Based on the ZTNA logs provided, which statement is true?

Exhibit.

Based on the ZTNA logs provided, which statement is true?
A . The Remote_user ZTNA tag has matched the ZTNA rule
B . An authentication scheme is configured
C . The external IP for ZTNA server is 10 122 0 139.
D . Traffic is allowed by firewall policy 1

Answer: A

Explanation:

Based on the ZTNA logs provided, the true statement is:

A) The Remote_user ZTNA tag has matched the ZTNA rule: The log includes a user tag "ztna_user" and a policy name "External_Access_FAZ", which suggests that the ZTNA tag for "Remote_User" has successfully matched the ZTNA rule defined in the policy to allow access.

The other options are not supported by the information in the log:

B) An authentication scheme is configured: The log does not provide details about an authentication scheme.

C) The external IP for ZTNA server is 10.122.0.139: The log entry indicates "dstip=10.122.0.139" which suggests that this is the destination IP address for the traffic, not necessarily the external IP of the ZTNA server.

D) Traffic is allowed by firewall policy 1: The log entry "policyid=1" indicates that the traffic is matched to firewall policy ID 1, but it does not explicitly state that the traffic is allowed; although the term "action=accept" suggests that the action taken by the policy is to allow the traffic, the answer option D could be considered correct as well.

Reference: Interpretation of FortiGate ZTNA Log Files.

Analyzing Traffic Logs for Zero Trust Network Access.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments