Today’s CISSP question topic: Firewalls
Which of the following are typically NOT allowed to pass outbound through a firewall that leads to the Internet? (Choose Five)
Check Your Answer
Note from Colin: Even though SSH is considered allowable in this question you should know that allowing SSH to leave your network is a decision not to be taken likely. Tunneling any and all traffic through SSH is a very plausible concern that can effectively negate all of your egress rules. Mitigating this is beyond the scope of ‘simple’ stageful firewalls. The SANS article listed above discusses the concerns with SSH tunneling. Give it a read if you are interested in more info.
Co-workers, friends or colleagues studying for the CISSP exam, too? Share this question with them! Click an icon below to share to your preferred social media platform!