Exam N10-008 topic 1 question 462 discussion

Rule No. Source IP Range Destination IP Range Protocol Service Action 1 192.168.255.0/24 192.168.1.0/24 TCP RDP Allow 2 192.168.255.0/24 192.168.25.0/24 TCP SSH Allow 3 192.168.255.0/24 192.168.26.0/24 TCP RDP Allow 4 192.168.255.0/24 192.168.26.0/24 TCP SMB Allow 5 192.168.255.0/24 Any Any Any Deny 6 192.168.1.0/24 192.168.25.0/24 TCP SSH Deny 7 192.168.1.0/24 192.168.26.0/24 TCP RDP Deny 8 192.168.1.0/24 Any Any Any Allow 9 Any Any Any Any Deny - Rule numbers 1-4 permit the most commonly used secure remote access technologies from the management network to all other local network segments. - Rule numbers 6-7 ensure the user subnet cannot use the most commonly used remote access technologies in the Linux and Windows Server segments. - Rule numbers 5 and 9 prohibit any traffic that has not been specifically allowed.

192.168.255.0 192.168.1.0 TCP RDP Allow 192.168.255.0 192.168.25.0 TCP SSH Allow 192.168.255.0 192.168.26.0 TCP RDP Allow 192.168.1.0 192.168.25.0 TCP Telnet Deny 192.168.1.0 192.168.26.0 TCP VNC Deny Any Any Any Any Deny

This is question is confusing. There's a dropdown menu in each rule. Shouldn't we select the ip range source and destination from there first? Also, does the order matter? For example, whether the 1st rule allows SSH or RDP?

Also does it matter what service you select in terms of order? SSH and RDP are both secure remote protocols but does it matter which one you choose first? For questions 1-3?

I am a bit confused on this. I understand the concept of what needs to be done, but how are you determining which rule applies to which subnet? 1-9 has the same source and destination subnets. Are you able to select which subnet when going down the list? Maybe im not understanding something, clearly.

Took the exam on Jul 3 and passed. You will see this and ayeayeronpaul and TPPASS answers are both correct! This sim is worth alot of points so make sure you get this one right!

Still valid question

got this on my exam

I spent hours trying to figure out rule why would I enter Rule 4, 5, and 8 completely perplexed out of my mind.... There's no choice those rules are automatically in play and you got to work around them. rules 1,2,&3 need to go before rule 5 because they'd be meaningless as rule 5 would cover them anyway. rule 9 must always be any any any any deny on every ACL. Rules6 &7 are there to stop rule 8 from being a complete mess up (it still is) if you want to know the rules look at ayeayeronpaul. just explaining my thought process. Also if you become supervisor ever train someone to never do this as this is a bad ACL (I don't know what a good one is yet but i definitely know a bad one now.)

It was on my exam today and 100% same. I can vouch the ayeayeronpau's answer above.

This one was on my exam again (2nd time taking it) yesterday 4/23/24. I followed what ayeayeronpaul wrote and I passed. My other strategy was to make flashcards on quizlet of all the questions I got wrong after going through all 817 of these then kept running through those til test time. I studied the PBQ's on here extensively and only had one that really threw me that I don't think was in examtopics. Thank you examtopics!

Rule Source Destination Protocol Service Action 1 192.168.255.0 192.168.1.0 TCP RDP Allow 2 192.168.255.0 192.168.25.0 TCP SSH Allow 3 192.168.255.0 192.168.26.0 TCP RDP Allow 4 192.168.255.0 192.168.26.0 TCP SMB Allow 5 192.168.255.0 Any Any Any Deny 6 192.168.1.0 192.168.25.0 TCP SSH Deny 7 192.168.1.0 192.168.26.0 TCP RDP Deny 8 192.168.1.0 Any Any Any Allow 9 Any Any Any Any Deny Given this A LOT of thought and very confident this is correct. No 6,7 nad 9 are 100% correct in my opinion and very confident 1,2 and 3 are correct. You dont change 4, 5 and 8.

192.168.225.0 to 192.168.1.0 tcp rdp allow 192.168.225.0 to 192.168.26.0 tcp rdp allow 192.168.255.0 to 192.168.25.0 to ssh allow 192.168.1.0 to 192.168.25.0 to ssh deny 192.168.1.0 to 192.168.26.0 to rdp/telnet) deny any to any any any deny the last rule would block anything is isnt allowed so telnet and vnc would be blocked from the users segment also

Please feel free to correct me if I am wrong, but here is my solution: 1 192.168.255.0/24 to any TCP RDP Allow 2 192.168.255.0/24 to any TCP SSH Allow 3 192.168.1.0/24 192.168.25.0/24 TCP SSH Deny 4 192.168.1.0/24 192.168.25.0/24 TCP RDP Deny 5 192.168.1.0/24 192.168.26.0/24 TCP SSH Deny 6 192.168.1.0/24 192.168.26.0/24 TCP RDP Deny 7 Any Any Any Any Deny Have I missed anything?

can someone please explain ths

The first question stated "commonly used SECURE remote access" so RDP and SSH. The 2nd question is "commonly use remote access" it does not say secure. I believe Telnet and VNC should be denied.

So here goes my take on it... I'm only gonna write out the third octet of each IP range for simplicities sake. So 1 = Users 25 = Linux Servers 26 = Windows Servers 255 = Management 1. 255 TO 1 - RDP - ALLOW 2. 255 TO 25- SSH - ALLOW 3. 225 TO 26 - RDP- ALLOW 4. 255 TO 26 - SMB - ALLOW 5. 255 TO ANY - ANY - DENY 6. 1 TO 25 - SSH - DENY 7. 1 TO 26 - RDP - DENY 8. 1 TO ANY - ANY - ALLOW 9. ANY TO ANY - ANY - Deny This however, assumes a couple things. First of all, we are assuming that SMB isn't considered amongst the "most commonly used" secure remote access services. Second, this list only denies the user subnet from SSH & RDP'ing - this doesn't take into account that the users subnet still has the ability to Telnet, SMB and VNC.