PCNSE · Question #793
PCNSE Question #793: Real Exam Question with Answer & Explanation
Sign in or unlock PCNSE to reveal the answer and full explanation for question #793. The question stem and answer options stay visible for context.
Question
A new application server 192.168.197.40 has been deployed in the DMZ. There are no public IP addresses available, resulting in the server sharing NAT IP 198.51.100.88 with another DMZ serve that uses IP address 192.168.197.60. Firewall security and NAT rules have been configured. The application team has confirmed that the new server is able to establish a secure connection to an external database with IP address 203.0.113.40. The database team reports that they are unable to establish a secure connection to 198.51.100.88 from 203.0.113.40. However, it confirms a successful ping test to 198.51.100.88. Referring to the NAT configuration and traffic logs provided how can the firewall engineer resolve the situation and ensure inbound and outbound connections work concurrently for both DMZ servers?
Options
- AMove the NAT rule 6 DMZ server 2 above NAT rule 5 DMZ server 1.
- BReplace the two NAT rules with a single rule that has both DMZ servers as "Source Address"
- CConfigure separate source NAT and destination NAT rules for the two DMZ servers without using
- DSharing a single NAT IP is possible for outbound connectivity not for inbound therefore a new
Unlock PCNSE to see the answer
You've previewed enough free PCNSE questions. Unlock PCNSE for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.