What are two benefits of using a ZPF rather than a Classic Firewall? (Choose two.)
- ZPF allows interfaces to be placed into zones for IP inspection.
- The ZPF is not dependent on ACLs.
- Multiple inspection actions are used with ZPF.
- ZPF policies are easy to read and troubleshoot.
- With ZPF, the router will allow packets unless they are explicitly blocked.
Explanation: There are several benefits of a ZPF:
- It is not dependent on ACLs.
- The router security posture is to block unless explicitly allowed.
- Policies are easy to read and troubleshoot with C3PL.
- One policy affects any given traffic, instead of needing multiple ACLs and inspection actions.
In addition, an interface cannot be simultaneously configured as a security zone member and for IP inspection.
Exam with this question: CCNA Security Final Exam Answers
Exam with this question: Network Security 1.0 Final Exam Answers
Exam with this question: Checkpoint Exam: Firewalls, Cryptography, and Cloud Security Answers
Please login or Register to submit your answer