adplus-dvertising
frame-decoration

Question

A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOT

a.

block entire HTTP traffic during 9:00PM and 5 :0OAM

b.

block all ICMP traffic

c.

stop incoming traffic from a specific IP address but allow outgoing traffic to the same IP address

d.

block TCP traffic from a specific user on a multi-user system during 9:00PM and 5:00AM

Answer: (d).block TCP traffic from a specific user on a multi-user system during 9:00PM and 5:00AM

Engage with the Community - Add Your Comment

Confused About the Answer? Ask for Details Here.

Know the Explanation? Add it Here.

Q. A layer-4 firewall (a device that can look at all protocol headers up to the transport layer) CANNOT

Similar Questions

Discover Related MCQs

Q. While opening a TCP connection, the initial sequence number is to be derived using a time-of-day(ToD) clock that keeps running even when the host is down. The low order 32 bits of the counter of the ToD clock is to be used for the initial sequence numbers. The clock counter increments once per millisecond. The maximum packet lifetime is given to be 64s. Which one of the choices given below is closest to the minimum permissible rate at which sequence numbers used for packets of a connection can increase?

Q. Which of the following system calls results in the sending of SYN packets?

Q. In the slow start phase of the TCP congestion control algorithm, the size of the congestion window

Q. Which one of the following uses UDP as the transport protocol?

Q. Let the size of congestion window of a TCP connection be 32 KB when a timeout occurs. The round trip time of the connection is 100 msec and the maximum segment size used is 2 KB. The time taken (in msec) by the TCP connection to get back to 32 KB congestion window is _________.

Q. Which one of the following socket API functions converts an unconnected active TCP socket into a passive socket.

Q. Packets of the same session may be routed through different paths in

Q. The maximum window size for data transmission using the selective reject protocol with n-bit frame sequence numbers is:

Q. Which of the following functionalities must be implemented by a transport protocol over and above the network protocol ?

Q. Which of the following is not true about User Datagram Protocol in transport layer?

Q. Suppose two hosts use a TCP connection to transfer a large file. Which of the following statements is/are False with respect to the TCP connection?

1. If the sequence number of a segment is m, then the sequence
number of the subsequent segment is always m+1.
2. If the estimated round trip time at any given point of time
is t sec, the value of the retransmission timeout is always
set to greater than or equal to t sec.
3. The size of the advertised window never changes during the
course of the TCP connection.
4. The number of unacknowledged bytes at the sender is always
less than or equal to the advertised window

Q. A link has a transmission speed of 10^6 bits/sec. It uses data packets of size 1000 bytes each. Assume that the acknowledgment has negligible transmission delay, and that its propagation delay is the same as the data propagation delay. Also assume that the processing delays at nodes are negligible. The efficiency of the stop-and-wait protocol in this setup is exactly 25%. The value of the one-way propagation delay (in milliseconds) is ___________.

Q. Identify the correct order in which a server process must invoke the function calls accept, bind, listen, and recv according to UNIX socket API.

Q. Assume that the bandwidth for a TCP connection is 1048560 bits/sec. Let α be the value of RTT in milliseconds (rounded off to the nearest integer) after which the TCP window scale option is needed. Let β be the maximum possible window size with window scale option. Then the values of α and β are

Q. Consider the following statements.

I. TCP connections are full duplex.
II. TCP has no option for selective acknowledgment
III. TCP connections are message streams.

Q. Consider a network connecting two systems located 8000 kilometers apart. The bandwidth of the network is 500 × 10^6 bits per second. The propagation speed of the media is 4 × 10^6 meters per second. It is needed to design a Go-Back-N sliding window protocol for this network. The average packet size is 10^7 bits. The network is to be used to its full capacity. Assume that processing delays at nodes are negligible. Then, the minimum size in bits of he sequence number field has to be ________.

Q. On a TCP connection, current congestion window size is Congestion Window = 4 KB. The window size advertised by the receiver is Advertise Window = 6 KB. The last byte sent by the sender is LastByteSent = 10240 and the last byte acknowledged by the receiver is LastByteAcked = 8192. The current window size at the sender is  

Q. For a host machine that uses the token bucket algorithm for congestion control, the token bucket has a capacity of 1 megabyte and the maximum output rate is 20 megabytes per second. Tokens arrive at a rate to sustain output at a rate of 10 megabytes per second. The token bucket is currently full and the machine needs to send 12 megabytes of data. The minimum time required to transmit the data is _________________ seconds.

Q. Consider the following statements about the timeout value used in TCP. i. The timeout value is set to the RTT (Round Trip Time) measured during TCP connection establishment for the entire duration of the connection. ii. Appropriate RTT estimation algorithm is used to set the timeout value of a TCP connection. iii. Timeout value is set to twice the propagation delay from the sender to the receiver. Which of the following choices hold?

Q. Consider a TCP connection in a state where there are no outstanding ACKs. The sender sends two segments back to back. The sequence numbers of the first and second segments are 230 and 290 respectively. The first segment was lost, but the second segment was received correctly by the receiver. Let X be the amount of data carried in the first segment (in bytes), and Y be the ACK number sent by the receiver. The values of X and Y (in that order) are