Firewall Configuration Performance Question
Here’s a query I received from someone recently about a firewall configuration performance question.
Many people might be interested in this, so I’m posting my response here, with some extras:
Configuring a Firewall with Rules
You’re describing a scenario where you need to identify rules within a firewall’s ACL.
I’m not sure what study materials of mine you have, but the knowledge you need to answer this is included in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide and in the simulated performance practice test questions on the gcgapremium.com site.
Firewall Rules Challenge in the Study Guide
If you have the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide, take a look at the Firewall Rules section starting on page 158. It includes a challenge with specific requirements and asks you to identify what rules you should create.
On page 167, you’ll see the Firewall Rules Solution. It includes a table listing the rules you would create to meet the requirements in the challenge, along with a description of how each of these rules meets the specific requirements.
Firewall Rules Blog Posts
You can also find a series of posts in this blog that describe ACLs and firewall rules.
Simulated Performance-Based Questions on Firewall Rules
If you have access to the practice test questions on the gcgapremium.com site, take a look at Set 3 of the simulated performance-based questions. It includes a diagram and a scenario, and includes several questions asking you how to configure different rules on a router used in the scenario.
When you complete all the questions, you’ll see the correct answers. The answers include detailed explanations letting you know why the correct answers are correct, and why the incorrect answers are incorrect. It also includes a table showing the solution with the elements of the rules.
Know the Ports for Firewall Configuration Performance Questions
These questions require you to understand how TCP/IP uses source and destination addresses, and source and destination ports. The study guide describes the process starting on page 148 in the “Putting It All Together” section and the table on page 150 shows all of the relevant ports you need to know for the exam.
There are also several blogs on ports listed in the Networking section of the Security+ blog links page. Here are links to two relevant posts: