Certified Incident Handler (ECIH) — Question 26
Malachi, a security professional, implemented a firewall in his organization to trace incoming and outgoing traffic. He deployed a firewall that works at the session layer of the OSI model and monitors the TCP handshake between hosts to determine whether a requested session is legitimate.
Identify the firewall technology implemented by Malachi in the above scenario.
Answer options
- A. Next generation firewall (NGFW)
- B. Circuit-level gateways
- C. Network address translation (NAT)
- D. Packet filtering
Correct answer: B
Explanation
The correct answer is B, Circuit-level gateways, as they operate at the session layer and manage the TCP handshake to validate sessions. Option A, Next generation firewall (NGFW), incorporates more advanced features but does not specifically focus on session management. Option C, Network address translation (NAT), primarily deals with IP address translation and does not monitor sessions. Option D, Packet filtering, works at the network layer and does not analyze the session state.