a. Why are SPI firewalls limited in their ability to detect attack packets? 27a.) SPI firewalls are
Question:
a. Why are SPI firewalls limited in their ability to detect attack packets?
27a.) SPI firewalls are being replaced in large part because they are limited in their ability to detect _______.
a. NAT
b. Piggybacking
c. Port spoofing
d. None of the above
b. How do NGFWs address this problem?
27b1.) Which type of firewall filtering collects streams of packets to analyze them as a group?
a. SPI
b. NGFW
c. Both A and B
d. Neither A nor B
27b2.) Which type of firewall filtering looks at application-layer content?
a. Stateful packet inspection
b. NGFW
c. Both A and B
d. Neither A nor B
27b3.) NGFWs ______.
a. Can implement different rules for different applications
b. Base server decisions on port numbers
c. Both A and B
d. Neither A nor B
c. Think of at least two specific examples of how application information can be used to increase security.
d. Why are NGFWs more expensive than SPI firewalls? (The answer is not in the text.)
27d.) Which type of firewall is more expensive per packet handled?
a. SPI
b. NGFW
c. Both A and B
d. Neither A nor B
Step by Step Answer:
Business Data Networks and Security
ISBN: 978-0134817125
11th Edition
Authors: Raymond R. Panko, Julia L. Panko