Which ACL type is used to deny traffic based on the source IP with a TTL parameter?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Master Citrix ADC13 with Citrix Gateway 1Y0-231 Test. Use flashcards and multiple choice questions with hints. Prepare thoroughly for your exam!

Multiple Choice

Which ACL type is used to deny traffic based on the source IP with a TTL parameter?

Explanation:
The key idea here is filtering traffic by the source IP with the simplest tool available. SimpleACL is designed for straightforward IP-based filtering: you specify the source IP (and you can add a destination IP if needed) and choose an action such as deny. When your goal is to block traffic based on where it’s coming from, this direct, minimal configuration is the most efficient and reliable approach. The other options introduce more complexity or additional matching criteria. Using an ACL that involves a destination IP adds extra specificity we don’t need if the requirement is just source-origin filtering. An NS ACL type with TTL would be used only if you needed to match on the packet’s TTL value, which is a more advanced criterion than simply denying by source IP. So for denying traffic based on the source IP with a TTL parameter, the simplest, most appropriate match is provided by SimpleACL, making it the best choice.

The key idea here is filtering traffic by the source IP with the simplest tool available. SimpleACL is designed for straightforward IP-based filtering: you specify the source IP (and you can add a destination IP if needed) and choose an action such as deny. When your goal is to block traffic based on where it’s coming from, this direct, minimal configuration is the most efficient and reliable approach.

The other options introduce more complexity or additional matching criteria. Using an ACL that involves a destination IP adds extra specificity we don’t need if the requirement is just source-origin filtering. An NS ACL type with TTL would be used only if you needed to match on the packet’s TTL value, which is a more advanced criterion than simply denying by source IP. So for denying traffic based on the source IP with a TTL parameter, the simplest, most appropriate match is provided by SimpleACL, making it the best choice.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy