CCSA Exam | Questions and Answers | Verified
Solutions | 2026 Edition | Pass Guaranteed
Save
Terms in this set (233)
Security Management Server Manages g/w's, pushes policies to g/w's, monitors
security events, logs, correlates, & provides info to
admins. Stores packages/licences in repositories.
AS Anti-Spoofing
Anti-spoofing Technique used by g/w's that verifies source IP of
packet is in the topology of the destination
interface.
EX: Packets from internal network are validated to
make sure they are for internal network interface.
Stealth Rule Prevents users from connecting to g/w directly.
Should be placed above all rules UNLESS
connections need to be made directly to g/w's for
functionality.
Cleanup Rule Recommended to determine how to handle
connections not matched by rules above.
Logs connections that would otherwise be
dropped without logging by default.
Necessary for traffic logging.
Last explicit rule in rule base order.
, Explicit Rules Manually created rules by admin.
Located between 1st rule and before last rule in
rule base order.
Implied Rules Cannot be modified. Generated in rule base as
part of Global Properties. Applied before all other
rules in rule base order.
Control Connection Types Defined by Implied Rules
1. G/W specific traffic
2. IKE & RDP for communication & encryption
3. Communication with various types of servers:
RADIUS, CVP, UFP, TACACS, LDAP
How many types of implied rules are 2
enforced by SMS
Before Last Implied Rule More specific implied rules enforced before last
rule in rule base order.
Last Explicit Rule a.k.a clean up rule. Last rule written by admins in
rule base order.
Last Implied Rule Applied after all other explicit & implied rules in
rule base order.
Except for the Implicit cleanup rule.
Implicit Cleanup Rule Rule applied by default if no other rule is matched.
Setting that is defined in the global properties for
all policies
What happens if clean up rule is the The last implied rule and the implied cleanup rule
last explicit rule? are not applied.
Solutions | 2026 Edition | Pass Guaranteed
Save
Terms in this set (233)
Security Management Server Manages g/w's, pushes policies to g/w's, monitors
security events, logs, correlates, & provides info to
admins. Stores packages/licences in repositories.
AS Anti-Spoofing
Anti-spoofing Technique used by g/w's that verifies source IP of
packet is in the topology of the destination
interface.
EX: Packets from internal network are validated to
make sure they are for internal network interface.
Stealth Rule Prevents users from connecting to g/w directly.
Should be placed above all rules UNLESS
connections need to be made directly to g/w's for
functionality.
Cleanup Rule Recommended to determine how to handle
connections not matched by rules above.
Logs connections that would otherwise be
dropped without logging by default.
Necessary for traffic logging.
Last explicit rule in rule base order.
, Explicit Rules Manually created rules by admin.
Located between 1st rule and before last rule in
rule base order.
Implied Rules Cannot be modified. Generated in rule base as
part of Global Properties. Applied before all other
rules in rule base order.
Control Connection Types Defined by Implied Rules
1. G/W specific traffic
2. IKE & RDP for communication & encryption
3. Communication with various types of servers:
RADIUS, CVP, UFP, TACACS, LDAP
How many types of implied rules are 2
enforced by SMS
Before Last Implied Rule More specific implied rules enforced before last
rule in rule base order.
Last Explicit Rule a.k.a clean up rule. Last rule written by admins in
rule base order.
Last Implied Rule Applied after all other explicit & implied rules in
rule base order.
Except for the Implicit cleanup rule.
Implicit Cleanup Rule Rule applied by default if no other rule is matched.
Setting that is defined in the global properties for
all policies
What happens if clean up rule is the The last implied rule and the implied cleanup rule
last explicit rule? are not applied.
