nerdexam
EC-Council

312-50V10 · Question #304

One advantage of an application-level firewall is the ability to

The correct answer is B. filter specific commands, such as http:post.. Application-level firewalls (Layer 7 proxies) can inspect and filter specific application-layer commands such as HTTP POST, which packet-filtering firewalls cannot.

Evading IDS, Firewalls, and Honeypots

Question

One advantage of an application-level firewall is the ability to

Options

  • Afilter packets at the network level.
  • Bfilter specific commands, such as http:post.
  • Cretain state information for each packet.
  • Dmonitor tcp handshaking.

How the community answered

(30 responses)
  • B
    90% (27)
  • C
    3% (1)
  • D
    7% (2)

Why each option

Application-level firewalls (Layer 7 proxies) can inspect and filter specific application-layer commands such as HTTP POST, which packet-filtering firewalls cannot.

Afilter packets at the network level.

Filtering packets at the network level is the function of a packet-filtering firewall operating at Layer 3/4, not an application-level firewall.

Bfilter specific commands, such as http:post.Correct

Application-level firewalls operate at OSI Layer 7 and fully understand application protocols, allowing them to permit or deny specific commands like HTTP GET, POST, or PUT. This granular control over application behavior is the defining advantage over lower-layer firewalls, which only see IP addresses and port numbers.

Cretain state information for each packet.

Retaining state information per packet is the characteristic of a stateful inspection firewall, not specifically an application-level firewall.

Dmonitor tcp handshaking.

Monitoring TCP handshaking is performed by stateful firewalls that track connection state at the transport layer, which is below the application layer.

Concept tested: Application-layer firewall deep packet inspection capabilities

Source: https://www.cisco.com/c/en/us/td/docs/security/asa/asa-cli-reference/A-H/asa-command-ref-A-H/a-commands.html

Topics

#application firewall#HTTP command filtering#proxy#packet filtering

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice