12

TVL-ICT (Computer System Servicing)

Activity Sheet Quarter 2 – LO 3
Set Router / WiFi / Wireless Access Point /
Repeater Configuration
(Firewall Configuration)

REGION VI – WESTERN VISAYAS

i|Page
TVL 12 – ICT (Computer System Servicing)
Activity Sheet No. 5
First Edition, 2020

Published in the Philippines

By the Department of Education
Region 6 – Western Visayas

Republic Act 8293, section 176 states that: No copyright shall subsist in any
work of the Government of the Philippines. However, prior approval of the government
agency or office wherein the work is created shall be necessary for exploitation of such
work for profit. Such agency or office may, among other things, impose as a condition
the payment of royalties.

This Learning Activity Sheet is developed by DepEd Region 6 – Western

Visayas.

ALL RIGHTS RESERVED. No part of this learning resource may be

reproduced or transmitted in any form or by any means electronic or mechanical
without written permission from the DepEd Regional Office 6 – Western Visayas.

Development Team of TVL 12- ICT (Computer System Servicing)

Activity Sheet

Writer : Allan B. Montenegro

Content/Language Validator : Edward E. Baña

Layout Artist:
Schools Division Quality Assurance Team:
Schubert Anthony C. Sialongo
Edward E. Baña
Allan B. Montenegro
Michelle P. Jordan
Division of Antique Management Team:
Felisa B. Beriong, CESO VI
Corazon C. Tingson
Gaudencio C. Riego, PhD
Schubert Anthony C. Sialongo
Edward E. Baña
Regional Management Team
Ma. Gemma M. Ledesma,
Dr. Josilyn S. Solana,
Dr. Elena P. Gonzaga,
Mr. Donald T. Genine,
April C. Velez
Abraham P. Imas

ii | P a g e
Introductory Message
Welcome to TVL 12- ICT (Computer System Servicing)!

The Learning Activity Sheet is a product of the collaborative efforts of the

Schools Division of Antique and DepEd Regional Office VI - Western Visayas through
the Curriculum and Learning Management Division (CLMD). This is developed to
guide the learning facilitators (teachers, parents and responsible adults) in helping the
learners meet the standards set by the K to 12 Basic Education Curriculum.

The Learning Activity Sheet is self-directed instructional materials aimed to

guide the learners in accomplishing activities at their own pace and time using the
contextualized resources in the community. This will also assist the learners in
acquiring the lifelong learning skills, knowledge and attitudes for productivity and
employment.

For learning facilitator:

The Computer System Servicing NC II Activity Sheet will help you facilitate
the leaching-learning activities specified in each Most Essential Learning Competency
(MELC) with minimal or no face-to-face encounter between you and learner. This will
be made available to the learners with the references/links to ease the independent
learning.

For the learner:

The Computer System Servicing NC II Activity Sheet is developed to help

you continue learning even if you are not in school. This learning material provides
you with meaningful and engaging activities for independent learning. Being an active
learner, carefully read and understand the instructions then perform the activities and
answer the assessments. This will be returned to your facilitator on the agreed
schedule.

iii | P a g e
 Quarter 2, Week 5

Learning Activity Sheets (LAS) No. 5

Name of Learner:________________________________________________________
Grade and Section:___________________________________ Date: ______________

TVL 12- ICT (COMPUTER SYSTEM SERVICING) ACTIVITY SHEET

FIREWALL CONFIGURATION

I. Learning Competency with Code

TLE_IACSS9-12SUCN-If-j-IIa-e-35
✓ 3.5 Configure security/firewall/advanced settings in accordance with manufacturer’s
instruction and end-user preferences

II. Background Information for Learners

Connecting personal computers to other IT systems or the internet opens up a
range of positive possibilities — easy collaboration with others, combining of
resources, enhanced creativity — but it also exposes users to dangers.
Hacking, identity theft, malware,
and online fraud are common
threats users could face when they
expose themselves by linking their
computers to a network or the
internet.
What if there was a way users
could protect themselves from the
worst dangers by erecting an
invisible wall to filter out those https://www.kaspersky.com/content/en-
threats? It would be essential to global/images/repository/isc/2017-images/KSY-53-
have it — fortunately, it already What_is_a_firewall__.jpg
exists. That invisible wall is what is
known as a firewall.
Erected between a computer and its connection to an external network or the web,
a firewall decides which network traffic is allowed to pass through and which traffic
is deemed dangerous. It essentially works to filter out the good from the bad, the
trusted from the untrusted.

