Which statement describes a typical security policy for a DMZ firewall configuration?

IT Questions BankCategory: CCNA CyberOpsWhich statement describes a typical security policy for a DMZ firewall configuration?

Which statement describes a typical security policy for a DMZ firewall configuration?

  • Traffic that originates from the DMZ interface is selectively permitted to the outside interface.
  • Return traffic from the inside that is associated with traffic originating from the outside is permitted to traverse from the inside interface to the outside interface.
  • Return traffic from the outside that is associated with traffic originating from the inside is permitted to traverse from the outside interface to the DMZ interface.
  • Traffic that originates from the inside interface is generally blocked entirely or very selectively permitted to the outside interface.
  • Traffic that originates from the outside interface is permitted to traverse the firewall to the inside interface with few or no restrictions.

Explanation:
With a three interface firewall design that has internal, external, and DMZ connections, typical configurations include the following:
Traffic originating from DMZ destined for the internal network is normally blocked.
Traffic originating from the DMZ destined for external networks is typically permitted based on what services are being used in the DMZ.
Traffic originating from the internal network destined from the DMZ is normally inspected and allowed to return.
Traffic originating from external networks (the public network) is typically allowed in the DMZ only for specific services.

Exam with this question: CyberOps Associate (Version 1.0) - CyberOps Associate 1.0 Practice Final exam
Exam with this question: CCNA Security Chapter 4 Exam Answers
Exam with this question: Modules 8 - 10: ACLs and Firewalls Group Exam Answers
Exam with this question: Network Defense (NetDef) Course Final Exam Answers
Exam with this question: CCNA Security Chapter 4 Exam (CCNAS v1.2)

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x