Scribd
Upload
79 views2 pages

16FinalTerm Activity#3 IAS-313

Uploaded by

muulmoolbanga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
79 views2 pages

16FinalTerm Activity#3 IAS-313

Uploaded by

muulmoolbanga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

DON HONORIO VENTURA STATE UNIVERSITY

Cabambangan, Villa de Bacolor 2001, Pampanga, Philippines

COLLEGE OF COMPUTING STUDIES

IAS - 313
Information Assurance and Security
Final Term
Activity - III

Directions: Answer the following:

1. Write a 200-word essay with the theme: “What can’t a firewall protect against?

Firewalls can't protect against attacks that don't go through the firewall. Many corporations that
connect to the Internet are very concerned about proprietary data leaking out of the company
through that route. Unfortunately for those concerned, a magnetic tape, compact disc, DVD, or USB
flash drives can just as effectively be used to export data. Many organizations that are terrified (at a
management level) of Internet connections have no coherent policy about how dial-in access via
modems should be protected.

It's silly to build a six-foot thick steel door when you live in a wooden house, but there are a lot of
organizations out there buying expensive firewalls and neglecting the numerous other back-doors
into their network.For a firewall to work, it must be a part of a consistent overall organizational
security architecture. Firewall policies must be realistic and reflect the level of security in the entire
network. For example, a site with top secret or classified data doesn't need a firewall at all they
shouldn't be hooking up to the Internet in the first place, or the systems with the really secret data
should be isolated from the rest of the corporate network.

Firewalls can't protect against tunneling over most application protocols to trojaned or poorly
written clients. There are no magic bullets and a firewall is not an excuse to not implement software
controls on internal networks or ignore host security on servers. Tunneling "bad" things over HTTP,
SMTP, and other protocols is quite simple and trivially demonstrated. Security isn't "fire and forget".

Lastly, firewalls can't protect against bad things being allowed through them. For instance, many
Trojan Horses use the Internet Relay Chat (IRC) protocol to allow an attacker to control a
compromised internal host from a public IRC server. If you allow any internal system to connect to
any external system, then your firewall will provide no protection from this vector of attack
2. Using the insights you have learned from the lesson: Network Security -
Firewalls and Virtual Private Network; write down 10 best practices in ensuring
computer security.

1.Education. It's much easier to prevent a hack than it is to recover from a hack
2.Better Passwords and Multi-Factor Authentication
3.Know Your Company
4.Safe and Secure WiFi
5.Backups Backups Backups
6.Install Anti-Virus Software
7.Secure Physical Devices
8.Update Software and Firmware
9. Protect your data
10.Use strong password protection and authentication

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy