Which term describes firewall technology that includes application awareness, user-based filtering, and intrusion prevention, with cloud inspection capabilities?

• A. Load balancer
• B. Unified threat management (UTM)
• C. Intrusion detection system (IDS)
• D. Next-generation firewall (NGFW)

Answer: (D)

Focusing on a firewall that understands applications, enforces policies by user identity, blocks threats inline, and can extend inspection to cloud environments points to a next-generation firewall. This type of device moves beyond basic port-based filtering by recognizing application traffic, enabling policies tied to who the user is, and integrating intrusion prevention to stop attacks as traffic passes through. The cloud inspection capability reflects the modern need to monitor and secure traffic that travels to and from cloud services, not just behavior on-premises. The other options don’t combine all of these elements: a load balancer primarily distributes traffic; a unified threat management device may bundle several security features but often doesn’t emphasize deep application awareness, strict user-based controls, and scalable cloud inspection; an intrusion detection system watches for threats but doesn’t enforce policies or provide inline blocking.