PrepAway - Latest Free Exam Questions & Answers

Which two options are advantages of an application layer firewall?

Which two options are advantages of an application layer firewall? (Choose two.)

PrepAway - Latest Free Exam Questions & Answers

A.
provides high-performance filtering

B.
makes DoS attacks difficult

C.
supports a large number of applications

D.
authenticates devices

E.
authenticates individuals

Explanation:
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_white_paper09
00aecd8058ec85.html
Adding Intrusion Prevention
Gartner’s definition of a next-generation firewall is one that combines firewall filtering and intrusion
prevention systems (IPSs). Like firewalls, IPSs filter packets in real time. But instead of filtering
based on user profiles and application policies, they scan for known malicious patterns in incoming
code, called signatures. These signatures indicate the presence of malware, such as worms,
Trojan horses, and spyware.
Malware can overwhelm server and network resources and cause denial of service (DoS) to
internal employees, external Web users, or both. By filtering for known malicious signatures, IPSs
add an extra layer of security to firewall capabilities; once the malware is detected by the IPS, the
system will block it from the network.
Firewalls provide the first line of defense in any organization’s network security infrastructure.

They do so by matching corporate policies about users’ network access rights to the connection
information surrounding each access attempt. If the variables don’t match, the firewall blocks the
access connection. If the variables do match, the firewall allows the acceptable traffic to flow
through the network.
In this way, the firewall forms the basic building block of an organization’s network security
architecture. It pays to use one with superior performance to maximize network uptime for
business-critical operations. The reason is that the rapid addition of voice, video, and collaborative
traffic to corporate networks is driving the need for firewall engines that operate at very high
speeds and that also support application-level inspection. While standard Layer 2 and Layer 3
firewalls prevent unauthorized access to internal and external networks, firewalls
enhanced with application-level inspection examine, identify, and verify application types at Layer
7 to make sure unwanted or misbehaving application traffic doesn’t join the network. With these
capabilities, the firewall can enforce endpoint user registration and authentication and provide
administrative control over the use of multimedia applications.


Leave a Reply