2.2 Given a scenario, configure and apply basic Microsoft Windows OS security settings.
📘CompTIA A+ Core 2 (220-1202)
Firewall in Windows OS
A firewall is a security tool built into Microsoft Windows that controls the flow of network traffic to and from your computer. Think of it as a security guard that decides which network connections are allowed and which are blocked. Firewalls help protect your computer from unauthorized access, malware, and hacking attempts.
In Windows, the firewall is called Windows Defender Firewall (or sometimes just “Windows Firewall”).
1. Activate / Deactivate the Firewall
Why it matters:
Having your firewall active is crucial for security. Sometimes, you may need to temporarily turn it off for troubleshooting or installing certain applications. However, leaving it off for too long is risky.
How to activate/deactivate:
- Open Windows Security settings:
- Go to Start → Settings → Privacy & Security → Windows Security → Firewall & network protection.
- Choose the network profile:
- Domain network – used at work/school.
- Private network – used at home or trusted networks.
- Public network – used in public places (cafes, airports, etc.)
- Turn the firewall on or off:
- Click “Turn on” or “Turn off” under the network profile.
Important Notes for Exam:
- Firewalls should always be on, except for temporary troubleshooting.
- You can control it per network type (public, private, domain).
2. Port Security
What is a port?
A port is like a doorway through which your computer communicates with other computers or servers over a network. For example:
- Port 80 is used for HTTP (web traffic).
- Port 443 is used for HTTPS (secure web traffic).
- Port 21 is used for FTP (file transfers).
Port security in Windows Firewall:
You can allow or block specific ports to control network traffic. This is called port-based filtering.
How to configure port security:
- Open Windows Defender Firewall with Advanced Security.
- Go to Inbound Rules (incoming traffic) or Outbound Rules (outgoing traffic).
- Click New Rule → Port.
- Choose TCP or UDP and specify the port number(s).
- Select Allow the connection or Block the connection.
- Apply the rule to Domain, Private, or Public networks.
Why it’s important:
- Closing unused ports prevents hackers from accessing your system.
- Only open ports needed for your applications.
3. Application Security
What is it?
Application security in a firewall means controlling which programs can access the network. This ensures only trusted applications can send or receive data.
How to configure application security in Windows Firewall:
- Go to Windows Defender Firewall → Allow an app through firewall.
- Click Change settings → Allow another app…
- Browse to the program’s .exe file.
- Choose which network types the app can use (private or public).
Key points:
- Only allow trusted applications to connect.
- Prevent unknown programs from sending data out or receiving data in.
- Helps stop malware that tries to connect to the internet.
Summary for Exam
| Firewall Feature | What it Does | Exam Tip |
|---|---|---|
| Activate/Deactivate | Turns firewall on/off per network profile | Firewalls are usually ON; can be turned off temporarily for troubleshooting |
| Port Security | Allows/block traffic on specific ports | Know how to create inbound/outbound rules for TCP/UDP ports |
| Application Security | Allows/block programs from network access | Only allow trusted apps, block unknown apps |
Important Exam Notes:
- Firewalls protect computers from unauthorized access and network attacks.
- Windows Firewall can control access by network profile, port, and application.
- Always document changes for troubleshooting and security audits.
