nerdexam
Exams400-007Questions#34
Cisco

400-007 · Question #34

400-007 Question #34: Real Exam Question with Answer & Explanation

The correct answer is C: Multicast traffic can traverse the firewall.. A transparent mode firewall operates as a Layer 2 bridge, allowing Layer 3 protocols such as OSPF and multicast to pass through without requiring IP addressing changes or acting as a routed hop.

Question

Which two characteristics apply to firewall transparent mode operations in a firewall solution design? (Choose two.)

Options

  • AChanges in the existing IP addressing and subnets are required
  • BThe firewall can participate actively on spanning tree.
  • CMulticast traffic can traverse the firewall.
  • DOSPF adjacencies can be established through the firewall
  • EThe firewall acts like a router hop in the network.

Explanation

A transparent mode firewall operates as a Layer 2 bridge, allowing Layer 3 protocols such as OSPF and multicast to pass through without requiring IP addressing changes or acting as a routed hop.

Common mistakes.

  • A. Transparent mode is specifically designed to eliminate the need for IP addressing changes - the firewall is inserted as a Layer 2 device without requiring subnet modifications.
  • B. A transparent firewall passes STP BPDUs to allow spanning tree to function across it, but it does not originate BPDUs or participate in the root bridge election as an active STP bridge.
  • E. Transparent mode is explicitly Layer 2 and does not act as a router hop - it does not decrement TTL and does not appear as a hop in traceroute output.

Concept tested. Transparent firewall Layer 2 bridge mode characteristics

Reference. https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-firewalls/98156-asa-transparent-mode.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 400-007 Practice