iSACA Cybersecurity Fundamentals Certification Practice Exam

What advantage does an application firewall system have over a packet-filtering firewall?

• A. Lower cost
• B. Fewer performance constraints
• C. Better protection by limiting packet exchanges
• D. Greater simplicity in configuration

The correct answer is: Better protection by limiting packet exchanges

An application firewall system provides better protection by limiting packet exchanges because it operates at a higher level in the OSI model compared to a packet-filtering firewall. While packet-filtering firewalls inspect packets at the transport layer and make decisions based on source and destination addresses, protocols, and ports, application firewalls examine the actual data within the packets. This allows them to enforce security policies based on the application layer data, which can include understanding specific commands and behaviors of applications, offering more granular control. By evaluating the context of the data, application firewalls can prevent attacks such as SQL injection, cross-site scripting, or other application-related threats that a packet-filtering firewall might miss. This capability to analyze the content allows for more sophisticated and effective security measures, making application firewalls particularly advantageous in defending against modern cyber threats that exploit application vulnerabilities. The other options may indicate different characteristics of firewall types but do not highlight the core benefit of enhanced security. For instance, while application firewalls might involve higher costs or increased performance constraints due to their intensive processing requirements, their primary advantage lies in their ability to deliver better security by thoroughly examining the data being transferred.