Which of the following rules appearing in an Internet firewall policy is inappropriate?
A.
Source routing shall be disabled on all firewalls and external routers.
B.
Firewalls shall be configured to transparently allow all outbound and inbound services.
C.
Firewalls should fail to a configuration that denies all services, and require a firewall administrator to re-enable services after a firewall has failed.
D.
Firewalls shall not accept traffic on its external interfaces that appear to be coming from internal network addresses.
Suggested Answer:B🗳️
Unless approved by the Network Services manager, all in-bound services shall be intercepted and processed by the firewall. Allowing unrestricted services inbound and outbound is certainly NOT recommended and very dangerous. Pay close attention to the keyword: all All of the other choices presented are recommended practices for a firewall policy. Reference(s) used for this question: GUTTMAN, Barbara & BAGWILL, Robert, NIST Special Publication 800-xx, Internet Security Policy: A Technical Guide, Draft Version, May 25, 2000 (page 78).
Currently there are no comments in this discussion, be the first to comment!
This section is not available anymore. Please use the main Exam Page.SSCP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Comments