312-50V9 · Question #465
While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at t
The correct answer is C. Circuit-level gateway firewall. A circuit-level gateway operates at the session layer and validates TCP handshakes without inspecting packet contents, matching the described firewall behavior exactly.
Question
While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?
Options
- APacket filtering firewall
- BApplication-level firewall
- CCircuit-level gateway firewall
- DStateful multilayer inspection firewall
How the community answered
(50 responses)- A6% (3)
- B16% (8)
- C74% (37)
- D4% (2)
Why each option
A circuit-level gateway operates at the session layer and validates TCP handshakes without inspecting packet contents, matching the described firewall behavior exactly.
A packet filtering firewall operates at the network layer (Layer 3) and filters traffic based on source/destination IP addresses and port numbers, not TCP session handshaking.
An application-level firewall (proxy firewall) operates at the application layer (Layer 7) and performs deep inspection of application protocol data, far beyond session handshake monitoring.
Circuit-level gateways function at OSI Layer 5 (session layer) by monitoring the TCP three-way handshake to determine whether a requested session is legitimate, without inspecting the actual data payload. Once a session is established as valid, traffic is relayed without further content inspection. This behavior - validating session establishment rather than filtering by IP or inspecting application data - is the defining characteristic of a circuit-level gateway.
A stateful multilayer inspection firewall tracks connection state across multiple OSI layers simultaneously, including network and application layers, which is more comprehensive than the described behavior.
Concept tested: Circuit-level gateway firewall and OSI session layer
Source: https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-firewall.html
Topics
Community Discussion
No community discussion yet for this question.