Essentials Exam QuestionsBrowse all questions from this exam

Essentials Exam - Question 52


With the policies configured as shown in this image, HTTP traffic can be sent and received through branch office VPN tunnel.1 and tunnel.2.

Show Answer
Correct Answer: A

Based on the policies configured in the image, HTTP traffic is allowed through both tunnel.1 and tunnel.2. Although policies 1 and 2 specifically mention tunnel.1, any unchecked HTTP traffic would continue down the policy list. Policies 7 and 8 are configured to allow any traffic through both tunnel.1 and tunnel.2. Therefore, HTTP traffic can be sent and received through both branch office VPN tunnels.

Discussion

13 comments
Sign in to comment
LoCarb_MonsterOption: B
Dec 22, 2019

This is kinda a 'gotcha question'. You'll likely look at policies 7 & 8 and decide that the traffic would be permitted, however the question specifically asks about HTTP traffic; which is governed by policies 1 & 2. Only 'tunnel 1' is defined in those policies. 'Tunnel 2' is missing.

BillFlippen
Nov 3, 2021

HTTP traffic destined to Tunnel 1will be caught caught by rule 1 and processed there. HTTP traffic to Tunnel 2 Does not meet the "To" Criteria of rule 1 so it will proceed down the list Rule 7 say any traffic to tunnel 2 and tunnel 1 so that is where it will be picked up.

Lars89Option: A
Jan 3, 2020

It would still be allowed in policy 7 and 8. Even though it isnt listed in policy 1 and 2 it would continue down the list until it is matched or blocked.

MaikOption: A
Jan 4, 2020

The Answer should be True

ElvisBacOption: A
Apr 9, 2020

I think it's true. Tunnel2 is not intercepted by rule n 2 and goes down to rule 7 and 8. Sorry for the bad english.

Thresmonkey
May 26, 2020

I don't think you're correct... Let me explain. WatchGuard uses auto-order which places the most specific policies in the top of the order where as most generel policies are placed at the bottom. In this case, since there's already a specific policy that doesn't allow traffic inbound/outbound for Tunnel.2, I'd say the answer is B, false.

MrPerfect
Jun 25, 2020

In Policies 1&2, there is no disposition that would deny the HTTP traffic for Tunnel2, so if it not match it will go down till policies 7&8 which will allow the traffic......The correct answer is "True"

ElvisBac
Sep 26, 2020

yes, exact

ItachI_Sama
Oct 6, 2020

If you have a http package/traffic it will be processed by rule 1 or 2 because its a http package. The rule does not have tunnel 2 in it so it you can Not send it over tunnel 2. rule 7 & 8 are not for http traffic.

payzey
Oct 11, 2020

Rule 7 & 8 are for Any Traffic, therefore HTTP included.

LarsPapeOption: A
Jul 20, 2020

Should be true, even though rule 1 and 2 won't allow it, 7 and 8 will.

SatornjkkOption: A
Jan 10, 2021

Tunnel2 will sent all traffic matched Rul No.7,8

WatryOption: A
Mar 26, 2021

I read that incorrectly, rules 7 and 8 are set to allow, 1 and 2 do not matter since they are not referring to the BOVPN, so the answer is true.

Maxim_EOption: A
May 27, 2021

TRUE !

jychoOption: A
Sep 17, 2021

I just tested it. The result is TRUE.

memorxOption: A
Aug 10, 2022

A. True Top-down first match Tunnel1 match 1&2 Tunnel2 match 7&8

CareSupportOption: A
Aug 24, 2022

A. True

WatryOption: B
Mar 26, 2021

Answer is false. This is only referring to the BOVPN, so 1 and 2 are irrelevant in this case. Rules 7 and 8 are blocking traffic to BOVPN in both directions.

zoodataOption: A
Jun 16, 2022

True. A is corect.