PCNSE Question #43: Real Exam Question with Answer & Explanation

Sign in or unlock PCNSE to reveal the answer and full explanation for question #43. The question stem and answer options stay visible for context.

Submitted by yuriko_h· Apr 18, 2026Deploy and Configure

Question

The web server is configured to listen for HTTP traffic on port 8080. The clients access the web server using the IP address 1.1.1.100 on TCP Port 80. The destination NAT rule is configured to translate both IP address and report to 10.1.1.100 on TCP Port 8080. Which NAT and security rules must be configured on the firewall? (Choose two)

Options

AA security policy with a source of any from untrust-I3 Zone to a destination of 10.1.1.100 in dmz-
BA NAT rule with a source of any from untrust-I3 zone to a destination of 10.1.1.100 in dmz-zone
CA NAT rule with a source of any from untrust-I3 zone to a destination of 1.1.1.100 in untrust-I3
DA security policy with a source of any from untrust-I3 zone to a destination of 1.1.100 in dmz-I3

Unlock PCNSE to see the answer

You've previewed enough free PCNSE questions. Unlock PCNSE for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock PCNSE - $49.99 / 30 days Sign in

Topics

#Destination NAT#Security Policy#Firewall Zones#Packet Flow

Full PCNSE Practice Browse All PCNSE Questions