What is a valid implicit permit rule for traffic that is traversing the ASA firewall?
A. Unicast IPv4 traffic from a higher security interface to a lower security interface is permitted in routed mode only.
B. Unicast IPv6 traffic from a higher security interface to a lower security interface is permitted in transparent mode only.
C. Only BPDUs from a higher security interface to a lower security interface are permitted in transparent mode.
D. ARPs in both directions are permitted in transparent mode only.
E. Only BPDUs from a higher security interface to a lower security interface are permitted in routed mode.
A is not correct. The correct answer is D. As you can see below both IPv4 and IPv6 allow traffic from a higher interface to a lower interface in both routed and transparent mode. ARP is not allowed in routed mode. Therefore D is the correct answer.
Implicit Permits
For routed mode, the following types of traffic are allowed through by default:
Unicast IPv4 traffic from a higher security interface to a lower security interface.
Unicast IPv6 traffic from a higher security interface to a lower security interface.
For transparent mode, the following types of traffic are allowed through by default:
Unicast IPv4 traffic from a higher security interface to a lower security interface.
Unicast IPv6 traffic from a higher security interface to a lower security interface.
ARPs in both directions.
Implicit Permits
For routed mode, the following types of traffic are allowed through by default:
• Unicast IPv4 traffic from a higher security interface to a lower security interface.
• Unicast IPv6 traffic from a higher security interface to a lower security interface.
A is right
https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/firewall/asa_91_firewall_config/access_rules.html