Home » Cisco » 210-260 » What can cause the state table of a stateful firewall to update?
What can cause the state table of a stateful firewall to update? (choose two)
A. when connection is created
B. connection timer expired within state table
C. when packet is evaluated against the inbound access list and is …
D. outbound packets forwarded to inbound interface
E. when rate limiting is applied
Correct Answer: AB
Explanation/Reference:
Stateful inspection monitors incoming and outgoing packets over time, as well as the state of the connection, and stores the data in dynamic state tables. This cumulative data is evaluated, so that filtering decisions would not only be based on administrator-defined rules, but also on context that has been built by previous connections as well as previous packets belonging to the same connection.
Entries are created only for TCP connections or UDP streams that satisfy a defined security policy.
In order to prevent the state table from filling up, sessions will time out if no traffic has passed for a certain period. These stale connections are removed from the state table. https://en.wikipedia.org/wiki/Stateful_firewall
On the Aug-Sept 2018 exam