If you’re planning on taking the Security+ exam, you should have a basic understanding of proxy servers and how proxies protect a network perimeter. For example, can you answer this question?
Q. Your organization wants to prevent users from accessing file sharing web sites. Which of the following choices will meet this need?
A. Content inspection
B. Malware inspection
C. URL filter
D. Web application firewall
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available at the end of this post.
Using Proxy Servers
Many networks use proxies, or proxy servers, to forward requests for services (such as HTTP or HTTPS) from clients. They can improve performance by caching content and can restrict users’ access to inappropriate web sites by filtering content. A proxy server is located on the edge of the network bordering the Internet and the intranet.
All internal clients send requests through the proxy server. The proxy accepts the request, retrieves the content from the Internet, and then returns the data to the client. Most proxy servers only act as a proxy for HTTP and HTTPS. However, proxy servers can also proxy other Internet protocols, such as FTP.
Caching Content for Performance
The proxy server increases the performance of Internet requests by caching each result received from the Internet. Any data that is in the proxy server’s cache doesn’t need to be retrieved from the Internet again to fulfill another client’s request. In this context, cache simply means “temporary storage.” Cache could be a dedicated area of RAM, or, in some situations, it could also be an area on a high-performance disk subsystem.
As an example, if Lisa retrieves a web page from GetCertifiedGetAhead.com, the proxy server would store the result in cache. If Homer later requests the same page, the proxy server retrieves the page from cache and sends it to Homer. This reduces the amount of Internet bandwidth used for web browsing because the page doesn’t need to be retrieved again.
The 601 Version of the Study Guide
The CompTIA Security+: Get Certified Get Ahead: SY0-601 Study GuideEach of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.
You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:
- A 75 question pre-test
- A 75 question post-test
- Practice test questions at the end of every chapter.
Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.
Using URL Filters to Restrict Access
Proxy servers can also restrict what users can access with the use of URL filters. A proxy server URL filter examines the requested URL and chooses to allow the request or deny the request.
Many third-party companies sell subscription lists for URL filtering. These sites scour the Internet for web sites and categorize the sites based on what companies typically want to block. Categories may include anonymizers, pornography, gambling, web-based email, and warez sites. Anonymizers are sites that give the illusion of privacy on the Internet. Employees sometimes try to use anonymizers to bypass proxy servers, but a proxy server usually detects, blocks, and logs these attempts. Web-based email bypasses the security controls on internal email servers so many organizations block them. Warez sites often host pirated software, movies, MP3 files, and hacking tools.
The subscription list can be loaded into the proxy server, and whenever a user attempts to access a site on the URL filter block list, the proxy blocks the request. Often, the proxy server presents users with a warning page when they try to access a restricted page. Many organizations use this page to remind users of a corporate acceptable usage policy, and some provide reminders that the proxy server is monitoring their online activity.
Proxy servers include logs that record each site visited by users. These logs can be helpful to identify frequently visited sites and to monitor user web browsing activities.
Remember this
A proxy server forwards requests for services from a client. It provides caching to improve performance and reduce Internet bandwidth usage. Proxy servers use URL filters to restrict access to certain sites, and can log user activity.
Q. Your organization wants to prevent users from accessing file sharing web sites. Which of the following choices will meet this need?
A. Content inspection
B. Malware inspection
C. URL filter
D. Web application firewall
Answer is C. A URL filter blocks access to specific web sites based on their URLs. Proxy servers and unified threat management (UTM) devices include URL filters.
UTM devices include content inspection to identify and filter out different types of files and traffic, and malware inspection to identify and block malware.
A web application firewall (WAF) protects a web server from incoming attacks.
