Firewall Rule Evaluation Network Map Internal network range – 10.0.0.0/25 DMZ Servers FQDN IP Info dns.nozama.com 10.0.0

Business, Finance, Economics, Accounting, Operations Management, Computer Science, Electrical Engineering, Mechanical Engineering, Civil Engineering, Chemical Engineering, Algebra, Precalculus, Statistics and Probabilty, Advanced Math, Physics, Chemistry, Biology, Nursing, Psychology, Certifications, Tests, Prep, and more.
Post Reply
answerhappygod
Site Admin
Posts: 899603
Joined: Mon Aug 02, 2021 8:13 am

Firewall Rule Evaluation Network Map Internal network range – 10.0.0.0/25 DMZ Servers FQDN IP Info dns.nozama.com 10.0.0

Post by answerhappygod »

Firewall Rule Evaluation
Network Map
Internal network range – 10.0.0.0/25
DMZ Servers
FQDN
IP
Info
dns.nozama.com
10.0.0.2
answers on standard DNS ports
www.nozama.com
10.0.0.3
answers on standard HTTP port(s)
ntp.nozama.com
10.0.0.4
answers on standard NTP port
Internal Servers:
FQDN
IP
Info
files.nozama.com
10.0.0.10
answers on the SMB port to allow users to
connect
hr.nozama.com
10.0.0.11
runs custom HR app which uses TCP port
12334
rnd.nozama.com
10.0.0.12
runs custom R&D app which uses TCP port
43321
mgmt.nozama.com
10.0.0.13
answers on the SMB port to allow users to
connect
dhcp.nozama.com
10.0.0.14
answers on the port(s) for DHCP to provide network
address information
Use the following firewall ruleset to answer the
questions below.
Rule #
Source IP
Destination IP
Port
Protocol
Action
1
Any
10.0.0.3
443
TCP
Allow
2
10.0.0.32/27
10.0.0.3
80
TCP
Allow
3
Any
10.0.0.0/25
3389
TCP
Deny
4
Any
10.0.0.2
53
TCP/UDP
Allow
5
Any
10.0.0.4
123
UDP
Allow
6
0.0.0.0
10.0.0.10
445
TCP
Allow
7
10.0.0.32/27
10.0.0.0/25
3389
TCP
Allow
8
10.0.0.64/27
10.0.0.12
43321
TCP
Allow
9
10.0.0.16/28
10.0.0.11
12334
TCP
Allow
10
10.0.0.0/25
10.0.0.14
67/68
TCP/UDP
Allow
11
10.0.0.96/28
10.0.0.13
445
TCP
Allow
12
10.0.0.32/27
10.0.0.0/29, 10.0.0.8/29
3389
TCP
Allow
1. The DNS, web and NTP servers should be accessible
from the Internet on the standard ports for the applications that
run on these servers. Are these servers
accessible?
2. The IT department network should be allowed to access
the www server on the unencrypted HTTP port for troubleshooting
purposes. Does the current firewall rulebase allow this
traffic?
3. The HR server should only be accessible by the HR
network. Is access to the HR server appropriately
restricted?
4. The files.nozama.com server should only be accessible
by anyone on the internal network. Is access to the
files.nozama.com server appropriately restricted?
5. The IT department network should be allowed to access
any host on the internal network via the Microsoft Remote Desktop
Protocol. Does the current rulebase allow this
traffic?
6. Any host on the internal network should be able to
access the DHCP server to obtain network address information.
Does the current rulebase allow this traffic?
7. The server, rnd.nozama.com, should only be accessible
by the R&D network. Does the current rulebase
appropriately restrict access to this sever?
8. Are there any rules in the rulebase that would never
be used based on the current configuration? If so, which
rules? How would you fix the rulebase so that these rules would be
used?
9. What rule is missing from the rulebase?
**If question is to big, answer what you can. Thank
you!**
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!
Top
Post Reply

Return to “Archived Questions & Answers”