0% found this document useful (0 votes)
7 views2 pages

Assignment 1 01_06_2025

The document outlines an assignment on Network Perimeter Security, consisting of three sections: short answer questions, a scenario-based task, and a critical thinking question. Students are required to demonstrate their understanding of firewalls, IDS/IPS, and security models, with a focus on practical application and critical analysis. The assignment emphasizes clarity, accuracy, and the use of examples to support answers.

Uploaded by

avishkabandara
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
7 views2 pages

Assignment 1 01_06_2025

The document outlines an assignment on Network Perimeter Security, consisting of three sections: short answer questions, a scenario-based task, and a critical thinking question. Students are required to demonstrate their understanding of firewalls, IDS/IPS, and security models, with a focus on practical application and critical analysis. The assignment emphasizes clarity, accuracy, and the use of examples to support answers.

Uploaded by

avishkabandara
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Assignment Title: Network Perimeter Security - Analysis and Implementation

Duration: 1 Hour
Total Marks: 100
Instructions:

• Answer all questions.


• Use examples where applicable.
• Marks are allocated based on depth, clarity, and accuracy.

Section A: Short Answer Questions (40 Marks)

Answer briefly but precisely.

1. (5 marks) What is the role of a bastion host in perimeter security? Mention two ideal
use cases.
2. (5 marks) Differentiate between packet filtering firewalls and stateful inspection
firewalls.
3. (5 marks) List three limitations of traditional firewalls and how NGFW addresses
them.
4. (5 marks) Describe how the zero trust model enhances perimeter security.
5. (5 marks) Explain the significance of firewall log analysis in identifying attacks.
6. (5 marks) Compare hardware and software firewalls. In what scenario would you
recommend both?
7. (5 marks) State two reasons why firewall policy reviews should be conducted
regularly.
8. (5 marks) Describe the difference between external and internal firewalls with an
example each.

Section B: Scenario-Based Task (30 Marks)

A medium-sized company is planning to host a web application and email server. You are
hired to secure their perimeter using firewalls, IDS, and routing devices.

Task:

1. (10 marks) Design a basic firewall topology using screened subnet architecture.
Include Internet, DMZ, and internal LAN zones.
2. (10 marks) Recommend an IDS/IPS deployment strategy that fits the architecture
above. State where to place each and justify.
3. (10 marks) Identify three firewall rules (with "allow/deny" actions) that should be
configured to protect the internal network. Specify:
o Source IP/zone
o Destination IP/zone
o Protocol/Port
o Action
Section C: Critical Thinking Question (30 Marks)

Answer in 200–300 words.

Question:
Your organization is selecting a new firewall. What are the five most critical factors to
consider before purchasing and implementing the firewall solution? Justify each factor with a
short explanation or scenario.

You might also like