How does FortiSwitch perform actions on ingress and egress traffic using the access control list (ACL)?
How does FortiSwitch perform actions on ingress and egress traffic using the access control list (ACL)?
page 369
A. Only high-end FortiSwitch models support ACL. [WRONG] "Most FortiSwitch models support ACLs at the ingress stage." B. ACL can be used only at the prelookup stage in the traffic processing pipeline. [WRONG] "You can configure ACLs at different stages of the traffic processing pipeline." which is Prelookup, ingress and egress stage. C. Classifiers enable matching traffic based only on the VLAN ID. [WRONG] "Classifiers enable you to match traffic using multiple criteria such as: destination and source IP addresses, destination and source MAC addresses, CoS and DSCP values, and VLAN ID." D. FortiSwitch checks ACL policies only from top to bottom. [CORRECT] "FortiSwitch checks ACL policies from top to bottom until it finds a match." Reference: FortiSwitch 7.2 Study Guide, page 369
"Checked from top to bottom until a match is found"