What a firewall actually does (and its limits) | cybersecurity interview

A firewall decides which traffic gets through, not whether that traffic is safe.

It enforces rules on connections by source, destination, and port, and the strong default is deny everything except what you explicitly allow. Two open doors instead of 65000 is a smaller target.

It sits between networks and checks each packet or connection against a ruleset. A stateful firewall also tracks which connections you started, so replies get in but unsolicited traffic doesn't.

What it does well:
- Block unused ports and unwanted source addresses
- Default-deny inbound, allow only known-good
- Track connection state so only expected replies return
- Segment networks so one zone can't freely reach another

The catch: a firewall allows port 443 because your site needs it, and an attack riding normal HTTPS traffic walks right through. The firewall sees an allowed port, not a SQL injection. It filters where traffic goes, not what it's carrying.

Is a firewall still meaningful in a zero trust world, or just one layer of many?

#cybersecurity #cyberinterview #infosec #informationsecurity #hacking #security #firewall #networksecurity #defenseindepth

Видео What a firewall actually does (and its limits) | cybersecurity interview канала The Cyber Round