ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A security engineer is configuring a host-based firewall on a legacy Windows application server. The service listens on TCP port 135 to negotiate Remote Procedure Call (RPC) sessions, then dynamically opens high-numbered ports for data transfer. The engineer wants to allow the response traffic on these ephemeral ports without broadly exposing them to the network. Which firewall feature is required to meet this goal while still blocking unsolicited inbound connections?
Inspecting packet payloads at the application layer for malicious signatures before forwarding
Filtering packets solely on fixed source and destination port numbers without tracking session context
Maintaining a state table that dynamically allows response packets belonging to an established outbound connection
Rewriting internal IP addresses and ports to public ones using network address translation (NAT)
Stateful inspection firewalls maintain a connection table that records the state of every allowed outbound session. When the server initiates an RPC session, the firewall notes the five-tuple of the connection and automatically permits the corresponding return traffic on whatever ephemeral port is negotiated, eliminating the need to pre-open large port ranges. Stateless packet filters lack this capability because they evaluate each packet in isolation based only on static rules, so they would require manual rules for every possible return port. Deep packet inspection focuses on payload content rather than connection state, and network address translation manipulates IP addresses but does not inherently track session state for security filtering.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is RPC and why does it use TCP port 135?
Open an interactive chat with Bash
What is a state table in a firewall, and how does it work?
Open an interactive chat with Bash
Why wouldn't stateless filtering work for RPC responses?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .