ISCW - Cisco press questions from book
Question 4 in chapter 21 in the ISCW cisco press book says:
What type of firewall is best used when only UDP is used for access?
A) Packet filter
Authentication proxy
c) ALG
d) Stateful packet filter
From the info on page 527
"A stateful packet filter treats each protocl in unique fashion......... However UDP does not have a sequence number so thi9s menthod cannot be used and the filter revers to stateless mode for those UDP packets"
So based on this info, i though the answer would be A, packet filter
Answer in book says D.
Why exactly???
What type of firewall is best used when only UDP is used for access?
A) Packet filter
Authentication proxyc) ALG
d) Stateful packet filter
From the info on page 527
"A stateful packet filter treats each protocl in unique fashion......... However UDP does not have a sequence number so thi9s menthod cannot be used and the filter revers to stateless mode for those UDP packets"
So based on this info, i though the answer would be A, packet filter
Answer in book says D.
Why exactly???
CCIE# 38186
showroute.net
showroute.net
Comments
-
dtlokee
Member Posts: 2,378 ■■■■□□□□□□
Not all UDP based prtocols are treated as stateless when using a stateful firewall, that statement in the book isn't entirely accurate. There is no way to use just the L3-L4 infirmation to track the state of the session like TCP but many firewalls will use L4-L7 to track the session. DNS is a good example because the exchange between client and server is easy to track, and one query should only have one response.The only easy day was yesterday!