Home » Cisco » 210-260 v.2 » Which security zone is automatically defined by the system?
Which security zone is automatically defined by the system?
A. The source zone
B. The self zone
C. The destination zone
D. The inside zone
Correct Answer: B
Explanation/Reference:
The self zone is a system-defined zone which does not have any interfaces as members. A zone pair that includes the self zone, along with the associated policy, applies to traffic directed to the device or traffic generated by the device. It does not apply to traffic through the device.
The most common usage of firewall is to apply them to traffic through a device, so you need at least two zones (that is, you cannot use the self zone). Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_zbf/ configuration/15-2mt/sec-zone-pol-fw.html