Which Firewall Tracks Active Connections?

C.

The firewall that can track the state of active connections of the network and then determine which network packets are allowed to enter through the firewall is the stateful packet inspection firewall. Therefore, the correct answer to this question is A.

A stateful packet inspection firewall, also known as a dynamic packet-filtering firewall, is a type of firewall that keeps track of the state of network connections by examining the contents of each packet that passes through the firewall. This type of firewall analyzes the traffic at the network and transport layers of the OSI model and compares it against a set of predefined rules to determine whether to allow or block the traffic.

Stateful packet inspection firewalls maintain a state table that keeps track of the state of each active network connection. When a packet passes through the firewall, the firewall checks the state table to determine whether the packet belongs to an existing connection. If the packet belongs to an existing connection, the firewall allows the packet to pass through. If the packet does not belong to an existing connection or violates any of the predefined rules, the firewall blocks the packet.

The other three types of firewalls mentioned in the question are:

• Proxy-based firewalls: These firewalls act as intermediaries between the user and the target server. They can inspect and modify the traffic passing through them, but they do not track the state of network connections.
• Dynamic packet-filtering firewalls: These firewalls use rules to determine which packets are allowed to pass through them, but they do not maintain a state table to track the state of network connections.
• Application gateway firewalls: These firewalls operate at the application layer of the OSI model and can inspect the contents of application-level protocols such as HTTP and FTP. However, they do not track the state of network connections.