What are two differences between stateful and stateless firewalls? (Choose two.)
- A stateless firewall is able to filter sessions that use dynamic port negotiations while a stateful firewall cannot.
- A stateless firewall will examine each packet individually while a stateful firewall observes the state of a connection.
- A stateless firewall will provide more logging information than a stateful firewall.
- A stateful firewall will prevent spoofing by determining whether packets belong to an existing connection while a stateless firewall follows pre-configured rule sets.
- A stateless firewall provides more stringent control over security than a stateful firewall.
Answers Explanation & Hints:
There are many differences between a stateless and stateful firewall.
Stateless firewalls:
are susceptible to IP spoofing
do not reliably filter fragmented packets
use complex ACLs, which can be difficult to implement and maintain
cannot dynamically filter certain services
examine each packet individually rather than in the context of the state of a connection
Stateful firewalls:
are often used as a primary means of defense by filtering unwanted, unnecessary, or undesirable traffic
strengthen packet filtering by providing more stringent control over security
improve performance over packet filters or proxy servers
defend against spoofing and DoS attacks by determining whether packets belong to an existing connection or are from an unauthorized source
provide more log information than a packet filtering firewall