ISC2 Exam SSCP Topic 6 Question 44 Discussion

Actual exam question for ISC2's Systems Security Certified Practitioner exam

Question #: 44
Topic #: 6

[All Systems Security Certified Practitioner Questions]

Which of the following rules appearing in an Internet firewall policy is inappropriate?

ASource routing shall be disabled on all firewalls and external routers.

BFirewalls shall be configured to transparently allow all outbound and inbound services.

CFirewalls should fail to a configuration that denies all services, and require a firewall administrator to re-enable services after a firewall has failed.

DFirewalls shall not accept traffic on its external interfaces that appear to be coming from internal network addresses.

Show Suggested Answer

Suggested Answer: B

Unless approved by the Network Services manager, all in-bound services shall be intercepted and processed by the firewall. Allowing unrestricted services inbound and outbound is certainly NOT recommended and very dangerous.

Pay close attention to the keyword: all

All of the other choices presented are recommended practices for a firewall policy.

Reference(s) used for this question:

GUTTMAN,

Barbara & BAGWILL, Robert, NIST Special Publication 800-xx, Internet Security Policy: A Technical Guide, Draft Version, May 25, 2000 (page 78).

by Rolland at May 09, 2022, 02:13 AM

Limited Time Offer

25%

Off

Get Premium SSCP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!