nerdexam
Cisco

350-701 · Question #708

350-701 Question #708: Real Exam Question with Answer & Explanation

The correct answer is The firewall does not provide a way to filter packets that traverse from one host to another in the same LAN segment.; The firewall requires a new network segment to be created when they are inserted into a network.; The device acts as a secured bridge that switches traffic from one interface to another.; The firewall can optionally inspect Layer 2 traffic and filter unwanted traffic.. In routed mode, the firewall acts as a Layer 3 hop and requires a new network segment to be created when inserted into a network, since each interface resides in a different subnet. In transparent (bridged) mode, the firewall acts as a secured Layer 2 bridge that switches traffic

Submitted by chiamaka_o· Mar 30, 2026Network Security / Firewall Technologies - Understanding routed vs. transparent (bridged) firewall deployment modes and their respective capabilities and limitations (aligned with Cisco CCNP Security / CCNA Security or equivalent certification objectives)

Question

Drag and Drop Question Drag and drop the firewall capabilities from the left onto the corresponding firewall deployment modes on the right. Answer:

Exhibits

350-701 question #708 exhibit 1
350-701 question #708 exhibit 2

Answer Area

Drag items

The device acts as a secured bridge that switches traffic from one interface to another.The firewall does not provide a way to filter packets that traverse from one host to another in the same LAN segment.The firewall requires a new network segment to be created when they are inserted into a network.The firewall can optionally inspect Layer 2 traffic and filter unwanted traffic.

Correct arrangement

  • The firewall does not provide a way to filter packets that traverse from one host to another in the same LAN segment.
  • The firewall requires a new network segment to be created when they are inserted into a network.
  • The device acts as a secured bridge that switches traffic from one interface to another.
  • The firewall can optionally inspect Layer 2 traffic and filter unwanted traffic.

Explanation

In routed mode, the firewall acts as a Layer 3 hop and requires a new network segment to be created when inserted into a network, since each interface resides in a different subnet. In transparent (bridged) mode, the firewall acts as a secured Layer 2 bridge that switches traffic between interfaces without requiring IP re-addressing, can optionally inspect Layer 2 traffic to filter unwanted content, but cannot filter traffic between hosts on the same LAN segment since that traffic does not traverse the firewall. These distinctions map directly to the architectural differences between routed and transparent deployment modes.

Topics

#Firewall Deployment Modes#Transparent Mode#Routed Mode#Network Security Architecture

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 350-701 Practice