When an inbound Internet-traffic ACL is being implemented, what should be included to prevent the spoofing of internal networks?

May 10, 2021 Last Updated: Aug 12, 2022 No Comments
Tweet Share Pin it
IT Questions BankCategory: CCNA SecurityWhen an inbound Internet-traffic ACL is being implemented, what should be included to prevent the spoofing of internal networks?

When an inbound Internet-traffic ACL is being implemented, what should be included to prevent the spoofing of internal networks?

  • ACEs to prevent traffic from private address spaces
  • ACEs to prevent broadcast address traffic
  • ACEs to prevent ICMP traffic
  • ACEs to prevent HTTP traffic
  • ACEs to prevent SNMP traffic

Explanation: Common ACEs to assist with antispoofing include blocking packets that have a source address in the 127.0.0.0/8 range, any private address, or any multicast addresses. Furthermore, the administrator should not allow any outbound packets with a source address other than a valid address that is used in the internal networks of the organization.

Exam with this question: CCNA Security Chapter 4 Exam Answers
Exam with this question: Network Security Final Exam Answers
Exam with this question: Checkpoint Exam: Firewalls, Cryptography, and Cloud Security Answers

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x