Harold wants to allow FTP-PUT; which firewall would be most appropriate?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Enhance your knowledge as a Computer Hacking Forensic Investigator with the CHFI v11 Test. Use flashcards and multiple-choice questions, complete with hints and detailed explanations, to prepare effectively and ace your exam!

Multiple Choice

Harold wants to allow FTP-PUT; which firewall would be most appropriate?

Explanation:
Understanding FTP requires more than just opening a port: it uses a control connection to send commands and a separate data connection that negotiates dynamically, especially for operations like uploading a file (PUT). To allow a PUT securely and reliably, a firewall needs to understand the FTP protocol and mediate those connections. An Application-Level Proxy Firewall sits at the application layer and acts as an FTP-aware gateway. It terminates the FTP control connection, interprets commands like PUT, and manages the corresponding data connection as needed. This allows it to enforce policy precisely for file uploads, permitting the operation while controlling how the data channel is opened and used. In contrast, a packet-filtering firewall only looks at basic IP/port information and cannot enforce FTP command behavior; it would either need wide port openings or risk allowing unintended data transfers. A circuit-level proxy can supervise TCP sessions but does not parse FTP commands, so it can’t guarantee that a PUT operation is handled according to policy. A data link layer firewall operates at layer 2 and has no awareness of FTP at all, making it unsuitable for controlling FTP actions. So, the best choice is an Application-Level Proxy Firewall because it understands FTP and can enforce the upload operation securely.

Understanding FTP requires more than just opening a port: it uses a control connection to send commands and a separate data connection that negotiates dynamically, especially for operations like uploading a file (PUT). To allow a PUT securely and reliably, a firewall needs to understand the FTP protocol and mediate those connections.

An Application-Level Proxy Firewall sits at the application layer and acts as an FTP-aware gateway. It terminates the FTP control connection, interprets commands like PUT, and manages the corresponding data connection as needed. This allows it to enforce policy precisely for file uploads, permitting the operation while controlling how the data channel is opened and used. In contrast, a packet-filtering firewall only looks at basic IP/port information and cannot enforce FTP command behavior; it would either need wide port openings or risk allowing unintended data transfers. A circuit-level proxy can supervise TCP sessions but does not parse FTP commands, so it can’t guarantee that a PUT operation is handled according to policy. A data link layer firewall operates at layer 2 and has no awareness of FTP at all, making it unsuitable for controlling FTP actions.

So, the best choice is an Application-Level Proxy Firewall because it understands FTP and can enforce the upload operation securely.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy