312-50V13 · Question #37
What does a firewall check to prevent particular ports and applications from getting packets into an organization?
The correct answer is A. Transport layer port numbers and application layer headers. This question identifies which layers of the OSI model a firewall inspects to control traffic based on ports and applications.
Question
Options
- ATransport layer port numbers and application layer headers
- BPresentation layer headers and the session layer port numbers
- CNetwork layer headers and the session layer port numbers
- DApplication layer port numbers and the transport layer headers
How the community answered
(45 responses)- A89% (40)
- B2% (1)
- C7% (3)
- D2% (1)
Why each option
This question identifies which layers of the OSI model a firewall inspects to control traffic based on ports and applications.
To prevent packets from reaching particular ports and applications, firewalls inspect the Transport layer headers for port numbers (e.g., TCP/UDP port 80 for HTTP, 443 for HTTPS). Additionally, Next-Generation Firewalls perform deep packet inspection by examining Application layer headers to identify and control specific application traffic regardless of the port used.
Presentation and session layer headers are not the primary points of inspection for standard port and application filtering by firewalls.
While network layer headers are checked for IP addresses, 'session layer port numbers' is not a standard term, and the network layer does not typically identify applications directly.
Port numbers are fundamentally a Transport layer concept. While firewalls examine Application layer headers for deep inspection, they look at Transport layer headers for port numbers.
Concept tested: Firewall packet inspection layers (Transport, Application)
Source: https://www.cloudflare.com/learning/network-layer/what-is-a-firewall/
Topics
Community Discussion
No community discussion yet for this question.