Point to remember for CISA Exam:
(1)Out of all types of firewall, Application-Level Firewall provides greatest security environment (as it works on application layer of OSI model).
(2)Out of all types of firewall implementation structures, Screened Subnet Firewall (DMZ) provides greatest security environment (as it implements 2 packet filtering router and 1 bastion host).
(3)In any given scenario, most robust configuration in firewall rule is ‘deny all traffic and allow specific traffic’ (as against ‘allow all traffic and deny specific traffic’).
(4)In any given scenario, Stateful Inspection Firewall allows traffic from outside only if it is in response to traffic from internal hosts.
