Access Control Policy Configuration Option
Question
Network traffic coming from an organization's CEO must never be denied.
Which access control policy configuration option should be used if the deployment engineer is not permitted to create a rule to allow all traffic?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The correct answer to the question is B. Configure a trust policy for the CEO.
Explanation:
Access control policies are used to define what network traffic is allowed or denied on a network. In this scenario, the requirement is to ensure that the network traffic coming from the organization's CEO is never denied.
Option A: Change the intrusion policy from security to balance Changing the intrusion policy from security to balance would not address the requirement to ensure that network traffic from the CEO is never denied. Intrusion policies are used to define the severity level of an intrusion and how the system should respond to it.
Option B: Configure a trust policy for the CEO Configuring a trust policy for the CEO would allow network traffic from the CEO to bypass some or all of the security policies on the network. This would ensure that the CEO's traffic is never denied. Trust policies are used to define a trusted source or destination for network traffic.
Option C: Configure firewall bypass Configuring firewall bypass would allow the CEO's network traffic to bypass the firewall completely. This would not be a secure option and would expose the network to potential threats.
Option D: Create a NAT policy just for the CEO Creating a NAT policy just for the CEO would not address the requirement to ensure that network traffic from the CEO is never denied. NAT policies are used to translate IP addresses between different networks.
Therefore, the correct answer is B. Configure a trust policy for the CEO.
