Refer to the exhibit. A router is configured with a zone-based policy firewall as shown. Which two statements describe how traffic between the LAN and external hosts will be processed? (Choose two.)

Refer to the exhibit. A router is configured with a zone-based policy firewall as shown. Which two statements describe how traffic between the LAN and external hosts will be processed? (Choose two.)

• Any traffic originating from the EXTERNAL zone is inspected and permitted into the LAN zone.
• Traffic originating from the LAN zone that matches the HTTP, HTTPS, or DNS protocols is inspected and permitted.
• HTTP, HTTPS and DNS traffic destined for the router itself is not permitted by this policy.
• All HTTP, HTTPS, and DNS responses originating from the EXTERNAL zone destined for the LAN zone are dropped.
• All traffic sourced from the LAN zone that does not match the HTTP, HTTPS, or DNS protocols is dropped.

Explanation: HTTP, HTTPS, and DNS traffic sourced from the LAN zone and destined for the EXTERNAL zone will be inspected. Traffic sourced from the EXTERNAL zone and destined for the LAN zone will only be allowed if it is part of sessions originally initiated by LAN zone hosts. Also, notice thethat will drop all other traffic that is not a member of the WEB-TRAFFIC class. Traffic to and from the router is not affected unless the zone pairs are configured using the predefined self zone.

Exam with this question: Cybersecurity Pathway Final Exam Answers