1|Page
 FIREWALL
A firewall is a security device —
computer hardw are or software —
that can help protect your network
by filtering traffic and blocking
outsiders from gaining
unauthorized access to the private
data on your computer.
Not only does a firewall block
unwanted traffic, it can also help
block malicious software from https://www.hotspotshield.com/imgs/learn/what-is-a-computer-
infecting your computer. firewall/pic.jpg

Firewalls can provide different

levels of protection. They key is determining how much protection you need.

FIREWALLS ARE PART OF YOUR NETWORK SECURITY

Firewalls represent a first line of defence in home network security.
Your home network is only as secure as its least protected device. That’s where a
network security system comes in.
A firewall shouldn’t be your only consideration for securing your home network. It’s
important to make sure all of your internet-enabled devices — including mobile
devices — have the latest operating system, web browsers, and security software.
Another consideration? Securing your wireless router. This might include changing
the name of your router from the default ID and password it came with from the
manufacturer, reviewing your security options, and setting up a guest network for
visitors to your home.

WHAT DOES A FIREWALL DO?

A firewall acts as a gatekeeper. It monitors attempts to gain access to your
operating system and blocks unwanted traffic or unrecognized sources.
A firewall acts as a barrier or filter between your computer and another network
such as the internet. You could think of a firewall as a traffic controller. It helps to
protect your network and information by managing your network traffic, blocking
unsolicited incoming network traffic, and validating access by assessing network
traffic for anything malicious like hackers and malware.
Your operating system and your security software usually come with a pre-installed
firewall. It’s a good idea to make sure those features are turned on. Also, make sure
your security settings are configured to run updates automatically.

2|Page
 HOW DOES A FIREWALL WORK?
To start, a firewalled system analyzes network traffic based on rules. A firewall only
welcomes those incoming connections that it has been configured to accept. It does
this by allowing or blocking specific data packets — units of communication you
send over digital networks — based on pre-established security rules.
A firewall works like a traffic guard at your computer’s entry point, or port. Only
trusted sources, or IP addresses, are allowed in. IP addresses are important
because they identify a computer or source, just like your postal address identifies
where you live.

TYPES OF FIREWALLS
There are software and hardware firewalls. Each format serves a different but
important purpose. A hardware firewall is physical, like a broadband router —
stored between your network and gateway. A software firewall is internal — a
program on your computer that works through port numbers and applications.
There also are cloud-based firewalls, known as Firewall as a Service (FaaS). One
benefit of cloud-based firewalls is that they can grow with your organization and,
similar to hardware firewalls, do well with perimeter security.
There are several different types of firewalls based on their structure and
functionality. Here are the different firewalls you can implement, depending on the
size of your network and the level of security you need.

Packet-filtering firewalls
A packet-filtering firewall is a management program that can block network
traffic IP protocol, an IP address, and a port number. This type of firewall is the
most basic form of protection and is meant for smaller networks.
While packet-filtering firewalls can be helpful, they also have limitations.
Because all web traffic is allowed, it doesn’t block web-based attacks. So, you
need additional protection to distinguish between friendly and malicious web
traffic.

Stateful multi-layer inspection (SMLI) firewalls

The stateful multi-layer inspection firewall has standard firewall capabilities and
keeps track of established connections. It filters traffic based on state, port, and
protocol, along with administrator-defined rules and context. This involves using
data from prior connections and packets from the same connection.
Most firewalls rely on stateful packet inspection to keep track of all internal
traffic. This firewall is a step above packet-filtering in its use of multi-layer
monitoring.

3|Page
 However, it is still unable to distinguish between good and bad web traffic, so
you may need additional software.

Next-generation firewalls (NGFW)

Next-generation firewalls are more sophisticated than packet-filtering and
stateful inspection firewalls. Why? They have more levels of security, going
beyond standard packet-filtering to inspect a packet in its entirety. That means
not just the packet header, but also a packet’s contents and source. NGFW are
able to block more sophisticated and evolving security threats like advanced
malware.

Network address translation (NAT) firewalls

A NAT firewall is able to assess internet traffic and block unsolicited
communications. In other words, it only accepts inbound web traffic if a device
on your private network solicited it.

Host-based firewalls versus network-based firewalls

There are differences between host-based and network-based firewalls, along
with benefits of having both in place.
Network firewalls filter traffic going to and from the internet to secured local area
networks (LAN). They typically are used by businesses that need to protect a
large network of computers, servers, and employees. A network-based firewall
is able to monitor communications between a company’s computers and outside
sources, as well as restrict certain websites, IP addresses, or other services.
Host-based firewalls work similarly but are stored locally on a single computer or
device. A host-based firewall is a software application or a suite of applications
that allows for more customization. They are installed on each server, control
incoming and outgoing traffic, decide whether to allow traffic to individual
devices, and protect the host.

What are some of the main risks of not having a firewall?

You might already engage in certain safe computer and internet use practices,
including these:
✓ You don’t click on unknown links or attachments.
✓ You only log on to trustworthy, known websites.
✓ You never give out any personal information unless it is absolutely necessary.
✓ You have strong, unique, complex passwords for each online account that
you update often.
Does that make you safe enough? The answer may be “no.” If you use the internet,
it’s smart to have a firewall in place. Cyber threats are widespread and evolving. It’s
important to use available defences to help protect your network, and the personal
information stored on your computer, against cybercrimes.

4|Page
 Here are the three main risks of not having a firewall:

Open access
Without a firewall, you’re accepting every connection into your network from
anyone. You wouldn’t have any way to detect incoming threats that could leave
your devices vulnerable to malicious users.

Lost or compromised data

Not having a firewall could leave your devices exposed, which could allow
someone to gain control over your computer or network. Cybercriminals could
delete your data. Or they could use it to commit identity theft or financial fraud.

Network crashes
Without a firewall, attackers could shut down your network. Getting it running
again, and attempting to recover your stored data, could involve your time and
money.
Firewalls are a key part of security technology, especially when the different
types of firewalls work together to provide an umbrella of protection. Firewalls
can help keep your network, computer, and data safe and secure.

DESCRIBE AND COMPARE FIREWALL Hardware Firewall vs. Software

TYPES Firewall

Hardware and software firewalls protect

data and equipment on a network from
unauthorized access. A firewall should be
used in addition to security software.
Hardware and software firewalls have
several modes for filtering network data
traffic:
• Packet filter – This is a set of rules
that allows or denies traffic based
on criteria such as IP addresses,
protocols, or ports used.
• Proxy firewall – This is a firewall
installed on a proxy server that
inspects all traffic and allows or
denies packets based on
configured rules. A proxy server is
a server that is a relay between a CISCO IT Essentials Offline Materials
client and a destination server on
the Internet.

5|Page
 • Stateful packet inspection – This is a firewall that keeps track of the
state of network connections traveling through the firewall. Packets that
are not part of a known connection are dropped.

Hardware Firewall
A hardware firewall is a physical filtering component that inspects data packets
from the network before they reach computers and other devices on a network. A
hardware firewall is a free-standing unit that does not use the resources of the
computers it is protecting, so there is no impact on processing performance.

Software Firewall
A software firewall is an application on a computer that inspects and filters data
packets. Windows Firewall is an example of a software firewall that is included in
the Windows operating system. A software firewall uses the resources of the
computer, resulting in reduced performance for the user.

CONFIGURING FIREWALL TYPES

A firewall selectively denies traffic to a computer or network segment. Firewalls
generally work by opening and closing the ports used by various applications. By
opening only the required ports on a firewall, you are implementing a restrictive
security policy. Any packet not explicitly permitted is denied. In contrast, a
permissive security policy permits access through all ports, except those
explicitly denied. In the past, software and hardware were shipped with
permissive settings. As users neglected to configure their equipment, the default
permissive settings left many devices exposed to attackers. Most devices now
ship with settings as restrictive as possible, while still allowing easy setup.

Software Firewalls
Software firewalls can be either an independent application or part of the
operating system. There are several third-party software firewalls. There is also
a software firewall built into Windows 10.

