Static packet filtering firewalls are limited to ________.

The key idea is that static packet filtering looks at packets in isolation, without any context or state about the connection or the application. It makes decisions based only on header information like source/destination IP, ports, and protocol, not on what the packet means within an ongoing conversation or within the application layer. Because of this lack of context, it can’t apply rules that depend on the state of a connection or on application-level behavior, which is why it’s limited. That’s why the correct description is inspecting packets in isolation from their context. The notion that it would rely on good application proxy rules isn’t accurate for static filtering, since such rules require understanding application semantics that static filtering doesn’t perform. The other choices combine or imply capabilities (like using application-layer proxies) that static packet filtering doesn’t provide.