ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-401 All Questions

View all questions & answers for the SY0-401 exam
Go to Exam

Exam SY0-401 topic 1 question 1 discussion

Actual exam question from CompTIA's SY0-401
Question #: 1
Topic #: 1
[All SY0-401 Questions]

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure?

  • A. PAT
  • B. NAP
  • C. DNAT
  • D. NAC
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Port Address Translation (PAT), is an extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be mapped to a single public IP address. The goal of PAT is to conserve IP addresses.
Most home networks use PAT. In such a scenario, the Internet Service Provider (ISP) assigns a single IP address to the home network's router. When Computer
X logs on the Internet, the router assigns the client a port number, which is appended to the internal IP address. This, in effect, gives Computer X a unique address. If Computer Z logs on the Internet at the same time, the router assigns it the same local IP address with a different port number. Although both computers are sharing the same public IP address and accessing the Internet at the same time, the router knows exactly which computer to send specific packets to because each computer has a unique internal address.
Incorrect Answers:
B: NAP is a Microsoft technology for controlling network access of a computer host based on system health of the host.
C: Destination network address translation (DNAT) is a technique for transparently changing the destination IP address of an end route packet and performing the inverse function for any replies. Any router situated between two endpoints can perform this transformation of the packet. DNAT is commonly used to publish a service located in a private network on a publicly accessible IP address. This use of DNAT is also called port forwarding. DNAT does not allow for many internal devices to share one public IP address.
D: NAC is an approach to computer network security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.
References:
http://searchnetworking.techtarget.com/definition/Port-Address-Translation-PAT http://en.wikipedia.org/wiki/Network_Access_Protection http://en.wikipedia.org/wiki/Network_address_translation#DNAT http://en.wikipedia.org/wiki/Network_Access_Control
by Jenkins3mol at Aug. 23, 2019, 6:44 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
bogdanttn
4 years, 11 months ago
the administrator is a woomon
upvoted 3 times
...
Jenkins3mol
5 years, 9 months ago
why I saw on youtube that port forwarding and DNAT is not the same thing? ----- " This use of DNAT is also called port forwarding."
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel