PCNSA Exam QuestionsBrowse all questions from this exam
Go to Exam

PCNSA Exam - Question 134

Given the network diagram, traffic should be permitted for both Trusted and Guest users to access general Internet and DMZ servers using SSH, web-browsing and SSL applications.

Which policy achieves the desired results?

A.

B.

C.

D.

Show Answer
Correct Answer:

The correct policy to achieve the desired results is policy B. This policy allows traffic from both the Trusted and IOT/Guest zones to access the DMZ and Untrust zones using SSH, SSL, and web-browsing applications. The source addresses include both 172.16.16.0/24 and 192.168.0.0/24 networks, which correspond to the Trusted and IOT/Guest zones respectively. The destination zones and addresses include both the DMZ zone (10.0.1.0/24) and the Untrust zone (1.1.1.0/24), allowing access to both the internet and the DMZ servers. This policy ensures that all required traffic is permitted as specified in the question.

Discussion

6 comments
Sign in to comment
[Removed]
Mar 20, 2023

B. Because A restricts internet to just the nexthop network

DlaEdu_Ex
Jul 3, 2023

B is correct

Hyay
Sep 21, 2022

Shouldn't it be A ?

Hyay
Sep 22, 2022

My bad, B is correct. Because A is too restrictive on internet

Banchan
Sep 22, 2022

i think so A.Because both ip address is colect.

BeforeScope
Jan 13, 2023

Answer is B

Janhattal
Jun 21, 2024

Not A - cause it only allowed the access to 1.1.1.* network.