Security appliance for basic network connectivity
These questions are derived from the Self Test Software Practice Test for Cisco exam #642-522 – Securing Networks with PIX and ASA.
Objective Sequence: Install and configure a security appliance for basic network connectivity
SubObjective Sequence: Describe the Security Appliance hardware and software architecture
Single Answer, Multiple Choice
Which firewall technology is used by the Cisco PIX security appliance?
- Packet Filtering
- Proxy server
- Stateful packet filtering
- Algorithm filtering
C. Stateful packet filtering
The Cisco PIX security appliance uses Stateful packet filtering. There are three types of firewall operations, Packet filtering, Proxy server, and Stateful packet filtering.
A Packet filtering firewall limits the access based on source and destination address; therefore, it is not considered secure.
A proxy server provides access through application programs which are the proxies running on the gateway. A stateful filtering firewall is used by Cisco security appliances. This method maintains complete session information in the Stateful session flow table for every TCP or UDP inbound or outbound connection. If the appropriate session exists, then only flow of data is permitted through the firewall and this flow should be permitted / validated by the security policy.
There is no firewall technology named Algorithm filtering. Therefore, this is an invalid option.
CCSP SNPA Official Exam Certification Guide, Third Edition, Chapter 2, pp. 27-31.