Which two tasks can be performed by analyzing the logs of a traditional stateful firewall? (Choose two.)
A. Confirm the timing of network connections differentiated by the TCP 5-tuple
B. Audit the applications used within a social networking web site.
C. Determine the user IDs involved in an instant messaging exchange.
D. Map internal private IP addresses to dynamically translated external public IP addresses
E. Identify the malware variant carried by ^n SMTP connection
A,D are correct! It’s a stateful traditional firewall, not an NGFW!
So are any of these questions valid anymore?
Stateful firewalls operate at layers 3 & 4 of the OSI reference model and therefore any application layer information would be unavailable. This
New Questions are added in new exam
So, are any of these questions valid anymore?
How many new questions are added?
i still think its AD. does anyone else think otherwise
most sources say B,E
what is the source for B , E answers ?
No way it is B or E, its layer 3&4 FW, has nothing to do with Applications