Which three cases does the ASA firewall permit inbound HTTP GET requests during normal operations?

– by 6

In which three cases does the ASA firewall permit inbound HTTP GET requests during normal operations? (Choose three).
A. when matching NAT entries are configured
B. when matching ACL entries are configured
C. when the firewall receives a SYN-ACK packet
D. when the firewall receives a SYN packet
E. when the firewall requires HTTP inspection
F. when the firewall requires strict HTTP inspection

cisco-exams

6 thoughts on “Which three cases does the ASA firewall permit inbound HTTP GET requests during normal operations?

  1. A,B,C are correct answers.
    Only a SYN-ACK can be permitted inbound on an ASA in normal (stateful) operation.
    SYNs are permitted only if explicitly configured.

    Reply

  2. A and B seems to be correct. C won’t be correct because FW uses stateful inspection and it would only allow this packet if it is present in ASAs state table. Answer doesn’t mention it.
    D also won’t be correct because we don’t know where this packet came from.
    It seems there is some info missing in these answers…

    Reply

  3. I also agree with Sharone,
    In option D the firewall receives a SYN, and then? The Firewall can reject or allow, we don’t know.
    At least with the SYN-ACK we know that the firewall have allow the first SYN.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.