COMPUTER THREATS SECURITY
WHAT IS A FIREWALL IN NETWORK SECURITY
|
Question
[CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]
|
|
|
traffic from a lower security level interface to a higher security level interface
|
|
|
traffic between interfaces with same security level
|
|
|
traffic from a higher security level interface to a lower security level interface
|
|
|
traffic entering and exiting the same interface
|
Detailed explanation-1: -As you can see the ASA recognizes INSIDE, OUTSIDE and DMZ names. It uses a default security level of 100 for INSIDE and 0 for OUTSIDE/DMZ.
Detailed explanation-2: -Security level 0-The lowest possible level, it’s used by the outside interface by default, making it the most untrusted interface. Traffic can pass from this interface to other interfaces only if manually configured to do so. Security levels 1–99-Can be assigned to any other interface on the PIX.
Detailed explanation-3: -This means that by default the following traffic is allowed: R1 can reach R2 or R3 (from security level 100 to 0 or 50) R2 can’t reach any devices (from security level 0 to 50 or 100) R3 can reach R2 but not R1 (from security level 50 to 0 or 100)
Detailed explanation-4: -Cisco ASA Firewalls Default Traffic Flow By default, all traffic is allowed to flow from high security interface towards a low security as long as the routing information is in place. Although, all traffic is allowed to flow from high security level to low security level, only TCP and UDP traffic is inspected.