i need answers for last 2 wuestions

File Home Insert Page Layout Arial Sign in 2 10A Copy of generic_rules_templatehh1 (Compatibility Mode] - Excel Formulas Data Review View Tell me what you want to do... 9. Be General Conditional Formatting Insert. S. % Format as Table BX Delete - SE 29 Cell Styles Format Styles Paste BI U A Clipboard Cells Editing C14 X 1 Rule # 1 12 5 6 7 9 8 109 11 10 12 11 1312 B D EFG SRC IP SRC Port DSTIP DST Port Action Log Description 192.168.1/24 any 10.57.1.0/24 any allow N T rusted egress trafftp internet 192.168.1/001 any 10.57.1.0/24 any deny I Y Trusted interface no access to the internet 10.57.1.0/2480, 44322 192.168.1.200 80,443,22 allow N Ingress internet traffic to HTTP server 10.57.1.3 80,443,22 192.168.1.200 80,443,22 allow Y Ingress internet traffic to HTTP server 10.57.1. 3 8 0,443192.168.1.200 80,443 allow N gives the internet firewall 22 allow Y E xternal admin connects to internal interface 10.57.1.3 80,443,22 192.168.1.121 80,443,22 allowY 10.57.1.0/24 any 192.168.1.121 any allow Y access to FTP server any any any any deny N cleanup rule 10.57.1.0/24 any 10.57.1.0/24 any deny y IP addy spoof attack 192.168.1.0/24 any 192.168.1.255 any deny y DOS/DDOS attack vector 1 0.57.1.3 0.8 10.57.1.004 allow y Admin privlage 0.8 2:29 villE X Module 05, 06 Lab creating rul... ... 2. Open the Generic Rules Template in Excel -The Action column settings are: Allow, Block, or Reject. -The Log column settings are: Yes or No Using this template, answer the following questions (be sure to include your name on the Generic Rules Template): Create a rule that allows all hosts in the Private network to access any hosts in the Public network, Create a rule that prevents the firewall system from accessing the Public network: Create a rule that allows any host in the Public network to access the HTTP server in the Private network, Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to access the HTTPS server in the Private network, Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to access the firewall in the Private network via the WebGUI: Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to access the firewall in the Private network via SSH: Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to access the POP3 server in the Private network: Create a rule that allows any host in the Public network to access the FTP server in the private network, Create a cleanup rule Create a rule that prevents traffic from entering the Private network with a source IP address equal to the Private network's ID Create a rule that prevents traffic from entering the Private network with a destination IP address equal to the Private network's broadcast address and Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to ping the external interface on the firewall AND get a reply back. Using the same Template, order your rules for optimal firewall performance (you must decide on what protocols you think will be most/least used in the Class and Labs networks and be able to defend your decisions). Examine your ruleset. Identify any rules (by number) that pose a security risk. Goal of Lab The goal of this lab is to give you practice designing a firewall ruleset. Objectives After completing this lab, you will be able to: . Create a firewall ruleset; Describe the firewall ruleset processing logic; Order your rules for optimal firewall performance; Identify potential mistakes in rulesets, and Troubleshoot rulesets. Description In this assignment, you will write your own set of rules for packet filtering. Use the following network characteristics when writing your rules: Private Network ID (Lab Network): 192.168.1.0/24 . Public Network ID (Class Network): 10.57.1.0/24 Internal Firewall IP: 192.168.1.xxx (where xxx = your firewall's internally assigned IP address) . External Firewall IP: 10.57.1.xxx (where xxx = your firewall's externally assigned IP address) Internal POP3 and FTP server IP: 192.168.1.xx (where xx = your Win2K3 server's internal IP address) Internal HTTP, HTTPS and SSH server IP: 192.168.1.xx (where xx = your RH9 server's internal IP address) Internal SMTP server IP: 192.168.1.25 Internal Primary DNS Server IP: 192.168.1.253 . External Primary DNS Server IP: 10.21.33.6 External Secondary DNS Server IP: 10.51.11.5 Activity Download and save the Generic Rules Template (Excel) file located in Blackboard to your hard drive. 