PCNSE · Question #731
PCNSE Question #731: Real Exam Question with Answer & Explanation
The correct answer is A: Virtual Wire. Virtual Wire (Choice A) and Layer 2 (Choice B) are 'bump-in-the-wire' deployment modes that insert the firewall inline between network segments without requiring any IP addressing changes or routing redesign. Both modes can actively block threats. Layer 3 (Choice C) requires the
Question
A company wants to implement threat prevention to take action without redesigning the network routing. What are two best practice deployment modes for the firewall? (Choose two.)
Options
- AVirtual Wire
- BLayer 2
- CLayer 3
- DTAP
Explanation
Virtual Wire (Choice A) and Layer 2 (Choice B) are 'bump-in-the-wire' deployment modes that insert the firewall inline between network segments without requiring any IP addressing changes or routing redesign. Both modes can actively block threats. Layer 3 (Choice C) requires the firewall to serve as a routed hop, which mandates IP reconfiguration. TAP mode (Choice D) is a passive, read-only mode that receives a copy of traffic and cannot actively block threats - it can only generate alerts.
Topics
Community Discussion
No community discussion yet for this question.