2.10 Apply Security Settings on SOHO Wireless and Wired Networks
📘CompTIA A+ Core 2 (220-1202)
Firewall Settings
A firewall is a security feature built into most SOHO routers and some operating systems. Its main job is to monitor, allow, or block network traffic based on security rules.
In a SOHO (Small Office/Home Office) network, the firewall usually runs on:
- The router
- Or a software firewall on a computer
For the CompTIA A+ exam, you must understand how firewall settings protect the network and how misconfigured firewall settings can create security risks.
This section focuses on two key firewall settings:
- Disabling unused ports
- Port forwarding / port mapping
1. Disabling Unused Ports
What Is a Port?
A port is a numbered communication endpoint used by network services and applications.
Examples:
- Port 80 → Web traffic (HTTP)
- Port 443 → Secure web traffic (HTTPS)
- Port 22 → Secure remote access (SSH)
- Port 3389 → Remote Desktop (RDP)
Each service listens on a specific port number.
Why Ports Matter for Security
If a port is open, it means:
- A service is listening on that port
- External or internal devices may be able to connect
Open but unused ports are a security risk because:
- Attackers scan networks for open ports
- Unused services may contain vulnerabilities
- Malware can exploit open ports to gain access
What Does “Disabling Unused Ports” Mean?
Disabling unused ports means:
- Blocking traffic on ports that are not required
- Turning off unnecessary services
- Closing ports at the firewall level
This is a basic but very important security practice.
How It Works on a SOHO Router
On a SOHO router firewall:
- The router checks incoming and outgoing traffic
- If traffic targets a blocked port, it is denied
- If traffic targets an allowed port, it is permitted
By default:
- Most SOHO routers block all inbound traffic
- Outbound traffic is usually allowed
Exam-Relevant Points
For the CompTIA A+ exam, remember:
- Unused ports should always be disabled
- Open ports increase the attack surface
- Disabling ports reduces:
- Unauthorized access
- Malware communication
- Network scanning attacks
Common Exam Scenarios
You may see questions like:
- “A SOHO network has multiple open ports that are not in use. What should the technician do?”
- Correct answer: Disable or block unused ports on the firewall
Key Benefits of Disabling Unused Ports
- Improves overall network security
- Reduces exposure to attacks
- Follows the principle of least privilege
- Prevents unauthorized services from running
2. Port Forwarding / Port Mapping
What Is Port Forwarding?
Port forwarding (also called port mapping) is a firewall setting that:
- Allows external traffic from the internet
- To reach a specific internal device
- On a specific port
It creates a rule that says:
“If traffic arrives on this port, send it to this internal system.”
Why Port Forwarding Exists
In a SOHO network:
- Internal devices use private IP addresses
- Private IPs are not reachable directly from the internet
Port forwarding allows:
- External users
- To access an internal service securely and intentionally
How Port Forwarding Works (Step-by-Step)
- Traffic arrives at the router’s public IP
- The firewall checks port forwarding rules
- If a rule exists:
- Traffic is sent to the specified internal IP and port
- If no rule exists:
- Traffic is blocked
IT-Based Example (No Analogies)
- A server inside the network runs a service on port 443
- The router forwards port 443 traffic
- To the internal server’s private IP
- External users can now access that service
This is intentional access, not accidental exposure.
Security Risks of Port Forwarding
Port forwarding opens holes in the firewall, which creates risk if not managed correctly.
Risks include:
- Unauthorized access
- Brute-force attacks
- Exploitation of vulnerable services
Best Practices (Exam Important)
For the exam, always remember:
- Only forward necessary ports
- Avoid forwarding:
- Unused ports
- Administrative ports unless required
- Remove port forwarding rules when no longer needed
Port Forwarding vs Disabling Ports (Key Difference)
| Feature | Disabling Unused Ports | Port Forwarding |
|---|---|---|
| Purpose | Improve security | Allow external access |
| Default action | Block traffic | Allow traffic |
| Risk level | Low | Higher |
| Exam focus | Security best practice | Controlled access |
Common Exam Scenarios
You may see questions like:
- “An internal service needs to be accessible from the internet. What firewall feature should be configured?”
- Correct answer: Port forwarding
- “A SOHO router has unnecessary port forwarding rules. What should be done?”
- Correct answer: Remove unused port forwarding rules
Key Exam Takeaways (Must Remember)
Disabling Unused Ports
- Blocks unnecessary network traffic
- Reduces attack surface
- Prevents exploitation of unused services
- Always recommended for SOHO security
Port Forwarding / Mapping
- Allows external access to internal services
- Requires careful configuration
- Should only be used when absolutely necessary
- Increases security risk if misconfigured
Summary for Students
- A firewall controls network traffic
- Closed ports = safer network
- Open ports = higher risk
- Port forwarding is powerful but dangerous if misused
- Always follow the principle: Allow only what is required