6|Page
Windows Defender Firewall

To turn Microsoft Defender Firewall on or off

Standard Procedure:
1. Select the Start button > Settings > Update & Security > Windows
Security and then Firewall & network protection. Open Windows Security
settings
2. Select a network profile.
3. Under Microsoft Defender Firewall, switch the setting to On. If your device is
connected to a network, network policy settings might prevent you from
completing these steps. For more info, contact your administrator.
4. To turn it off, switch the setting to Off. Turning off Windows Defender Firewall
could make your device (and network, if you have one) more vulnerable to
unauthorized access. If there's an app you need to use that's being blocked, you
can allow it through the firewall, instead of turning the firewall off.

7|Page
Short Cut:

Windows key + R,
type WF.msc, and
then press ENTER.

Windows Defender Firewall

Windows Defender Firewall has three network profiles types:

1. Domain profile: Used for networks where there is a system of account
authentication against a domain controller (DC), such as an Azure Active
Directory DC
2. Private profile: Designed for and best used in private networks such as a
home network
3. Public profile: Designed with higher security in mind for public networks
like Wi-Fi hotspots, coffee shops, airports, hotels, or stores

8|Page
To allow/block inbound or outbound
connections for a specific profile, click
Advanced Setting, right-click on the root
of Windows Defender Firewall with
Advanced Security > Properties.

Maintain the default settings in Windows

Defender Firewall whenever possible.
These settings have been designed to
secure your device for use in most
network scenarios. One key example is
the default Block behavior for inbound
connections.

Please note that by default Windows

Defender Firewall in Windows 10 blocks
all incoming connections and allows all
outgoing ones.

Inbound refers to connections coming-

in to a specific device (host/server) from
a remote location. e.g. A Web Browser
connecting to your Web Server is an
inbound connection (to your Web
Server). Outbound refers to
connections going-out to a specific device from a device/host.

If you want to block Internet access from your computer

Select Outbound Connection -> Block on all three tabs. In this case, outgoing
connections will be denied for all programs except those allowed (Windows 10 has
several pre-configured rules for system processes: access to Windows Update,
Windows Store, updating the Windows Defender antivirus signatures, etc.).

9|Page
 ➢ Let’s try to add the Mozilla
Firefox browser to the list of
allowed programs.
1. Click on the Allow an app or
feature through Windows
Defender Firewall button in the
left pane.
2. A list of allowed Windows
applications and services
appears in the list.
3. To add a new rule, click Allow
another app.

Use

the Browse button to specify the path to the executable file that you want to allow
access to the Internet. We selected our browser’s executable file C:\Program
Files\Mozilla Firefox\firefox.exe

10 | P a g e
Click OK and select for which network profiles this rule should be active.

➢ You can configure Windows Defender Firewall rules more finely from the
wf.msc console. Here you can create separate allowing or blocking rules
for a specific program, protocol (TCP/UDP/ ICMP/IPsec), IP address or port
number.

To create a new outbound rule,

right click on Outbound Rules -
> New Rule.

11 | P a g e
Next, follow a simple wizard to help
you to create your own rule in
Windows Defender Firewall.

In this example, we’ve enabled

outbound connections for the
putty.exe client.

12 | P a g e
 Select Allow the
connection and provide a
name for the rule.

The
new
rule will
appear
in

the Outbound rules list. You can disable it via the Disable rule option in context menu.
This does not delete the rule, but it becomes inactive.

Best practices for configuring Windows Defender Firewall

✓ Keep default settings.
✓ Understand rule precedence for inbound rules.
✓ Create rules for new applications before first launch.

13 | P a g e
 ✓ Establish local policy merge and application rules.
✓ Know how to use "shields up" mode for active attacks.
✓ Create outbound rules.
✓ Document your changes.

For more readings about Windows Defender Firewall you may open this link.
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-
firewall/best-practices-configuring

III. Accompanying DepEd Textbook and Educational Sites (With Possible

Materials for experiments/activities)
✓ https://www.kaspersky.com/resource-center/definitions/firewall, Retrieved on
November 4, 2020, 8:05 AM
✓ https://us.norton.com/internetsecurity-emerging-threats-what-is-firewall.html,
Retrieved on November 4, 2020, 8:15 AM
✓ https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-
firewall/best-practices-configuring, Retrieved on November 4, 2020, 8:26 AM
✓ CISCO IT Essentials Offline Materials, Retrieved on November 4, 2020, 9:15 AM
✓

