Should the Router or Firewall Come First?

Network scenario…. I have a typical enterprise network meaning ISP>>>>Edge Router>>>>>Firewall|DMZ>>>>Switch>>>LAN.

I know there are several debates on the internet about what device comes first but based on a typical medium size office 500 people, what should come first in the network architecture, the firewall or the router. My thought was that the router should come first because the IOS firewall would be the first line of defense, then a Palo or Sonicwall for the firewall would come next to take whats left. Let mw know if you think im wrong.

Where did this dungeon come from that was spiral shaped and contained a statue of Dagon?

I remember there being a dungeon for D&D 5e, possibly as part of an AL adventure (I don’t remember it being in a full published adventure like Out of the Abyss, etc), but if it was AL, I don’t remember which season (probably one of the earlier ones, though), or exactly how long ago it was. Me thinking it might have been AL might be a red herring.

It was a small dungeon, I feel like it only had 8 rooms or so, arranged in a spiral shape, and near the centre of the dungeon, I want to say area 7 but that might be wrong, there was a little alcove-like room with a shrine to Dagon there, and possibly a dead/undead creature or two in there. After this room, there was then the centre of the spiral, which contained the “boss fight” (I can’t remember what this boss fight was either).

I can’t remember what Tier this was for, but it was probably Tier 1, or Tier 2 at most; I don’t think it was higher level content.

That’s all I remember, although comment-questions may prompt me to remember a little more…

Where do chwinga come from?

In Tomb of Annihilation dnd-5e first sees chwinga, “small, shy elemental spirits” who are vaguely helpful to the characters if allowed to run their course.

Are chwinga new (in D&D) to 5e, or did they appear in earlier editions? Are they lifted from pre-existing mythology/folklore?

How come correctness proofs aren’t tautological?

Consider the following function on binary trees, which is supposed to tell whether a given int is a member of a binary tree t:

type tree = Leaf | Node of int * tree * tree;;  let rec tmember (t:tree) (x:int) : bool =   match t with       Leaf -> false     | Node (j,left,right) -> j = x || tmember left x || tmember right x ;; 

If one wants to prove that this function is correct, one would need to define first what tree membership actually means, but then I can find no formal way of doing this except for saying that x is a member of t if and only if it is either equal to the root of t, or it is a member of the left or right subtree of t. This is essentially saying that x is a member of t if and only if tmember t x outputs true.

What am I missing here?

How come RFC7636 (PKCE) stops malicous app doing the same code challenge and get legitimate access to API

As per the RFC7636 it stops malicious apps which pretend to be legitimate apps, gaining access to OAuth2.0 protected API’s.

The flow suggests a method of having a runtime level secret which generated from the client and letting the Auth server knows it. This allows token issuer to verify the secret with auth server and grant a proper access token.

However lets assume a malicous app, as the RFC paper suggests, with a correct client_id and client_secret, it can do the same PKCE process and gain access to protected resources.

Is this RFC doesn’t meant to protect those kind of attacks or simply I’m missing something here?

Does Assassinate come into play whenever the Rogue catches the target off guard?

The Assassinate ability under the Assassin subclass of Rogue states:

Starting at 3rd level, you are at your deadliest when you get the drop on your enemies. You have advantage on attack rolls against any creature that hasn’t taken a turn in the combat yet. In addition, any hit you score against a creature that is surprised is a critical hit.”

That last sentence has confused me: “In addition, any hit you score against a creature that is surprised is a critical hit.” Does that apply any time the Rogue catches the target off guard (such as an attack from hiding), or only in a surprise round?