Term
| Describe how packet filtering works on an IOS firewall. |
|
Definition
| Packet filtering simply limits the traffic transitting the firewall by using an ACL. Although the packet filters can be complex, it does not maintain a database of the current state of connections. |
|
|
Term
| Describe how an IOS firewall can be used as an application layer gateway (ALG). |
|
Definition
| An application layer gateway (ALG) uses a server that provides proxy services. The outside user connects to the ALG, then it makes a connection to the interior server and passes the requests between the interior server and the user. |
|
|
Term
| Describe how an IOS firewall can be used for stateful packet filtering. |
|
Definition
| Stateful packet filtering enables the firewall to understand the "state" of the connection, allowing only appropriate packets to pass. Additionally, a stateful packet filter understands Layer 7 protocols enough to allow new connections when they are required for the application, like FTP data channels. |
|
|
Term
| In what direction should an ACL and inspection rule be applied on an interface? |
|
Definition
| On interfaces where untrusted traffic originates, apply both the ACL and inspection rule on inbound traffic only. For all other interfaces, apply the ACL on the outbound direction so that all unwanted traffic is dropped rather than sent over the network. |
|
|
Term
| What command defines an inspection rule on a router? |
|
Definition
| ip inspect name rule-name protocol [alert {on | off}] [timeout seconds] |
|
|
Term
| What command enables audit trails to be used with inspection rules? |
|
Definition
|
|
Term
| What command displays how an inspection rule has been configured? |
|
Definition
| show ip inspect [name rule-name] | config | interface | session {detail} | statistics | all] |
|
|
Term
| What command debugs the functions used by ip inspect? |
|
Definition
debug ip inspect function-trace
|
|
|
Term
| What command debugs the creation objects used by ip inspect? |
|
Definition
debug ip inspect object-creation
|
|
|
Term
| What command debugs the deletion of objects used by ip inspect? |
|
Definition
debug ip inspect object-deletion
|
|
|
Term
| What command debugs events with ip inspect? |
|
Definition
|
|
Term
| What command debugs timers used by ip inspect? |
|
Definition
|
|
Term
| What command provides detailed debugging of ip inspect? |
|
Definition
|
|
