312-50V11 · Question #577
While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at t
The correct answer is C. Circuit-level gateway firewall. A circuit-level gateway firewall operates at the session layer (Layer 5) of the OSI model and monitors TCP handshaking to validate sessions without inspecting packet contents. This matches the described firewall behavior exactly.
Question
While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?
Options
- APacket filtering firewall
- BApplication-level firewall
- CCircuit-level gateway firewall
- DStateful multilayer inspection firewall
How the community answered
(33 responses)- A3% (1)
- B9% (3)
- C73% (24)
- D15% (5)
Why each option
A circuit-level gateway firewall operates at the session layer (Layer 5) of the OSI model and monitors TCP handshaking to validate sessions without inspecting packet contents. This matches the described firewall behavior exactly.
A packet filtering firewall operates at the network layer (Layer 3) and filters traffic based on IP addresses, ports, and protocols, not TCP session handshaking.
An application-level firewall (proxy firewall) operates at Layer 7 and inspects the full content of application traffic, going well beyond session-layer handshake monitoring.
A circuit-level gateway operates at the OSI session layer and validates TCP three-way handshakes to determine whether a requested session is legitimate, without inspecting the actual data payload. It acts as a relay for TCP connections, making it the firewall type that exclusively monitors TCP handshaking at the session layer as described in the question.
A stateful multilayer inspection firewall tracks connection state across multiple OSI layers simultaneously, not solely at the session layer.
Concept tested: Firewall types - circuit-level gateway session layer operation
Source: https://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-confaccesslists.html
Topics
Community Discussion
No community discussion yet for this question.