Security+ Answer Dedicated Firewall

Here’s the Answer to the Question posted on Facebook

Q. Your network currently has a dedicated firewall protecting access to a web server. It is currently configured with the following two rules in the ACL along with an implicit allow rule at the end:

PERMIT TCP ANY ANY 443

PERMIT TCP ANY ANY 80

You have detected DNS requests and zone transfer requests coming through the firewall and you need to block them. Which of the following would meet this goal? (Select TWO. Each answer is a full solution.)

A. Add the following rule to the firewall: DENY TCP ALL ALL 53.

B. Add the following rule to the firewall: DENY UDP ALL ALL 53.

C. Add the following rule to the firewall: DENY TCP ALL ALL 25.

D. Add the following rule to the firewall: DENY IP ALL ALL 53.

E. Change the implicit allow rule to implicit deny.

Answer available until April 26, 2016.

Get over 400 Security+ (SY0-401 questions here).SY0-401 Get Certified Get Ahead

See Chapter 3 of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.

Get Certified Get Ahead Security+ SY0-401

Check out Security+ blogs here.