As a Security Administrator, you must configure anti-spoofing on Security Gateway interfaces, to protect your internal networks. What is the correct anti-spoofing setting on interface ETH1 in this network diagram?
NOTE: In the DMZ, mail server 192.168.16.10 is statically translated to the object “mail_valid”, with IP address 210.210.210.3. The FTP server 192.168.16.15 is statically translated to the object “ftp_valid”, with IP address 210.210.210.5.
A.
A group object that includes the 10.10.0.0/16 and 192.168.16.0/24 networks, and mail_valid and ftp_valid host objects
B.
A group object that includes the 10.10.20.0/24 and 10.10.10.0/24 networks
C.
A group object that includes the 10.10.0.0/16 network object, mail_valid host, and ftp_valid host object
D.
A group object that includes the 192.168.16.0/24 and 10.10.0.0/16 networks
E.
A group object that includes the 10.10.10.0/24 and 192.168.16.0/24 networks
Correct answer is