ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 34 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 34
Topic #: 1
[All 312-50v11 Questions]

To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in network 10.10.10.0/24 can only reach the bank web site 10.20.20.1 using https. Which of the following firewall rules meets this requirement?

  • A. if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit
  • B. if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 80 or 443) then permit
  • C. if (source matches 10.20.20.1 and destination matches 10.10.10.0/24 and port matches 443) then permit
  • D. if (source matches 10.10.10.0 and destination matches 10.20.20.1 and port matches 443) then permit
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Angelife at July 15, 2021, 3:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Kamal_SriLanka
Highly Voted 3 years, 5 months ago
if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit self-explanatory 443 is https
upvoted 5 times
...
alodha100
Most Recent 10 months, 1 week ago
A is the correct answer here. No doubt about it.
upvoted 1 times
...
josevirtual
2 years, 2 months ago
Selected Answer: A
A is the correct answer
upvoted 1 times
...
MasterMark
2 years, 8 months ago
The key phrase in the question is, “workstations in network 10.10.10.0/24 can only reach the bank web site 10.20.20.1 using https”. Answers C and D do not have the address in the question 10.10.10.0/24 and are ruled out. Answer B is ruled out because port 80 does not use https This leaves answer A to be the correct answer.
upvoted 1 times
...
Novmejst
3 years, 1 month ago
A. if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit
upvoted 1 times
...
MZAINUL
3 years, 4 months ago
@Sam_Fyl you don't have to specify the subnet. in real firewall configuration, an object with /24 IP address can be created to represent 10.10.10.0/24. On policy level it will show like that. Another object will be the 10.20.20.1/32 and port allowed only 443 (https)
upvoted 3 times
Sam_Fyl
3 years, 3 months ago
@MZAINUL -Thank you for the clarification!
upvoted 1 times
...
...
Sam_Fyl
3 years, 4 months ago
For this qms, why do i need a /24 mask to determine the NW portion ?
upvoted 1 times
...
Angelife
3 years, 6 months ago
Can someone explain this one?
upvoted 1 times
rachr
3 years, 5 months ago
It says https only. HTTP = port 80 / HTTPS = port 443
upvoted 7 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel