CISSP · Question #312
Which of the following provides the MOST comprehensive filtering of Peer-to-Peer (P2P) traffic?
The correct answer is A. Application proxy. P2P traffic is notoriously difficult to filter because it uses dynamic ports and can disguise itself as legitimate traffic; an application proxy operates at Layer 7 and can inspect actual application content to identify and block P2P protocols regardless of port.
Question
Options
- AApplication proxy
- BPort filter
- CNetwork boundary router
- DAccess layer switch
How the community answered
(26 responses)- A73% (19)
- B8% (2)
- C4% (1)
- D15% (4)
Why each option
P2P traffic is notoriously difficult to filter because it uses dynamic ports and can disguise itself as legitimate traffic; an application proxy operates at Layer 7 and can inspect actual application content to identify and block P2P protocols regardless of port.
An application proxy (Layer 7 proxy) performs deep packet inspection by examining the full application-layer payload, allowing it to identify P2P protocols like BitTorrent or eDonkey based on their signatures, behavioral patterns, and content-even when they use non-standard or randomized ports to evade simpler filtering methods. This makes it the most comprehensive solution because it is not fooled by port-hopping or protocol obfuscation techniques that defeat lower-layer controls.
A port filter blocks traffic based solely on TCP/UDP port numbers, but P2P applications are specifically designed to bypass this by using dynamic, randomized, or well-known ports (e.g., port 80), making port-based filtering largely ineffective against modern P2P software.
A network boundary router can apply ACLs and basic packet filtering, but it operates primarily at Layers 3–4 and lacks the application-layer visibility needed to reliably identify and block P2P traffic that disguises itself on allowed ports.
An access layer switch operates at Layers 2–3 and is designed for network connectivity and VLAN segmentation, not traffic content inspection; it has no mechanism to analyze or filter application-layer P2P protocols.
Concept tested: Application-layer proxy filtering of P2P traffic
Source: https://www.cisco.com/c/en/us/products/security/what-is-application-layer-filtering.html
Topics
Community Discussion
No community discussion yet for this question.