Question
Two main philosophies or security stances govern the use of firewall rules. Deny by default/allow by exception assumes that all traffic is potentially malicious or
Two main philosophies or security stances govern the use of firewall rules.
Deny by default/allow by exception assumes that all traffic is potentially malicious or at least unwanted or unauthorized. Everything is prohibited by default. As benign, desired, and authorized traffic is identified, an exception rule grants it access to the network.
Allow by default/deny by exception assumes that most traffic is benign. Everything is allowed by default. As malicious, unwanted, or unauthorized traffic is identified, an exception rule blocks it.
Most security experts agree that deny by default/allow by exception is the more secure stance to adopt.
When would you use allow by default/deny by exception? Provide a rationale for your answer.
Step by Step Solution
3.50 Rating (167 Votes )
There are 3 Steps involved in it
Step: 1
Allow by defaultdeny by exception is a security stance that assumes most traffic is benign and allows all traffic by default only blocking specific ma...
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Principles Of Information Security
Authors: Michael E. Whitman, Herbert J. Mattord
7th Edition
035750643X, 978-0357506431
