What happens when Eric tries to connect to a server on the Internet?

In the Rule Base displayed, user authentication in Rule 4 is configured as fully automatic. Eric is a
member of the LDAP group, MSD_Group.
What happens when Eric tries to connect to a server on the Internet?

In the Rule Base displayed, user authentication in Rule 4 is configured as fully automatic. Eric is a
member of the LDAP group, MSD_Group.
What happens when Eric tries to connect to a server on the Internet?

A.
None of these things will happen.
B. Eric will be authenticated and get access to the requested server.

C.
Eric will be blocked because LDAP is not allowed in the Rule Base.

D.
Eric will be dropped by the Stealth Rule.

Show Hint

Leave a Reply 9

Your email address will not be published. Required fields are marked *

reflaing

reflaing

Not seeing any display for this question, but how can D) be the answer when the Stealth Rule serves to prevent access to the management interfaces of the Gateway and Security Management Server.

Reply

Lukas

Lukas

“user authentication in Rule 4 is configured as fully automatic”. Rule 4 is stealth rule => I would say it is wrong picture.

Reply

Leonardo

Leonardo

OK, @Lukas let say in the question should say “user authentication in Rule 3 is configured as fully automatic” so let’s not get confussed there.

So the logic will be:

Client Auth -> Fully Auto -> For HTTP or HTTPS uses User Auth.

The first match will be with Rule #3.

Now, as we all know when we are dealing with “User Auth” the Rule Base order change.

So now the firewall will look for the Less Restrictive rule for HTTP (or HTTPS)

That gives us 3 options: Rule #4, #5 & #6. Now the Firewall will have to decide which of this rules is the less restrictive one (or more open rule)

Rule #4: Source is “ANY”, Rules #5 & #6 Source are specific subnets.

Therefore Rule #4 is the one the firewall selects for that packet, so it will be dropped.

Reply

Chirag

Chirag

Thank you for the very clear explanation.

Reply

Parker

Parker

Finally passed 156-215.77 exam few days ago! Scored 90%!! ( The passing score is 70%. )

I had 100 questions, around 15 new questions, those new questions were mainly on Smartlog, VPN, Initial Setup, Identity Awareness and so on.

Some new Qs are not available here, and I got them from the newest PassLeader 156-215.77 dumps ( 420q VCE and PDF ), which are the most valid 156-215.77 dumps now!

Reply