300-415 Question #359: Real Exam Question with Answer & Explanation

Question

Explanation

This question tests your ability to match distinguishing characteristics to the correct firewall type - a core network security topic on exams like CompTIA Security+, Network+, and CySA+. Firewall types differ in the OSI layer they operate at and the depth of traffic inspection they perform.

Approach. Match each feature to the firewall type by OSI layer and inspection depth. Packet filtering firewalls operate at Layer 3–4, inspecting IP/port headers only - match features like 'uses ACLs', 'stateless', 'fast but limited'. Stateful inspection firewalls track connection state in a session table - match 'tracks TCP handshake', 'session-aware', 'connection tracking table'. Application-layer / proxy firewalls (including WAFs) operate at Layer 7 - match 'deep packet inspection', 'understands HTTP/FTP', 'content filtering', 'hides internal IPs via proxy'. Next-generation firewalls (NGFW) combine all of the above plus add 'IPS integration', 'SSL/TLS inspection', 'application identity awareness', and 'user-based policies'. Circuit-level gateways operate at Layer 5 and validate the TCP handshake only - match 'monitors session establishment', 'does not inspect payload'.

Concept tested. Firewall type classification - understanding the OSI layer, inspection method, and unique capabilities of each firewall type: packet filtering, stateful inspection, circuit-level gateway, application-layer/proxy, and next-generation firewall (NGFW). This is fundamental to network defense architecture decisions.

Reference. CompTIA Security+ SY0-701 Objective 4.3 - Explain the security implications of proper hardware, software, and data asset management; CompTIA Network+ N10-009 Objective 4.3 - Given a scenario, apply network security features. Also covered in NIST SP 800-41 Rev. 1 (Guidelines on Firewalls and Firewall Policy).

No community discussion yet for this question.