Correct Answer - Option 4 : block TCP traffic from a specific user on a multi-user system during 9:00 PM and 5:00 AM
The correct answer is option 4:
Since it is Layer-4 Firewall so it includes the layers → Physical Layer, Data Link Layer, Network Layer as well as Transport Layer
Allow → Transport Layer or those layers who comes below transport Layer
Not Allow → Application Layer
Option 1: Transport Layer specific
It is possible to block entire traffic by blocking all the traffic on port number 80. so, here don't need to check anything that it is application layer specific or not. we only need to block port number 80 for the required time interval.
Option 2: Network Layer specific
ICMP is a network layer protocol that comes below the transport layer
Option 3: Network Layer specific
IP addresses are used in the network layer, which below the transport layer.
Option 4: Application Layer specific
In this option given that it is a multi-user system, so many users use the same port for communication because of this we can't block any specific port number. if we block a specific port number, all the users also blocked who is using that port number for communication. while we want to block a specific user, so how to do this. We need application layer-specific information of the user like user_id type of things that can't be checked as it is a 4-layer firewall. so it is not possible to allow other users and block some specific at the same time using a 4-layer firewall.
