For which two reasons would a firewall discard a packet as part of the packet flow sequence? (Choose two.)
For which two reasons would a firewall discard a packet as part of the packet flow sequence? (Choose two.)
A firewall discards a packet as part of the packet flow sequence in two primary scenarios: ingress processing errors and a rule match with action 'deny'. Ingress processing errors occur when the packet is malformed, or there are issues at various OSI layers that prevent further processing. A rule match with action 'deny' explicitly blocks the packet based on configured firewall rules. Allowing a packet or using equal-cost multipath routing would not result in packet discarding.
A and B Denying traffic will discard the packet. Packets can also be discarded due to malformed or incorrect frames, datagrams or packets. C and D are irrelevant as packets would never be discarded if allowed and ECMP simply allows the use of multiple routes or paths to a destination. Read up on "Packer Flow Sequence", it details where exactly it will discard packets (layer 2, layer 3 and on) https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVHCA0
common sense question a and b
A and B only suitable answers
A and B correct