Computer Hacking Forensic Investigator (CHFI v10) — Question 126

You are assisting a Department of Defense contract company to become compliant with the stringent security policies set by the DoD. One such strict rule is that firewalls must only allow incoming connections that were first initiated by internal computers. What type of firewall must you implement to abide by this policy?

Answer options

• A. Packet filtering firewall
• B. Circuit-level proxy firewall
• C. Application-level proxy firewall
• D. Stateful firewall

Correct answer: D

Explanation

A stateful firewall is correct because it tracks the state of active connections and allows only incoming packets that are part of an established connection initiated from the internal network. In contrast, packet filtering firewalls do not track connection states, and proxy firewalls (both circuit and application-level) act as intermediaries but may not directly enforce the same connection initiation rules.