Which of the following delineates why it is important to perform egress filtering and monitoring on Internet connected security zones of interfaces on a firewall?

Which of the following delineates why it is important to perform egress filtering and monitoring on
Internet connected security zones of interfaces on a firewall?

Which of the following delineates why it is important to perform egress filtering and monitoring on
Internet connected security zones of interfaces on a firewall?

A.
Egress traffic is more important than ingress traffic for malware prevention

B.
To rebalance the amount of outbound traffic and inbound traffic

C.
Outbound traffic could be communicating to known botnet sources

D.
To prevent DDoS attacks originating from external network

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

ten − seven =

Paul S

Paul S

B is just not right. You do egress filtering to make sure that insider machines are not perpetuating malware attacks. Of the answers provided, C and D are potential answers. Ideally, if there is a DDoS attack which originates from the outside, you would probably block off the ingress traffic. However, if your system has a bot on it and is requesting comms from the bad guys or is instigating an attack, then your firewall would need to stop that traffic. The clear answer is C.

Reply

Mike

Mike

Egress filtering is a network security measure that filters outgoing data using a firewall before transmitting the data to another network, preventing all unauthorized traffic from leaving the network

Reply

asiakid

asiakid

C is the answer on this

Outbound traffic could be communicating to known botnet sources

but NOT B

Reply