Which firewall limitation makes it difficult to determine if a connection originated inside or outside the network?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the EC-Council Certified Ethical Hacker (CEH) Certification. Master concepts with flashcards and multiple choice questions, each enriching your understanding. Ready yourself to succeed in your exam!

Multiple Choice

Which firewall limitation makes it difficult to determine if a connection originated inside or outside the network?

Explanation:
This question tests how a firewall tracks active connections to determine where traffic originated. A stateful firewall keeps a connection table that records who opened the session, along with source and destination addresses and ports, and the expected sequence of packets. With this context, the firewall can tell whether incoming packets belong to an internal connection or are new requests from outside, based on the established state. If it cannot maintain state information, each packet is evaluated in isolation, so there’s no reliable link to a known internal session, making it hard to discern whether the traffic came from inside or outside. Deep packet inspection looks at payloads rather than origin, NAT traversal deals with crossing network address translation but doesn’t directly fix origin tracking, and a stateful firewall is precisely the mechanism that would resolve origin questions rather than cause the limitation.

This question tests how a firewall tracks active connections to determine where traffic originated. A stateful firewall keeps a connection table that records who opened the session, along with source and destination addresses and ports, and the expected sequence of packets. With this context, the firewall can tell whether incoming packets belong to an internal connection or are new requests from outside, based on the established state. If it cannot maintain state information, each packet is evaluated in isolation, so there’s no reliable link to a known internal session, making it hard to discern whether the traffic came from inside or outside. Deep packet inspection looks at payloads rather than origin, NAT traversal deals with crossing network address translation but doesn’t directly fix origin tracking, and a stateful firewall is precisely the mechanism that would resolve origin questions rather than cause the limitation.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy