What is the most secure policy for a firewall?

adminDecember 4, 2013

What is the most secure policy for a firewall?
1D0-470

PrepAway - Latest Free Exam Questions & Answers

A.
To reject all traffic unless it is explicitly permitted

B.
To accept all traffic unless it is explicitly rejected

C.
To enable all internal interfaces

D.
To enable all external interfaces

Explanation:
By rejecting all traffic unless it is explicitly permitted makes sure that there are no open holes. If we just let any traffic through, then someone (a hacker) can exploit that situation and compromise the network.
Incorrect Answers:
B: To explicitly reject traffic requires knowledge of ALL potentially damaging traffic that might be sent to the firewall. No one can really know ALL, and to know many could mean a lot of rules being put in place – but most likely never enough. There will always end up being one loophole that a hacker finds.
C, D: Enabling all interfaces might not be a good idea, especially if there are multiple interfaces and they are connected to segments that require protection, and there are no filters in place to sift out damaging traffic.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

CIW Exam Questions

Free CIW Study Guide

What is the most secure policy for a firewall?

Leave a Reply Cancel reply