Top 65 ASA Firewall Interview Questions and Answers [CCIE]

1. What is a Firewall?
Firewall is a device that is placed between a trusted and an untrusted network. It deny or permit traffic that enters or leaves network based on pre-configured policies. Firewalls protect inside networks from unauthorized access by users on an outside network. A firewall can also protect inside networks from each other. For example - By keeping a Management network separate from a user network.

2. What is the difference between Gateway and Firewall?
A Gateway joins two networks together and a network firewall protects a network against unauthorized incoming or outgoing access. Network firewalls may be hardware devices or software programs.

3. Firewalls works at which Layers?
Firewalls work at layer 3, 4 & 7.

4. What is the difference between Stateful & Stateless Firewall?
Stateful firewall - A Stateful firewall is aware of the connections that pass through it. It adds and maintains information about users connections in state table, referred to as a connection table. It than uses this connection table to implement the security policies for users connections. Example of stateful firewall are PIX, ASA, Checkpoint.
Stateless firewalls - (Packet Filtering) Stateless firewalls on the other hand, does not look at the state of connections but just at the packets themselves.
Example of a packet filtering firewall is the Extended Access Control Lists on Cisco IOS Routers.

5. What information does Stateful Firewall Maintains?
Stateful firewall maintains following information in its State table:-
1.Source IP address.
2.Destination IP address.
3.IP protocol like TCP, UDP.
4.IP protocol information such as TCP/UDP Port Numbers, TCP Sequence Numbers, and TCP Flags.

6. What are the security-levels in Cisco ASA?
ASA uses Security levels to determine the Trustworthiness of a network attached to the respective interface. The security level can be configured between 0 to 100 where higher numbers are more trusted than lower. By default, the ASA allows traffic from a higher security level to a lower security level only.

7. How can we allow packets from lower security level to higher security level (Override Security Levels)?
We use ACLs to allow packets from lower security level to higher security level.

8. Same Security level traffic is allowed or denied in ASA?
By default same security level traffic is not allowed. To allow it we use command:-
ASA(config)# same-security-traffic permit inter-interface.

9. What is the security level of Inside and Outside Interface by default?
Security Level of Inside interface by default is 100. Security Level of Outside Interface by default is 0.

10. What protocols are inspected by ASA?
By default, TCP and UDP are inspected by ASA.

Read More Questions:
ASA Firewall Interview Questions Part1
ASA Firewall Interview Questions Part2
ASA Firewall Interview Questions Part3
ASA Firewall Interview Questions Part4
ASA Firewall Interview Questions Part5
ASA Firewall Interview Questions Part6

0 comments: