CCDE: Cisco Certified Design Expert (Practical) — Question 29

Company XYZ is revisiting the security design for their data center because they now have a requirement to control traffic within a subnet and implement deep packet inspection. Which technology meets the updated requirements and can be incorporated into the design?

Answer options

• A. zone-based firewall on the Layer 3 device
• B. routed firewall
• C. transparent firewall
• D. VLAN ACLs on the switch

Correct answer: C

Explanation

The correct answer is C, the transparent firewall, as it is designed for deep packet inspection and can control traffic within a subnet without needing to change the IP addressing scheme. The other options, while useful for different aspects of network security, do not specifically meet the requirement for deep packet inspection within a subnet.