As a firewall administrator if you want to log packets dropped by “implicit drop anything not
covered” rules, you must explicitly define a Clean-up rule. This must be the last rule in the rule
base.
A.
True
B.
False
Explanation:
the cleanup rule should always be the last rule in the rulebase, because it will drop or log
(depending on your actions) all the traffic, it will always match the traffic that gets through it.
Incorrect Answers:
B: It should be the last rule, see the explanation for details.