You are assisting a Department of Defense contract company to become compliant with the stringent security
policies set by the DoD. One such strict rule is that firewalls must only allow incoming connections that were
first initiated by internal computers. What type of firewall must you implement to abide by this policy?
A.
Packet filtering firewall
B.
Circuit-level proxy firewall
C.
Application-level proxy firewall
D.
Stateful firewall
Firewall can be either Stateful or Stateless
Neither is really superior.
(1) Stateless firewall: faster and perform better under heavier traffic loads
(2) Stateful firewall: better at identifying unauthorized, forged communications
Stateless firewalls: watch network traffic, and restrict or block packets based on source and destination addresses or other static values, not ‘aware’ of traffic patterns or data flows.
Stateful firewalls: watch traffic streams from end to end, aware of communication paths and can implement various IP Security (IPsec) functions such as tunnels and encryption.
Source: https://www.inetdaemon.com/tutorials/information_security/devices/firewalls/stateful_vs_stateless_firewalls.shtml