While conducting a penetration test, the tester determines that there is a firewall between the tester’s machine
and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the
OSI model. Which type of firewall is the tester trying to traverse?
A.
Packet filtering firewall
B.
Application-level firewall
C.
Circuit-level gateway firewall
D.
Stateful multilayer inspection firewall
LAME – EC-Council seems pretty ignorant on their taxonomy of firewall types. Anyone with a networking background will cringe at this.
For the context of this question, I interpret their terminology “Circuit-level” firewall to indicate a stateful (i.e. session aware) firewall. https://en.wikipedia.org/wiki/Stateful_firewall.
1990s called and want their firewall back
? A simple google search can tell you that circuit-level gateway firewalls specifically work at the session layer and that they ONLY monitor TCP handshaking… as the question specifies.
They are a stateful firewall in this sense, but they are still their own, seperate thing. All circuit-level firewalls are stateful, but not all stateful firewalls are circuit-level firewalls.