Refer to the exhibit When configuring this access control rule in Cisco FMC, what happens with the traffic destined to the DMZjnside zone once the configuration is deployed?
A.
All traffic from any zone to the DMZ_inside zone will be permitted with no further inspection
B.
No traffic will be allowed through to the DMZ_inside zone regardless of if it's trusted or not
C.
All traffic from any zone will be allowed to the DMZ_inside zone only after inspection
D.
No traffic will be allowed through to the DMZ_inside zone unless it's already trusted
The access control rule in the exhibit has the following characteristics:
The rule name is DMZ_Rule and it is enabled.
The action set for this rule is Trust, meaning traffic matching this rule will not be subjected to further inspection.
The source zones are not specified, meaning any zone can match this rule.
The destination zone is DMZ_Inside, meaning only traffic destined to this zone can match this rule.
Therefore, the effect of this rule is that all traffic from any zone to the DMZ_Inside zone will be permitted with no further inspection. This is the correct answer, option A.
The other options are incorrect because they do not match the configuration of the rule or the behavior of the Trust action. Option B is incorrect because traffic will be allowed through to the DMZ_Inside zone, not blocked. Option C is incorrect because traffic will not be inspected before being allowed to the DMZ_Inside zone. Option D is incorrect because traffic does not need to be trusted to be allowed to the DMZ_Inside zone. References:
Firepower Management Center Configuration Guide, Version 6.6 - Access Control Rules
Firepower Management Center Device Configuration Guide, 7.1 - Access Control Policies
How to Deploy FMC/FTD part 2 – Access Control Policies
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit