Rebecca wishes to control how data can flow into and out of her network. She spoke to her boss about problems the office is experiencing with data flow. He took it upon himself to purchase a program, but the program cannot prevent attacks that employ application-specific vulnerabilities. What did the boss purchase?
Explanation
Answer: D - A security method of controlling what data can flow into and out of a network, but fails to prevent attacks that employ application-specific vulnerabilities, is a packet-filtering firewall. Packet filtering takes place by using ACLs, which are developed and applied to devices. The filtering is based on network layer information, which means the device cannot look too far into the packet itself. It can make decisions based on header information only. Packet-filtering firewalls do not keep track of the state of a connection like stateful-inspection firewalls. The problems with packet-filtering firewalls include the fact that logging functionality present in packet-filtering firewalls is limited, most do not support advanced user authentication schemes, and many cannot detect a net packet in with the OSI layer 3 addressing information has been altered. However, these weaknesses are mainly due to this being a first generation firewall.
