What is a benefit of using a next-generation firewall rather than a stateful firewall?
- reactive protection against Internet attacks
- granularity control within applications
- support of TCP-based packet filtering
- support for logging
Explanation: Stateful and next-generation firewalls provide better log information than packet filtering firewalls. Both stateful and next-generation firewalls defend against spoofing by filtering unwanted traffic. However, next-generation firewalls provide the following benefits over stateful firewalls:
- Granularity control within applications
- Website and application traffic filtering based on site reputation
- Proactive rather than reactive protection from Internet threat
- Enforcement of security policies based on multiple criteria
- Improved performance with NAT, VPN, and stateful inspections
- Integrated IPS
Exam with this question: CCNA Security Final Exam Answers
Please login or Register to submit your answer