GIAC Security Essentials Certification (GSEC) — Question 49

Which common firewall feature can be utilized to generate a forensic trail of evidence and to identify attack trends against your network?

Answer options

• A. NAT
• B. State Table
• C. Logging
• D. Content filtering

Correct answer: C

Explanation

The correct answer is C, Logging, as it allows for the collection and storage of data about network traffic, which can be analyzed to identify trends and forensic evidence of attacks. NAT is primarily for address translation, the State Table tracks active sessions, and Content filtering is used to control data flow rather than record it.