2. Open the Generic Rules Template in Excel: -The Action column settings are: Allow, Block, or Reject. -The Log column settings are: Yes or No Using this template, answer the following questions (be sure to include your name on the Generic Rules Template): Create a rule that allows all hosts in the Private network to access any hosts in the Public network; Create a rule that prevents the firewall system from accessing the Public network; Create a rule that allows any host in the Public network to access the HTTP server in the Private network: File Home Insert Page Layout Arial Sign in 2 10A Copy of generic_rules_templatehh1 (Compatibility Mode] - Excel Formulas Data Review View Tell me what you want to do... 9. Be General Conditional Formatting Insert. S. % Format as Table BX Delete - SE 29 Cell Styles Format Styles Paste BI U A Clipboard Cells Editing C14 X 1 Rule # 1 12 5 6 7 9 8 109 11 10 12 11 1312 B D EFG SRC IP SRC Port DSTIP DST Port Action Log Description 192.168.1/24 any 10.57.1.0/24 any allow N T rusted egress trafftp internet 192.168.1/001 any 10.57.1.0/24 any deny I Y Trusted interface no access to the internet 10.57.1.0/2480, 44322 192.168.1.200 80,443,22 allow N Ingress internet traffic to HTTP server 10.57.1.3 80,443,22 192.168.1.200 80,443,22 allow Y Ingress internet traffic to HTTP server 10.57.1. 3 8 0,443192.168.1.200 80,443 allow N gives the internet firewall 22 allow Y E xternal admin connects to internal interface 10.57.1.3 80,443,22 192.168.1.121 80,443,22 allowY 10.57.1.0/24 any 192.168.1.121 any allow Y access to FTP server any any any any deny N cleanup rule 10.57.1.0/24 any 10.57.1.0/24 any deny y IP addy spoof attack 192.168.1.0/24 any 192.168.1.255 any deny y DOS/DDOS attack vector 1 0.57.1.3 0.8 10.57.1.004 allow y Admin privlage 0.8 2:29 villE X Module 05, 06 Lab creating rul... ... 2. Open the Generic Rules Template in Excel -The Action column settings are: Allow, Block, or Reject. -The Log column settings are: Yes or No Using this template, answer the following questions (be sure to include your name on the Generic Rules Template): Create a rule that allows all hosts in the Private network to access any hosts in the Public network, Create a rule that prevents the firewall system from accessing the Public network: Create a rule that allows any host in the Public network to access the HTTP server in the Private network, Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to access the HTTPS server in the Private network, Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to access the firewall in the Private network via the WebGUI: Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to access the firewall in the Private network via SSH: Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to access the POP3 server in the Private network: Create a rule that allows any host in the Public network to access the FTP server in the private network, Create a cleanup rule Create a rule that prevents traffic from entering the Private network with a source IP address equal to the Private network's ID Create a rule that prevents traffic from entering the Private network with a destination IP address equal to the Private network's broadcast address and Create a rule that allows your Firewall Admin PC (using 10.57.1.3) in the Public network to ping the external interface on the firewall AND get a reply back. Using the same Template, order your rules for optimal firewall performance (you must decide on what protocols you think will be most/least used in the Class and Labs networks and be able to defend your decisions). Examine your ruleset. Identify any rules (by number) that pose a security risk. Goal of Lab The goal of this lab is to give you practice designing a firewall ruleset. Objectives After completing this lab, you will be able to: . Create a firewall ruleset; Describe the firewall ruleset processing logic; Order your rules for optimal firewall performance; Identify potential mistakes in rulesets, and Troubleshoot rulesets. Description In this assignment, you will write your own set of rules for packet filtering. Use the following network characteristics when writing your rules: Private Network ID (Lab Network): 192.168.1.0/24 . Public Network ID (Class Network): 10.57.1.0/24 Internal Firewall IP: 192.168.1.xxx (where xxx = your firewall's internally assigned IP address) . External Firewall IP: 10.57.1.xxx (where xxx = your firewall's externally assigned IP address) Internal POP3 and FTP server IP: 192.168.1.xx (where xx = your Win2K3 server's internal IP address) Internal HTTP, HTTPS and SSH server IP: 192.168.1.xx (where xx = your RH9 server's internal IP address) Internal SMTP server IP: 192.168.1.25 Internal Primary DNS Server IP: 192.168.1.253 . External Primary DNS Server IP: 10.21.33.6 External Secondary DNS Server IP: 10.51.11.5 Activity Download and save the Generic Rules Template (Excel) file located in Blackboard to your hard drive. 2. Open the Generic Rules Template in Excel: -The Action column settings are: Allow, Block, or Reject. -The Log column settings are: Yes or No Using this template, answer the following questions (be sure to include your name on the Generic Rules Template): Create a rule that allows all hosts in the Private network to access any hosts in the Public network; Create a rule that prevents the firewall system from accessing the Public network; Create a rule that allows any host in the Public network to access the HTTP server in the Private network