A newly deployed VM cannot be reached by ICMP from an external source. Which firewall behavior most likely causes this?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the CompTIA Cloud+ exam. Enhance your skills with flashcards and multiple choice questions, each supported by hints and explanations. Prepare effectively for your certification!

Multiple Choice

A newly deployed VM cannot be reached by ICMP from an external source. Which firewall behavior most likely causes this?

Explanation:
Blocking ICMP at the firewall is the most direct reason a VM can’t be reached by ICMP from an external source. Ping uses ICMP Echo Request packets and expects Echo Replys in return. When the firewall blocks ICMP, those packets cannot traverse the boundary, so the external host never gets a reply and the VM appears unreachable, even if other services are fine. Other possibilities don’t fit the symptom as cleanly. If DNS were failing, you wouldn’t be able to resolve the host name, but you could still ping the VM by its IP address if ICMP is allowed; the problem would be name resolution, not reachability. A host OS firewall that blocks all traffic would hide connectivity problems across all protocols, not just ICMP, and a security rule allowing only TCP would also block ICMP, but the scenario highlights a firewall behavior specifically about ICMP, which is best explained by ICMP being blocked at the firewall.

Blocking ICMP at the firewall is the most direct reason a VM can’t be reached by ICMP from an external source. Ping uses ICMP Echo Request packets and expects Echo Replys in return. When the firewall blocks ICMP, those packets cannot traverse the boundary, so the external host never gets a reply and the VM appears unreachable, even if other services are fine.

Other possibilities don’t fit the symptom as cleanly. If DNS were failing, you wouldn’t be able to resolve the host name, but you could still ping the VM by its IP address if ICMP is allowed; the problem would be name resolution, not reachability. A host OS firewall that blocks all traffic would hide connectivity problems across all protocols, not just ICMP, and a security rule allowing only TCP would also block ICMP, but the scenario highlights a firewall behavior specifically about ICMP, which is best explained by ICMP being blocked at the firewall.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy