300-320 · Question #221
When considering the design of the E-Commerce topology which of the following are true?
The correct answer is A. One-armed SLB design with multiple security contexts removes the need for a separate firewall in. Answer A is correct. In a one-armed Server Load Balancing (SLB) design, the load balancer is connected to a single interface or trunk and uses the same physical interface for both inbound and outbound traffic (return traffic is hairpinned back). When this design incorporates mult
Question
When considering the design of the E-Commerce topology which of the following are true?
Options
- AOne-armed SLB design with multiple security contexts removes the need for a separate firewall in
- BTwo-firewall-layer SLB design considers the aggregation and access layers to be trusted zones,
- COne-armed SLB design with two firewall layers ensures that non load-balanced traffic still
- DIn all cases there will be configuration requirements for direct access to any servers or for
How the community answered
(55 responses)- A56% (31)
- B7% (4)
- C13% (7)
- D24% (13)
Explanation
Answer A is correct. In a one-armed Server Load Balancing (SLB) design, the load balancer is connected to a single interface or trunk and uses the same physical interface for both inbound and outbound traffic (return traffic is hairpinned back). When this design incorporates multiple security contexts (virtual firewall instances on a device like an ASA), each context can act as a dedicated virtual firewall, removing the dependency on a separate standalone firewall appliance. This simplifies the topology and reduces hardware costs. Option B is incorrect because a two-firewall-layer design explicitly treats the aggregation and access layers as untrusted zones requiring inspection. Option C's claim about non-load-balanced traffic is not accurate in a one-armed design. Option D is a blanket statement that is not universally true.
Topics
Community Discussion
No community discussion yet for this question.