Which configuration drops all inbound traffic to the router that does not match established connections?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the MTCNA Foundation Exam. Prepare with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your certification!

Multiple Choice

Which configuration drops all inbound traffic to the router that does not match established connections?

Explanation:
This uses connection tracking to protect the router by handling traffic based on its connection state. The idea is to allow packets that are part of an existing connection (established) or related to one (related), while dropping new or invalid attempts that aren’t part of any known connection. In this setup, the first rule accepts inbound packets whose state is established or related, so return traffic for existing connections is allowed. The second rule drops inbound packets whose state is new or invalid, so any attempt to initiate a new connection or that can’t be associated with a valid one is blocked. Since these rules are evaluated in order, any inbound traffic that isn’t part of an established/related connection gets dropped by the second rule. Why not the others? Dropping all inbound traffic would also block legitimate management or local services. Allowing only established/related without dropping new/invalid could let unsolicited/new attempts through. Dropping in the forward chain affects forwarded traffic, not traffic destined for the router itself.

This uses connection tracking to protect the router by handling traffic based on its connection state. The idea is to allow packets that are part of an existing connection (established) or related to one (related), while dropping new or invalid attempts that aren’t part of any known connection.

In this setup, the first rule accepts inbound packets whose state is established or related, so return traffic for existing connections is allowed. The second rule drops inbound packets whose state is new or invalid, so any attempt to initiate a new connection or that can’t be associated with a valid one is blocked. Since these rules are evaluated in order, any inbound traffic that isn’t part of an established/related connection gets dropped by the second rule.

Why not the others? Dropping all inbound traffic would also block legitimate management or local services. Allowing only established/related without dropping new/invalid could let unsolicited/new attempts through. Dropping in the forward chain affects forwarded traffic, not traffic destined for the router itself.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy