Made easy mock

Question

Can a layer-3 firewall stop incoming packet from a specific host...???

Comments

yes i think it can. bcoz layer-3 fire wall contains n/w layer, it can see host ip addresses of packets..

---

S₁ : Digital signatures are verified using the signer’s public key.
S₂ : A layer-3 firewall can’t stop incoming traffic from a specific IP address.

Which of the following option(s) is correct?

A) Only S₁ is true

B) Only S₂ is true

C) Both S₁ and S₂ are true

D) Neither of S₁ or S₂ is true

in this question they are saying that only S1 is true...???

---

given answer is correct
layer-3 can stop specific host so S2 is false
S1 is true

Answer 1

It is possible to block incoming traffic from a specific host using Layer3 firewall. What they do is, usually we can program certain rules into the firewall device to match incoming packets based on their port number and ip address(which layer 3 firewall can read). whichever packets matched will be lifted to the network processor inside the device and preprogrammed actions will be applied. 

In this example we want to block all IP traffic originating from network 10.0.0.0/8 that is destined for network 192.168.1.0/24. However, we do not want to block traffic originating from network 192.168.1.0/24 that is destined for 10.0.0.0/8 or block either network from accessing other remote networks such as the Internet.

Answer 2

Yes it can stop!.

Layer 3 means it has PL,DLL,Network Layer

so it is able to stop specific network layer adresses

Comments

so there answer is wrong isn't it..??

---

Yes.wrong