Which two rules about interfaces are valid when implementing a Zone-Based Policy Firewall? (Choose two.)

Last Updated on April 28, 2021 by Admin

Which two rules about interfaces are valid when implementing a Zone-Based Policy Firewall? (Choose two.)

  • If neither interface is a zone member, then the action is to pass traffic.
  • If one interface is a zone member, but the other is not, all traffic will be passed.
  • If both interfaces belong to the same zone-pair and a policy exists, all traffic will be passed.
  • If both interfaces are members of the same zone, all traffic will be passed.
  • If one interface is a zone member and a zone-pair exists, all traffic will be passed.
    Answers Explanation & Hints:
    The rules for traffic transiting through the router are as follows:If neither interface is a zone member, then the resulting action is to pass the traffic.
    If both interfaces are members of the same zone, then the resulting action is to pass the traffic.
    If one interface is a zone member, but the other is not, then the resulting action is to drop the traffic regardless of whether a zone-pair exists.
    If both interfaces belong to the same zone-pair and a policy exists, then the resulting action is inspect, allow, or drop as defined by the policy.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments