at IP 99.89.67.5 using an ECHO message<\/p>\n<p> PASS DENY Rule ______________<\/p>\n<p> The sysadmin inside the firewall opens a Web browser. The browser asks for a Web page on an external IP address 77.5.7.8 ( the source TCP port is 51000)<\/p>\n<p> PASS DENY Rule ______________<\/p>\n<p> One outside user tries to Telnet from her IP address 70.47.9.7 to the corporate Web server through port 23.<\/p>\n<p> PASS DENY Rule ______________<\/p>\n<p> The firewall receives an HTTP request from the Web server (TCP destination port 80, IP address 60.47.3.9) to the IP address 98.45.76.9<\/p>\n<p> PASS DENY Rule ______________<\/p>\n<p> A hacker is probing your Web server with packets where SYN bit is set to 1 and the FIN bit is set to 1.<\/p>\n<p> PASS DENY Rule ______________<\/p>\n<p> The Web server (IP address 60.47.3.9) uses HTTPS (TCP Port 443) to respond to a request<\/p>\n<p> PASS DENY Rule ______________<\/p>\n<p> A user tries to upload a file to the Web server using the FTP protocol (TCP Port 20 and 21)<\/p>\n<p> PASS DENY Rule ______________<\/p>\n<p> 9. The Web server wants to send a Type 3 ICMP message<\/p>\n<p> PASS DENY Rule _____E.6_________<\/p>\n<p> 10. The Web server is receiving a Telnet data connection<\/p>\n<p> PASS DENY Rule ______________<\/p>\n","protected":false},"excerpt":{"rendered":"<p>IT120 Cybersecurity Principles Class Exercise: Applying Firewall Rules Name: ( ) Examine the following rules for a packet filtering firewall that protects a corporate Web Server and answer the questions below. Circle (or highlight) PASS or DENY and list the rule that applies to the question. Remember rules are executed in order depending if the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[10],"class_list":["post-79150","post","type-post","status-publish","format-standard","hentry","category-research-paper-writing","tag-writing"],"_links":{"self":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/79150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/comments?post=79150"}],"version-history":[{"count":0,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/79150\/revisions"}],"wp:attachment":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/media?parent=79150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/categories?post=79150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/tags?post=79150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}