Which of the following statement correctly describes difference between packet filtering firewall and stateful inspection firewall?

A. Packet filtering firewall do not maintain client session whereas Stateful firewall maintains client session.

B. Packet filtering firewall and Stateful firewall both maintain session of client.

C. Packet filtering firewall is a second generation firewall whereas Stateful is a first generation of firewall.

D. Packet filtering firewall and Stateful firewall do not maintain any session of client.

Packet Filtering Firewall

Also Known as First Generation Firewall

Do not maintain client session

The advantage of this type of firewall are simplicity and generally stable performance since the filtering rules are performed at the network layer.

Its simplicity is also disadvantage, because it is vulnerable to attack from improperly configured filters and attack tunneled over permitted services.

Some of the more common attack on packet filtering are IP Spoofing, Source Routing specification, Miniature fragment attack.

Stateful Inspection Firewall

A stateful inspection firewall keep track of the destination IP address of each packet that leaves the organizations internal network.

The session tracking is done by mapping the source IP address of incoming packet with the list of destination IP addresses that is maintained and updated

This approach prevent any attack initiated and originated by outsider.

The disadvantage includes stateful inspection firewall can be relatively complex to administer as compare to other firewall.

The following were incorrect answers:

All other choices presented were incorrect answers because they all had the proper definition.

The following reference(s) were/was used to create this question:

CISA review manual 2014 Page number 345 and 346