Learn firewall and access control list vocabulary: permit/deny rules, stateful vs stateless, implicit deny, and security zones.
0 / 5 completed
1 / 5
An 'implicit deny' rule in a firewall means:
Implicit deny (deny all by default) means anything not explicitly permitted is dropped — this is the default posture of firewalls and security groups, requiring explicit allow rules.
2 / 5
A stateful firewall differs from a stateless firewall in that:
Stateful firewalls maintain a connection table — they automatically allow return traffic for established connections without needing an explicit inbound rule.
This ACE (Access Control Entry) allows HTTPS (port 443) from any source to the specific host 10.0.0.1 — a typical rule for a public-facing web server.
4 / 5
A DMZ (Demilitarised Zone) in network security is:
The DMZ hosts externally accessible services (web, mail, DNS) — if a DMZ server is compromised, the attacker cannot directly reach the internal network due to the inner firewall.
5 / 5
The term 'egress filtering' means:
Egress filtering blocks outbound connections from internal hosts to suspicious external destinations — it limits the damage from compromised internal systems and data exfiltration.