Protecting Internet-based Attacks

If you’re planning on taking the Network+ exam, you should have a basic understanding of protecting internet-based attacks. For example, can you answer this question?

Q. Which of the following devices uses an ACL to prevent unauthorized access into a network?

A. Firewall

B. Proxy server

C. Load balancer

D. VPN concentrator

More, do you know why the correct answer is correct and the incorrect answers are incorrect?  The answer and explanation is available at the end of this post.

Network Firewalls

A firewall provides protection for networks and individual computers. Most networks have a firewall at the border, directly between the private network and the public Internet. These network firewalls help protect networks from Internet-based attacks. Additionally, computers commonly have software-based firewalls that provide an added layer of protection for the computer. They protect against potential threats within a network.

IT-based firewalls are similar to firewalls in cars. The firewall in a car is between the engine compartment and the passenger compartment. If the engine catches fire, the firewall helps block the fire from getting into the passenger compartment.

The firewall in a car isn’t foolproof. A collision can damage the firewall, significantly reducing the protection it provides. Similarly, a firewall in a network isn’t foolproof. Attackers might be able to bypass the firewall, or find holes that they can exploit. However, the IT-based firewalls do provide a good front line defense.

A very basic firewall is a packet-filtering router with an access control list (ACL). The ACL is a group of rules that define network access. These rules define traffic based on IP addresses, protocols, logical port numbers, and other information included within data packets. The router then examines each packet and filters traffic based on the rules.

Learn more about several common network components.

Sign up for the free Networking Components course here.

Advanced firewalls have a lot of sophistication and can be much more selective about what traffic they block and allow. Instead of looking at individual packets, they can look at a full conversation of traffic between systems and block malicious traffic.

Firewalls are very useful for protecting private networks from attackers. Many attackers try to attack a network through the Internet so the most common place you’ll see a firewall is at the border of a network, between a private internal network and the public Internet as shown in the figure. This also clearly shows the order of connectivity for devices to the Internet: from a network client such as a desktop PC to a switch, to a router, to a firewall, to an ISP and then to the Internet.

The following figure shows a typical network with a switch, router, and firewall. The switch connects devices together into a network. The router connects networks together – in this figure, it is connecting the private network with the Internet via the modem and ISP. The firewall provides a layer of protection to the router and the internal network.

Network connectivity with a firewall

Q. Which of the following devices uses an ACL to prevent unauthorized access into a network?

A. Firewall

B. Proxy server

C. Load balancer

D. VPN concentrator

Answer: A is correct. A firewall uses rules within an access control list (ACL) to prevent unauthorized access into a network.

A proxy server reduces bandwidth by storing copies of web site pages in cache and then serving these cached pages to other users. It does not use an ACL.

A load balancer can balance traffic among multiple servers. It does not use an ACL.

A virtual private network (VPN) concentrator supports multiple VPN connections but it doesn’t use an ACL.

Practice Test Questions To Help You Pass the Network+ Exam (N10-006) The First Time You Take It.