CompTIA Security+ Question A-72

It is MOST important to make sure that the firewall is configured to do which of the following?

A. Alert management of a possible intrusion.
B. Deny all traffic and only permit by exception.
C. Deny all traffic based on known signatures.
D. Alert the administrator of a possible intrusion.

Answer: B

Firewalls manage traffic using filters, which is just a rule or set of rules. A recommended guideline for firewall rules is, “deny by default; allow by exception”.