which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true?

Click the Exhibit button.

Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true? (Choose two.)

Assume the default-policy has not been configured.Given the configuration shown in the exhibit, which two statements about traffic from host_a in the HR zone to host_b in the trust zone are true? (Choose two.)

A.
DNS traffic is denied.

B.
HTTP traffic is denied.

C.
FTP traffic is permitted.

D.
SMTP traffic is permitted.

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

w3pgrrrrr

w3pgrrrrr

This is an example of a dickhead test question writer
The “deny” action in the second policy is meant to throw off a cocky test taker who is moving too quickly through the question and chose “D”

Reply

Shahid

Shahid

Here in “policy one” http and ftp (explicitly permitted) and all other applications (e.g. DNS, SMTP, TFTP..etc) are denied.
Policy two denies http and smtp, however policy one already allowed http and denied
smtp. In policy one “source address any” and “destination address any” included host_a and host_b, and so, policy two will not be evaluated. So answer A and C are true

DNS will be denied
Http is permitted
FTP is permitted
SMTP will be denied

in this question default policy means that the statement “set default-policy permit-all” is not onfigured.

Reply