I'm studying for the CompTIA Security+ exam and I'm reading material on SPI firewalls or Stateful Packet Inspection. One aspect that I'm having a little of trouble grasping is at what layer(s) does SPI work at? I went online and found Layer 3 but other sources say its Layer 3 and Layer 4. I was wondering if someone could clarify and point me to some definite sources where I can find this information like Cisco's site or some other reputable networking company. Thanks in advance experts.