Firewall Filter Configurations: Important Facts and Statements

Important Facts and Statements about Firewall Filter Configurations

Q: Which two statements are true about firewall filter configurations? (Choose two.)

Multiple action modifiers can be included in the same term.If an action modifier exists without a terminating action, matching packets will be accepted.

Prev Question Next Question

Question

Which two statements are true about firewall filter configurations? (Choose two.)

Answers

A. Multiple action modifiers can be included in the same term.

B. Only a single action modifier can be included in the same term.

C. If an action modifier exists without a terminating action, matching packets will be accepted.

D. If an action modifier exists without a terminating action, matching packets will be discarded.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Firewall filter configurations are used to define security policies for Juniper Networks routers and switches. They are used to control the flow of traffic through the network by allowing or denying packets based on various criteria such as source/destination IP address, port number, protocol, etc.

Now let's take a look at each of the statements given in the question and see which ones are true:

A. Multiple action modifiers can be included in the same term: This statement is true. A term in a firewall filter configuration can include multiple action modifiers, such as accept, discard, reject, count, log, etc. These action modifiers determine what should happen to packets that match the criteria specified in the term.

B. Only a single action modifier can be included in the same term: This statement is false. As mentioned above, a term in a firewall filter configuration can include multiple action modifiers. However, it is important to note that only one terminating action can be included in the same term. A terminating action is the final action taken on a packet that matches the criteria specified in the term. For example, if the terminating action is set to discard, any matching packets will be discarded and no further actions will be taken.

C. If an action modifier exists without a terminating action, matching packets will be accepted: This statement is false. If an action modifier exists without a terminating action, matching packets will not be accepted or discarded. Instead, they will be passed to the next term in the filter until a terminating action is encountered. If no terminating action is encountered, the default action of the filter will be taken, which is usually to discard the packet.

D. If an action modifier exists without a terminating action, matching packets will be discarded: This statement is false, as explained in the previous statement.

In summary, the two true statements about firewall filter configurations are:

Multiple action modifiers can be included in the same term.
Only one terminating action can be included in the same term.

Prev Question Next Question