During a security test, after an external DoS attack, an FTP session from an external IP to the internal network succeeds. What happened to the firewall?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Prepare for the Computer Hacking Forensic Investigator v11 exam. Study with flashcards and multiple choice questions. Each question includes hints and explanations. Get exam-ready efficiently!

Multiple Choice

During a security test, after an external DoS attack, an FTP session from an external IP to the internal network succeeds. What happened to the firewall?

The test hinges on how firewalls behave when they fail. If a firewall fails-open, it stops filtering and lets traffic pass as if there were no barrier at all. Seeing an FTP session from an external IP into the internal network succeed after an external DoS attack fits this scenario: the firewall didn’t block the connection as it should, so traffic got through. A fail-closed state would block such traffic, so the session wouldn’t succeed. Purging ACLs could also lead to less filtering, but the key point here is the device’s failure mode during the DoS event, which is best described as failing open. A failed-bypass would imply a separate bypass mechanism rather than a general open state caused by a fault.

During a security test, after an external DoS attack, an FTP session from an external IP to the internal network succeeds. What happened to the firewall?

Prepare for the Computer Hacking Forensic Investigator v11 exam. Study with flashcards and multiple choice questions. Each question includes hints and explanations. Get exam-ready efficiently!

During a security test, after an external DoS attack, an FTP session from an external IP to the internal network succeeds. What happened to the firewall?

Get the latest from Passetra