Which of the following packets should NOT be dropped at a firewall protecting an organization's internal network?

A. Inbound packets with Source Routing option set

B. Router information exchange protocols

C. Inbound packets with an internal address as the source IP address

D. Outbound packets with an external destination IP address








 

Suggested Answer: D

Community Answer: D

Normal outbound traffic has an internal source IP address and an external destination IP address.
Traffic with an internal source IP address should only come from an internal interface. Such packets coming from an external interface should be dropped.
Packets with the source-routing option enabled usually indicates a network intrusion attempt.
Router information exchange protocols like RIP and OSPF should be dropped to avoid having internal routing equipment being reconfigured by external agents.
Source: STREBE, Matthew and PERKINS, Charles, Firewalls 24seven, Sybex 2000, Chapter 10: The Perfect Firewall.

This question is in SSCP Systems Security Certified Practitioner Exam
For getting Systems Security Certified Practitioner (SSCP) Certificate






Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISC. 
Trademarks, certification & product names are used for reference only and belong to ISC.
The website does not contain actual questions and answers from ISC's Certification Exams.