What is causing the problem?

— Exhibit —
{master:0}[edit]
user@switch# show firewall
family ethernet-switching {
filter block-traffic {
term count {
from {
source-address {
10.100.0.254/32;
} }
then count blocked-subnet;
}
term reject-traffic {
from {
source-address {
10.100.0.254/32;
} }
then discard;

}
term accept-rest {
then accept;
} }
}
— Exhibit —
You have a device that is sending a malicious packet to other devices in your Layer 2 network.
You are asked to ensure that packets sent from this device are not allowed to enter your network.
You must also keep track of the number of packets that are being received. The device’s IP
address is 10.100.0.254. You have created and applied the firewall filter shown in the exhibit to the
correct port. However, traffic is still being forwarded into the network.
What is causing the problem?

— Exhibit —
{master:0}[edit]
user@switch# show firewall
family ethernet-switching {
filter block-traffic {
term count {
from {
source-address {
10.100.0.254/32;
} }
then count blocked-subnet;
}
term reject-traffic {
from {
source-address {
10.100.0.254/32;
} }
then discard;

}
term accept-rest {
then accept;
} }
}
— Exhibit —
You have a device that is sending a malicious packet to other devices in your Layer 2 network.
You are asked to ensure that packets sent from this device are not allowed to enter your network.
You must also keep track of the number of packets that are being received. The device’s IP
address is 10.100.0.254. You have created and applied the firewall filter shown in the exhibit to the
correct port. However, traffic is still being forwarded into the network.
What is causing the problem?

A.
The reject-traffic term must be placed before the count term.

B.
The filter family is incorrect for a port based filter.

C.
Layer 2 firewall filters do not have visibility to the Layer 3 header information.

D.
The count term is implicitly accepting the traffic.



Leave a Reply 0

Your email address will not be published. Required fields are marked *