Which feature is a potential security weakness of a traditional stateful firewall?

A.
It cannot ensure each TCP connection follows a legitimate TCP three-way handshake.

B.
It cannot detect application-layer attacks.

C.
It cannot support UDP flows.

D.
The status of TCP sessions is retained in the state table after the sessions terminate.

Explanation:
By definition, a stateful firewall constructs a state table which holds info from the
headers, including source/destination IP’s (layer 3) and port information (layer 4). It
particularly takes note of SYNs , RSTs , ACKs and FINs , and other control codes (layer
5). It does not inspect anything at layer 7, where malicious URL’s, buffer overflows,
unauthorized access, etc, can still wreak havoc.