Computer Hacking Forensic Investigator (CHFI v10) — Question 357

Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT. Which firewall would be most appropriate for Harold? needs?

Answer options

• A. Circuit-level proxy firewall
• B. Packet filtering firewall
• C. Application-level proxy firewall
• D. Data link layer firewall

Correct answer: C

Explanation

The Application-level proxy firewall is the correct choice because it can inspect and control specific application traffic, allowing only the FTP-PUT command while blocking others. The Circuit-level proxy firewall and Packet filtering firewall do not provide the granularity needed to filter FTP commands, and the Data link layer firewall operates at a different level, focusing on MAC addresses rather than application data.