EC-Council
312-50V9 · Question #465
312-50V9 Question #465: Real Exam Question with Answer & Explanation
The correct answer is C: Circuit-level gateway firewall. A circuit-level gateway operates at the session layer and validates TCP handshakes without inspecting packet contents, matching the described firewall behavior exactly.
Question
While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?
Options
- APacket filtering firewall
- BApplication-level firewall
- CCircuit-level gateway firewall
- DStateful multilayer inspection firewall
Explanation
A circuit-level gateway operates at the session layer and validates TCP handshakes without inspecting packet contents, matching the described firewall behavior exactly.
Common mistakes.
- A. A packet filtering firewall operates at the network layer (Layer 3) and filters traffic based on source/destination IP addresses and port numbers, not TCP session handshaking.
- B. An application-level firewall (proxy firewall) operates at the application layer (Layer 7) and performs deep inspection of application protocol data, far beyond session handshake monitoring.
- D. A stateful multilayer inspection firewall tracks connection state across multiple OSI layers simultaneously, including network and application layers, which is more comprehensive than the described behavior.
Concept tested. Circuit-level gateway firewall and OSI session layer
Reference. https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-firewall.html
Community Discussion
No community discussion yet for this question.