You are MegaCorp’s Security Administrator. There are various network objects which must be
NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static
NAT method. What is the rule order if both methods are used together? Give the BEST answer.
A.
The Administrator decides the rule order by shifting the corresponding rules up and down.
B. The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority
over the NAT on a network or an address range.
C.
The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority
over the NAT on a network or an address range.
D.
The rule position depends on the time of their creation. The rules created first are placed at the
top; rules created later are placed successively below the others.
B)
Static comes prior than Hide.
B.
Order of NAT Rule Enforcement
The Firewall enforces the NAT Rule Base in a sequential manner. Automatic and manual rules are enforced differently. Automatic rules can use bidirectional NAT to let two rules be enforced for a connection.
Manual rules – The first manual NAT rule that matches a connection is enforced. The Firewall does not enforce a different NAT rule that can be more applicable.
Automatic rules – Two automatic NAT rules that match a connection, one rule for the Source and one for the Destination can be enforced. When a connection matches two automatic rules, those rules are enforced.
SmartDashboard organizes the automatic NAT rules in this order:
Static NAT rules for Firewall, or node (computer or server) objects
Hide NAT rules for Firewall, or node objects
Static NAT rules for network or address range objects
Hide NAT rules for network or address range objects