Certified Ethical Hacker 312-50v10 – Question204

A penetration test was done at a company. After the test, a report was written and given to the companys IT authorities. A section from the report is shown below:

Access List should be written between VLANs.
Port security should be enabled for the intranet.
A security solution which filters data packets should be set between intranet (LAN) and DMZ.
A WAF should be used in front of the web applications.
According to the section from the report, which of the following choice is true?

A stateful firewall can be used between intranet (LAN) and DMZ.
B. There is access control policy between VLANs.
C. MAC Spoof attacks cannot be performed.
D. Possibility of SQL Injection attack is eliminated.

Correct Answer: A