iSACA Cybersecurity Fundamentals Certification Practice Exam

Which type of firewall works at the application level of the OSI model?

• A. Packet-filtering firewall
• B. Stateful inspection firewall
• C. Application firewall systems
• D. Dual-homed firewall

The correct answer is: Application firewall systems

The type of firewall that operates at the application level of the OSI model is an application firewall system. This firewall examines the data being transmitted in the context of the application layer, allowing it to enforce policies based on specific application protocols such as HTTP, FTP, or DNS. By inspecting the actual content of the communications, application firewalls can identify malicious payloads embedded within benign-looking traffic and can apply more granular controls compared to other types of firewalls. Application firewalls are capable of making decisions based not only on the source and destination IP addresses and ports but also on the specifics of the application data itself. This enables them to more effectively monitor, block, or allow traffic based on the behavior of applications in use, as well as to prevent application-level attacks such as SQL injection or cross-site scripting. In contrast, packet-filtering firewalls operate at the network layer and examine packets individually without keeping track of the state of connections. Stateful inspection firewalls also work primarily at the transport layer and maintain context about network connections; however, they do not analyze the application data in detail. Dual-homed firewalls can provide additional protection by having two different network interfaces but are generally not defined by their operation at an application level. Thus, application firewall