Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Comptia Discussions

Exam N10-007 topic 1 question 88 discussion

Actual exam question from CompTIA's N10-007
Question #: 88
Topic #: 1
[All N10-007 Questions]

A customer cannot access a company's secure website. The company's network security is reviewing the firewall for the server and finds the following output:

Which of the following changes should be made to allow all customers to access the company's secure website?

  • A. Allow any any 10.5.0.10 443
  • B. Allow any any 12.73.15.5 443
  • C. Allow 10.5.0.10 443 any any
  • D. Allow 10.5.0.10 any 10.5.0.10 80
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by vt2019 at Oct. 27, 2019, 11:29 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
vt2019
Highly Voted 4 years, 5 months ago
Correct answer is A.
upvoted 24 times
LeadBasedPaint
2 years, 7 months ago
I was also fools. Below explanations are helpful to understand. Thanks to all.
upvoted 1 times
...
...
banpakhera
Highly Voted 2 years, 8 months ago
For those who are confused. I asked to Jason Dion he said the correct answer is 'A'.
upvoted 7 times
Tammy007
2 years, 7 months ago
Who is he?
upvoted 1 times
...
...
bloodyhell
Most Recent 1 year, 10 months ago
It's A. The source IP is the customer. The destination IP in the example is an enterprise-class IP address, so it must be the company's server. Therefore Allow any source IP from any source port to the server using HTTPS (443).
upvoted 1 times
...
JustHappyToBeHere
2 years, 3 months ago
Selected Answer: A
Correct answer is A, the source will be the customers, so you have to allow any. and only the destination which is the company's website is needed as well as the 443 port.
upvoted 2 times
Renfri
2 years, 3 months ago
You need to make outbound rules for server to send traffic back. Answer can be C, allowing the server to send traffic to any destination IP/port out the network
upvoted 1 times
...
...
Callas
2 years, 6 months ago
Correct answer is A. If you follow the table they give you then it's Allow (action) any (src IP) any (src port) 10.5.0.10 (dst IP) 443 (dst port/HTTPS) This allows any IPs from any ports to connect to the website's IP on HTTPS
upvoted 3 times
...
jhfdkjshfkjdsho
2 years, 8 months ago
A standard ACL is "access-list access-list-number {permit|deny} {host|source source-wildcard|any}"
upvoted 2 times
...
Ty_tyy
2 years, 11 months ago
you defiantly are not about to allow traffic from any when they specifically ask for HTTPS.
upvoted 2 times
...
Asong01
3 years, 5 months ago
I think this is how the firewall should be configured. Time---------Action---------- -Src IP---------------Scr Port-----Dst IP------Dst Port ---------------Allow----------all customers(Any)-----Any-----10.5.0.10-----443 So, the right option is A. Now, on the firewall config table, option C ------> “10.5.0.10 443 any any” will look like this. Time-----------Action-------Src IP---------Scr Port-----Dst IP-------Dst Port ------------------Allow--------10.5.0.10-----443---------Any-----------Any Note!! 10.5.0.10 is NOT a source IP address. It is the IP address of the ”company’s secure website” (Dst IP). So, option C is INCORRECT
upvoted 4 times
...
CarlosJamesColumna
3 years, 8 months ago
Ahhh sorry, yes it's C. It's a tricky one because remember they're presenting it to you from the attempts, but to configure it is other POV. They can only manage the request the server sends, so they have to configure the server as the source ip to configure the ACL
upvoted 7 times
HisFave
2 years, 7 months ago
sorry, not sorry...it is A.
upvoted 1 times
...
...
CarlosJamesColumna
3 years, 8 months ago
I think it should be A. They're looking for security, which only allowing traffic from 443 will provide. C is also wrong becasue it allows connections to any port, it's just the opposite of the security they're looking.
upvoted 2 times
...
shpunk
3 years, 8 months ago
If the port 80 on the Destination IP is open that means HTTP traffic flows OK, which also means port 443 needs to be open on that same destination IP to enable secure web browsing. The correct answer is A. Those five digit port numbers are ephemeral (temporary) ports on the end user's machine.
upvoted 1 times
...
Charcoal2899
3 years, 9 months ago
100% A!
upvoted 3 times
...
zordss
4 years, 1 month ago
sounds stupid but emulator says C
upvoted 3 times
Not_My_Name
3 years, 8 months ago
What emulator are you using? I can't see how this rule could possibly work. The rule is allowing HTTPS traffic from the web server to any destination on any port, but it's still blocking all external traffic from accessing the server.
upvoted 1 times
...
LeadBasedPaint
2 years, 7 months ago
Seems like I need an emulator. Which is best to use?
upvoted 1 times
...
...
Rajan
4 years, 4 months ago
It Should be 1. The sysntax format is already in the question
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel