Which of the following statements BEST describes the role of a network firewall in protecting an organization from malware infections?
A properly configured firewall alone can block all malware, so additional security tools are unnecessary.
Firewalls primarily scan files on disk for malicious code and remove any malware found on endpoints.
A firewall filters traffic according to rule sets but must be supplemented by controls such as antivirus, IDS/IPS, and endpoint protection to defend effectively against malware.
Firewalls only control outbound traffic and therefore play no part in malware protection.
Firewalls are foundational controls that inspect and filter network traffic based on rule sets. While they can block some malicious connections, they typically cannot inspect every payload-especially traffic that is encrypted or disguised as legitimate-and therefore cannot stop all forms of malware on their own. Effective malware defense requires additional layers such as endpoint antivirus/EDR, intrusion detection or prevention systems, and security monitoring to detect, contain, and remediate threats that bypass or originate inside the firewall.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is IDS/IPS and how does it complement a firewall?
Open an interactive chat with Bash
Why can't firewalls inspect encrypted traffic for malware?
Open an interactive chat with Bash
What is endpoint protection, and how does it help mitigate malware threats?