ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 316 discussion

Actual exam question from CompTIA's SY0-601
Question #: 316
Topic #: 1
[All SY0-601 Questions]

A security administrator needs to block a TCP connection using the corporate firewall. Because this connection is potentially a threat, the administrator does not want to send back an RST. Which of the following actions in the firewall rule would work BEST?

  • A. Drop
  • B. Reject
  • C. Log alert
  • D. Permit
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by sdc939 at Feb. 7, 2023, 12:35 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
6R15
Highly Voted 2 years, 4 months ago
Selected Answer: A
A: Drop it like it's hot (Snoop Dogg)
upvoted 41 times
...
[Removed]
Highly Voted 2 years, 4 months ago
Selected Answer: A
"In the Drop action, no message is sent describing why the package was dropped. In the Reject action, a message is sent to the source describing the reason for the rejection"
upvoted 24 times
...
AbdullahMohammad251
Most Recent 1 year, 1 month ago
Selected Answer: A
"Drop" is stealthier, as the attacker wouldn't be certain if a TCP connection is established, making him/her assume the target system is unresponsive and experiencing network issues.
upvoted 2 times
AbdullahMohammad251
1 year, 1 month ago
Drop is like leaving someone on "seen"
upvoted 2 times
...
...
ApplebeesWaiter1122
2 years, 1 month ago
Selected Answer: A
The "Drop" action in the firewall rule is the best choice to block a TCP connection without sending back an RST (Reset) packet. When a firewall rule is configured to "Drop" a connection, it silently discards the packets without sending any response back to the sender. This approach effectively blocks the connection without providing any indication to the sender that the connection attempt was blocked.
upvoted 9 times
...
hsdj
2 years, 4 months ago
Selected Answer: A
Dropping will not sent a RST flag. Rejecting will
upvoted 8 times
...
sdc939
2 years, 4 months ago
A, Drop
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel