Computer Science Engineering (CSE) Exam > Computer Science Engineering (CSE) Questions > A layer-4 firewall (a device that can look at...
Start Learning for Free
A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOT
- a)block entire HTTP traffic during 9:00PM and 5:00AM
- b)block all ICMP traffic
- c)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP address
- d)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AM
Correct answer is option 'D'. Can you explain this answer?
| FREE This question is part of | Download PDF Attempt this Test |
Verified Answer
A layer-4 firewall (a device that can look at all protocol headers up ...
Answer is (D).
(A) It is POSSIBLE to block "entire" HTTP traffic by blocking all the traffic on port number 80 Since here we DON'T need to check anything that is application layer specific. We only need to block port no 80 for
required time span.
(B) & (C) are fairly possible to achieve.
(D) However (D) is not possible to achieve although the service uses TCP at transport layer. But see the question. We dont need to block entire TCP traffic so we cant block any specific PORT number. Also it is given
that IT IS MULTI- USER System and so many user may be using same port for communication. Therefore blocking that port would block all the users WHILE we want a specific user. So how to do that. To do so we
need Application layer specific information of the user like user_id type of things which cant be checked as it is 4-layer firewall.
So it is not possible to allow other users and block some specific at the same time using a 4-layer firewall (unless they all be using different port numbers which we actually cant predict).
(A) It is POSSIBLE to block "entire" HTTP traffic by blocking all the traffic on port number 80 Since here we DON'T need to check anything that is application layer specific. We only need to block port no 80 for
required time span.
(B) & (C) are fairly possible to achieve.
(D) However (D) is not possible to achieve although the service uses TCP at transport layer. But see the question. We dont need to block entire TCP traffic so we cant block any specific PORT number. Also it is given
that IT IS MULTI- USER System and so many user may be using same port for communication. Therefore blocking that port would block all the users WHILE we want a specific user. So how to do that. To do so we
need Application layer specific information of the user like user_id type of things which cant be checked as it is 4-layer firewall.
So it is not possible to allow other users and block some specific at the same time using a 4-layer firewall (unless they all be using different port numbers which we actually cant predict).
Most Upvoted Answer
A layer-4 firewall (a device that can look at all protocol headers up ...
Explanation:
Layer-4 Firewall Limitations:
1. Blocking entire HTTP traffic during 9:00PM and 5:00AM: A layer-4 firewall can inspect up to the transport layer (Layer 4) which includes TCP and UDP headers. HTTP operates at the application layer (Layer 7) and therefore, a layer-4 firewall cannot block entire HTTP traffic based on time criteria.
2. Blocking all ICMP traffic: A layer-4 firewall can filter based on ports and IP addresses, but ICMP traffic does not operate at the transport layer. It operates at the network layer (Layer 3) and therefore, a layer-4 firewall cannot block all ICMP traffic.
3. Stopping incoming traffic from specific IP address but allow outgoing traffic: Layer-4 firewalls can control traffic based on IP addresses and ports. So, it is possible to configure the firewall to block incoming traffic from a specific IP address while allowing outgoing traffic to the same IP address.
4. Blocking TCP traffic from a specific user on a multi-user system during specific times: A layer-4 firewall can filter based on IP addresses and ports, but it cannot distinguish traffic based on individual users on a multi-user system. Therefore, it cannot block TCP traffic from a specific user during specific times.
In conclusion, a layer-4 firewall has limitations in terms of inspecting traffic beyond the transport layer, which restricts its capability to perform certain actions like blocking specific users on a multi-user system.
Layer-4 Firewall Limitations:
1. Blocking entire HTTP traffic during 9:00PM and 5:00AM: A layer-4 firewall can inspect up to the transport layer (Layer 4) which includes TCP and UDP headers. HTTP operates at the application layer (Layer 7) and therefore, a layer-4 firewall cannot block entire HTTP traffic based on time criteria.
2. Blocking all ICMP traffic: A layer-4 firewall can filter based on ports and IP addresses, but ICMP traffic does not operate at the transport layer. It operates at the network layer (Layer 3) and therefore, a layer-4 firewall cannot block all ICMP traffic.
3. Stopping incoming traffic from specific IP address but allow outgoing traffic: Layer-4 firewalls can control traffic based on IP addresses and ports. So, it is possible to configure the firewall to block incoming traffic from a specific IP address while allowing outgoing traffic to the same IP address.
4. Blocking TCP traffic from a specific user on a multi-user system during specific times: A layer-4 firewall can filter based on IP addresses and ports, but it cannot distinguish traffic based on individual users on a multi-user system. Therefore, it cannot block TCP traffic from a specific user during specific times.
In conclusion, a layer-4 firewall has limitations in terms of inspecting traffic beyond the transport layer, which restricts its capability to perform certain actions like blocking specific users on a multi-user system.
Attention Computer Science Engineering (CSE) Students!
To make sure you are not studying endlessly, EduRev has designed Computer Science Engineering (CSE) study material, with Structured Courses, Videos, & Test Series. Plus get personalized analysis, doubt solving and improvement plans to achieve a great score in Computer Science Engineering (CSE).
|
Explore Courses for Computer Science Engineering (CSE) exam
|
|
Top Courses for Computer Science Engineering (CSE)View all
A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer?
Question Description
A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer? for Computer Science Engineering (CSE) 2024 is part of Computer Science Engineering (CSE) preparation. The Question and answers have been prepared according to the Computer Science Engineering (CSE) exam syllabus. Information about A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer? covers all topics & solutions for Computer Science Engineering (CSE) 2024 Exam. Find important definitions, questions, meanings, examples, exercises and tests below for A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer?.
A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer? for Computer Science Engineering (CSE) 2024 is part of Computer Science Engineering (CSE) preparation. The Question and answers have been prepared according to the Computer Science Engineering (CSE) exam syllabus. Information about A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer? covers all topics & solutions for Computer Science Engineering (CSE) 2024 Exam. Find important definitions, questions, meanings, examples, exercises and tests below for A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer?.
Solutions for A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer? in English & in Hindi are available as part of our courses for Computer Science Engineering (CSE).
Download more important topics, notes, lectures and mock test series for Computer Science Engineering (CSE) Exam by signing up for free.
Here you can find the meaning of A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer? defined & explained in the simplest way possible. Besides giving the explanation of
A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer?, a detailed solution for A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer? has been provided alongside types of A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer? theory, EduRev gives you an
ample number of questions to practice A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOTa)block entire HTTP traffic during 9:00PM and 5:00AMb)block all ICMP trafficc)stop incoming traffic from specific IP address but allow outgoing traffic to the same IP addressd)block TCP traffic from a specific user on a multi-user system during 9:00PM to 5:00AMCorrect answer is option 'D'. Can you explain this answer? tests, examples and also practice Computer Science Engineering (CSE) tests.
|
|
Explore Courses for Computer Science Engineering (CSE) exam
|
|
Suggested Free Tests
Signup for Free!
Signup to see your scores go up within 7 days! Learn & Practice with 1000+ FREE Notes, Videos & Tests.
|
© EduRev
|
Education Revolution
|
Follow Us
|
Signup to see your scores
go up within 7 days!
Access 1000+ FREE Docs, Videos and Tests
Takes less than 10 seconds to signup