Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 188

Which statement about IOS zone-based firewalls is true?

Answer options

• A. An unassigned interface can communicate with assigned interfaces
• B. Only one interface can be assigned to a zone.
• C. An interface can be assigned to multiple zones.
• D. An interface can be assigned only to one zone.

Correct answer: D

Explanation

The correct answer is D because in IOS zone-based firewalls, each interface can only be assigned to a single zone, ensuring clear traffic management. Option A is incorrect as unassigned interfaces cannot directly communicate with assigned ones. Options B and C are also incorrect since they contradict the fundamental zoning rules of IOS firewalls.