What does stateful packet filtering maintain to track connections?

Stateful packet filtering is an advanced firewall technology that maintains a state table to track active connections. This state table contains information about the characteristics of each connection, including the source and destination IP addresses, port numbers, and the current status of the connection (such as whether it is established, closing, or closed). By maintaining this state information, the firewall can make more informed decisions about which packets to allow or deny based on the context of an ongoing communication rather than simply examining each packet in isolation.

This approach enhances security because it enables the firewall to understand the state of the traffic flow and ensure that only packets belonging to valid, established connections are accepted. As a result, stateful packet filtering can effectively protect network resources from unauthorized access or potential attacks.

Other options focus on different aspects of packet filtering but do not accurately describe how stateful packet filtering operates. For example, while maintaining a log of denied packets can be useful for auditing, it does not provide the contextual awareness that the state table does. Similarly, a list of active sessions could imply a static snapshot rather than the dynamic state information tracked over time in a state table, and a history of traffic flow might refer to broader monitoring activities rather than the specific connection tracking that stateful firewalls perform