IV. Activity Proper

1. Activity: Blocking a Program/Application in Windows 10 Firewall

Instruction: Open your Computer or go an internet café nearby and open the link
provided below. Decide for a program/application to be blocked and follow
the infographic procedure in that page after opening the link.
http://bit.do/blocking-a-program

2. Exercises / Activities
2.1 Multiple Choice. Encircle the correct answer from the given choices below.
1. These are the common threats when linking your computer to a network or the
internet, except.
a. Hacking c. identity theft
b. cloud storage d. online fraud

2. The most basic form of protection and is meant for smaller networks.
a. Stateful multi-layer inspection (SMLI) firewalls
b. Packet-filtering firewalls
c. Next-generation firewalls (NGFW)
d. Network address translation (NAT) firewalls

14 | P a g e
 3. More sophisticated than packet-filtering and stateful inspection firewalls.
a. Stateful multi-layer inspection (SMLI) firewalls
b. Packet-filtering firewalls
c. Next-generation firewalls (NGFW)
d. Network address translation (NAT) firewalls

4. This involves using data from prior connections and packets from the same
connection.
a. Stateful multi-layer inspection (SMLI) firewalls
b. Packet-filtering firewalls
c. Next-generation firewalls (NGFW)
d. Network address translation (NAT) firewalls

5. The risk that attackers could shut down your network if without a firewall.
a. Open access c. Network crashes
b. Lost or compromised data d. None

6. The risk that you’re accepting every connection into your network from
anyone if without a firewall.
a. Open access c. Network crashes
b. Lost or compromised data d. None

7. This is a firewall that keeps track of the state of network connections traveling
through the firewall.
a. Stateful packet inspection c. Packet Filter
b. Proxy Firewall d. None

8. This is a set of rules that allows or denies traffic based on criteria such as IP
addresses, protocols, or ports used.
a. Stateful packet inspection c. Packet Filter
b. Proxy Firewall d. None

9. Multiple Computers can be protected in this type of firewall.

a. Proxy Firewall c. Software Firewall
b. Hardware Firewall d. Windows Defender Firewall

10. Refers to connections coming-in to a specific device (host/server) from a

remote location.
a. Open Access c. Outbound Connections
b. Packet Filter d. Inbound Connections

15 | P a g e
 Scoring Rubric

Needs Approaching Good Excellent

Improvement standards
3Pt 5Pts 7Pts 10Pts
You put
thought into
this, but there
is no real
There is no What you are writing about is What you are writing
evidence of
clear or clear. You answered the about is clear and well-
Ideas and learning.
specific question. Some support may expressed, including
Content More specific
explanation in be lacking, or your sentences specific examples to
information is
answer to the may be a bit awkward. demonstrate what you
needed or
question. Overall, a decent job. learned. Well done!
you need to
follow the
directions
more closely.
Only one term
Your answer included all
from the
the terms from the lesson
lesson is Your answer included several
Use of No terms from that applied to the
used in the terms from the lesson,
terms the lesson are question asked. All terms
answer. Try demonstrating adequate
used. are fully defined and
for a few understanding of the material.
used in the proper
more, next
context.
time.
Some
sentences are
Sentences are Sentences are complete
complete and
Sentence incomplete or and they connect to one
easy to Sentences are complete and
Fluency too long. It another easily when they
understand. able to be understood.
makes reading are read out loud. Your
Others
them difficult. writing 'flows.'
require some
work.
Few end Mistakes Use of punctuation marks and No punctuation or
marks or using end capitals, as well as spelling, is structural mistakes. No
capital letters. marks or mostly correct. Few errors spelling errors. Your
Answers capitals as exist in your answer. writing shows full
Conventions contain well as awareness of the rules of
numerous spelling English use.
spelling or mistakes
structural make the
errors. writing hard to
read.

16 | P a g e
 V. Reflection
Facebook is one of the most popular social media platforms in the world.
Although it has various benefits and is one of the most powerful creations, it also
contains many disadvantages. Some of them are addiction, time-waster, and
causes distractions. Person can lead to spending his precious time on
Facebook, rather than doing something productive. For children to become
productive, parents must do something to limit the usage of these platform at
home.

How to limit the usage of social media platform like Facebook? Discuss.

17 | P a g e