Content-type: text/html Basic Firewall Control Principles

Basic Firewall Control Principles

Copyright(c), 1995 - Management Analytics and Others - All Rights Reserved


Check all that apply:


Control Objectives


There are well defined control objectives for the firewall and it is known to and approved by the organization's executives at the highest level.
The control objectives for the firewall are attainable through the methods being used in the firewall.
Top-level management has the ability to determine the effectiveness of the firewalls in terms of whether or not they are providing the control specified by their control objectives.
There is adequate means to ensure that the roles and actions of all parties who interact with firewall are clearly defined, identified, and authenticated at a level commensurate with the sensitivity and criticality of the firewall's function.

Functional Objectives


The firewall is designed to protect inside systems from exploitation by outside threats.
The firewall is designed to protect outside systems from exploitation by inside threats.
The firewall is designed to protect inside systems from exploitation by inside threats to the extent that that exploitation involves the firewall in any way.
The firewall is designed to protect itself and all attached systems against being used by attackers as a launch point for attacking other systems.
The firewall is designed so as to limit organizational liability.
The firewall is designed to prevent denial of service attacks.
The firewall is designed to prevent the corruption of organizational information and systems.
The firewall is designed to prevent the leakage of sensitive information.
With maximum value of