🛡️ Free practice test question from: Firewall Types (Security+)

Unified Threat Management (UTM) devices (A) integrate multiple security features into a single appliance, such as antivirus, intrusion detection, and more. While they offer comprehensive security, they may not provide the deep, application-level traffic control that NGFWs do.

Network-based firewalls operating at OSI layer 4 (B) focus on controlling traffic based on TCP/UDP port numbers and IP addresses. This is the traditional approach to firewalling, which the question aims to move beyond.

Next-Generation Firewalls (NGFW) (C) go beyond traditional port and protocol filtering by incorporating features like deep packet inspection, intrusion prevention systems (IPS), and application awareness. They operate at OSI layer 7 (the application layer), allowing them to make more granular and 'intelligent' decisions based on the specific applications and services in use, user identity, and other contextual information.

Web Application Firewalls (WAF) (D) are specialized firewalls designed to protect web applications by filtering and monitoring HTTP/HTTPS traffic. While they are sophisticated in their specific domain, they are not as broad in scope as NGFWs when it comes to general network traffic control.