nerdexam
Exams300-415Questions#226
Cisco

300-415 · Question #226

300-415 Question #226: Real Exam Question with Answer & Explanation

The correct answer is A: firewall policy. To control traffic between different VPNs using a WAN Edge application-aware firewall, a firewall policy must be applied. This policy defines specific rules for permitting, denying, or logging traffic based on various criteria.

Policies

Question

Which type of policy must be applied on a WAN Edge application-aware firewall to control traffic between two or more VPNs?

Options

  • Afirewall policy
  • Bdata policy
  • Cservice-insertion policy
  • Dcontrol policy

Explanation

To control traffic between different VPNs using a WAN Edge application-aware firewall, a firewall policy must be applied. This policy defines specific rules for permitting, denying, or logging traffic based on various criteria.

Common mistakes.

  • B. Data policies are used to influence data plane traffic forwarding decisions, such as path selection or QoS, rather than acting as a firewall to permit or deny traffic between VPNs.
  • C. Service-insertion policies are used to redirect traffic to external services like firewalls or IPS systems, not to define the firewall rules themselves.
  • D. Control policies influence the control plane, affecting routing information and TLOC selection, not directly filtering traffic on the data plane like a firewall.

Concept tested. SD-WAN Application-Aware Firewall Policy

Reference. https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/sdwan-security.html#concept_q5j_2s1_ynb

Topics

#SD-WAN Policy#Firewall Policy#WAN Edge#VPN Segmentation

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 300-415 Practice