What can be determined about this Cisco IOS zone based firewall policy?

– by 0

Refer to the exhibit. Based on the show policy-map type inspect zone-pair session command output shown, what can be determined about this Cisco IOS zone based firewall policy?

640-554-implementing-cisco-ios-network-security-iins_img_164
Get Latest & Actual 640-554 Exam’s Question and Answers from Passleader.

640-554-implementing-cisco-ios-network-security-iins_img_004
http://www.passleader.com

640-554-implementing-cisco-ios-network-security-iins_img_001
A. All packets will be dropped since the class-default traffic class is matching all traffic.
B. This is an inbound policy (applied to traffic sourced from the less secured zone destined to the more secured zone).
C. This is an outbound policy (applied to traffic sourced from the more secured zone destined to the less secured zone).
D. Stateful packet inspection will be applied only to HTTP packets that also match ACL 110.
E. All non-HTTP traffic will be permitted to pass as long as it matches ACL 110.
F. All non-HTTP traffic will be inspected.

cisco-exams

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.