When an inbound Internet-traffic ACL is being implemented, what should be included to prevent the spoofing of internal networks?
- ACEs to prevent traffic from private address spaces
- ACEs to prevent broadcast address traffic
- ACEs to prevent ICMP traffic
- ACEs to prevent HTTP traffic
- ACEs to prevent SNMP traffic
Explanation: Common ACEs to assist with antispoofing include blocking packets that have a source address in the 127.0.0.0/8 range, any private address, or any multicast addresses. Furthermore, the administrator should not allow any outbound packets with a source address other than a valid address that is used in the internal networks of the organization.
Exam with this question: CCNA Security Chapter 4 Exam Answers
Exam with this question: Network Security Final Exam Answers
Exam with this question: Checkpoint Exam: Firewalls, Cryptography, and Cloud Security Answers
Please login or Register to submit your answer