Which statement describes a factor to be considered when configuring a zone-based policy firewall?

IT Questions BankCategory: CCNA SecurityWhich statement describes a factor to be considered when configuring a zone-based policy firewall?

Which statement describes a factor to be considered when configuring a zone-based policy firewall?

  • The classic firewall ip inspect command can coexist with ZPF as long as it is used on interfaces that are in the same security zones.
  • The router always filters the traffic between interfaces in the same zone.
  • A zone must be configured with the zone security global command before it can be used in the zone-member security command.
  • An interface can belong to multiple zones.

Explanation: An interface cannot belong to multiple zones. A firewall never filters traffic between interfaces that have been configured for the same zone. The way that a zone-based policy firewall coexists with a class firewall configuration is that interfaces that are not members of a security zone can still have the classic firewall ip inspect command applied and operational.

More Questions: Module 10: Quiz – Zone-Based Firewalls Network Security
More Questions: CCNA Security Final Exam (CCNAS v1.2)
More Questions: Network Defense: Module 6.4.2 Zone-Based Firewalls Quiz


guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x