Exhibit
Refer to the exhibit. show security-policy 1. From trust -> untrust, source any, destination any, application any, service any, action allow, schedule none, log start none, log end yes 2. From trust -> untrust, source any, destination any, application ssl, service application-default, action deny, schedule none, log start no, log end yes 3. From trust -> untrust, source any, destination any, application web-browsing, service application-default, action allow, schedule none, log start no, log end yes
- A
The traffic is allowed due to the implicit allow at the end.
Why wrong: Once a deny rule matches, the session is blocked; there is no implicit allow after a deny.
- B
The traffic is denied because of rule 2.
Rule 2 matches SSL application and has a deny action.
- C
The traffic is allowed because rule 3 allows web-browsing.
Why wrong: Rule 2 matches first and denies the traffic, so rule 3 is not evaluated.
- D
The traffic is allowed because no explicit deny is configured.
Why wrong: There is an explicit deny in rule 2.
Question Discussion
Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.
Sign in to join the discussion.