Which of the following types of firewalls provide the GREATEST degree and granularity of control?

A.
Screening router

B.
Packet filter

C.
Application gateway

D.
Circuit gateway

Explanation:
The application gateway is similar to a circuit gateway, but it has specific proxies for each service. To handle
web services, it has an HTTP proxy that acts as an intermediary between externals and internals, but is
specifically for HTTP. This means that it not only checks the packet IP addresses (layer 3) and the ports it is
directed to (in this case port 80, or layer 4), it also checks every HTTP command (layers 5 and 7). Therefore, it
works in a more detailed (granularity) way than the others. Screening router and packet filter (choices A and BJ
work at the protocol, service and/or port level. This means that they analyze packets from layers 3 and 4, and
not from higher levels. A circuit gateway (choice D) is based on a proxy or program that acts as an intermediarybetween external and internal accesses. This means that during an external access, instead of opening a
single connection to the internal server, two connections are established-one from the external server to the
proxy(which conforms the circuit-gateway) and one from the proxy to the internal server. Layers 3 and 4 (IP and
TCP) and some general features from higher protocols are used to perform these tasks.