What are three valid match criteria in a firewall filter applied to a Layer 3 interface? (Choose three.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.ACD
Firewall filters are used to control the traffic that passes through a network device. They are applied to an interface and can specify criteria to match and actions to take when a match occurs. In Junos OS, firewall filters can be applied to Layer 3 interfaces such as routed interfaces, loopback interfaces, or VLAN interfaces.
The valid match criteria in a firewall filter applied to a Layer 3 interface are:
IP address: The source or destination IP address can be used as a match criteria in a firewall filter. This is the most common match criteria used in firewall filters. The IP address can be specified as a single IP address or a range of IP addresses using the CIDR notation.
Protocol: The protocol field in the IP header can be used as a match criteria in a firewall filter. This field identifies the protocol being used by the IP packet, such as TCP, UDP, ICMP, or IGMP.
Port: The source or destination port number can be used as a match criteria in a firewall filter. This is typically used for TCP or UDP traffic, as these protocols use port numbers to identify the specific application or service being used. Port numbers can be specified as a single port number or a range of port numbers.
MAC address and session ID are not valid match criteria in a firewall filter applied to a Layer 3 interface. MAC addresses are used in Layer 2 switching and are not present in Layer 3 IP packets. Session ID is a unique identifier used to track sessions in stateful firewalls, but it is not a match criteria in a firewall filter.
In summary, the three valid match criteria in a firewall filter applied to a Layer 3 interface are IP address, protocol, and port.