What are two differences between stateful and packet filtering firewalls? (Choose two.)

What are two differences between stateful and packet filtering firewalls? (Choose two.)

• A packet filtering firewall will prevent spoofing by determining whether packets belong to an existing connection while a stateful firewall follows pre-configured rule sets.
• A stateful firewall provides more stringent control over security than a packet filtering firewall.
• A packet filtering firewall is able to filter sessions that use dynamic port negotiations while a stateful firewall cannot.
• A stateful firewall will provide more logging information than a packet filtering firewall.
• A statefull firewall will examine each packet individually while a packet filtering firewall observes the state of a connection.

Explanation: There are many differences between a stateless and stateful firewall.
Stateless firewalls (packet filtering firewalls):
- are susceptible to IP spoofing
- do not reliably filter fragmented packets
- use complex ACLs, which can be difficult to implement and maintain
- cannot dynamically filter certain services
- examine each packet individually rather than in the context of the state of a connection

Stateful firewalls:
- are often used as a primary means of defense by filtering unwanted, unnecessary, or undesirable traffic
- strengthen packet filtering by providing more stringent control over security
- improve performance over packet filters or proxy servers
- defend against spoofing and DoS attacks by determining whether packets belong to an existing connection or are from an unauthorized source
- provide more log information than a packet filtering firewall

Exam with this question: Network Security Final Exam Answers