While doing a Black box pen test via the TCP port (80), you noticed that the traffic gets blocked when you tried to pass IRC traffic from a web enabled host. However, you also noticed that outbound HTTP traffic is being allowed. What type of firewall is being utilized for the outbound traffic?
A. Stateful
B. Application
C. Circuit
D. Packet Filtering Answer: A
EC-Council Certified Ethical Hacker v11Free dumps for 312-50v11 in Printable PDF format.High quality PDF and software. VALID exam to help you pass. |
 |
|
Download Printable PDF. VALID exam to help you PASS. |
|
I think the answer is A, not B. Stateful does dynamic packet filtering and monitors active TCP/UDP connection where only packets matching a known active connection are allowed.
Ans: B
The fact that the firewall is able to distinguish IRC web traffic from regular port 80 web traffic means it’s inspecting at layer 7 or doing “deep packet”. This is functionality of an Application layer firewall………This was on the CEH Test taken 2-15-2016
Application
Agreed, B: Application Firewall
• A stateful firewall is a network firewall that tracks the operating state and characteristics of network connections traversing it. The firewall is configured to distinguish legitimate packets for different types of connections.
• An application firewall is a form of firewall that controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls that do not meet the configured policy of the firewall.
• A circuit-level gateway is a type of firewall. Circuit-level gateways work at the session layer of the OSI model, or as a “shim-layer” between the application layer and the transport layer of the TCP/IP stack. They monitor TCP handshaking between packets to determine whether a requested session is legitimate.
• Packet filtering is a firewall technique used to control network access by monitoring outgoing and incoming packets and allowing them to pass or halt based on the source and destination Internet Protocol (IP) addresses, protocols and ports.
Application
Correct Answer: B
You ‘re right mate. It’s a WAF.