Exam 70-741 topic 1 question 99 discussion

Answers are UDP and allow any ports. 192.168.0.0 / 255.255.255.0 is 192.168.0.1~192.168.0.255 192.168.10.100 / 255.255.0.0 is not rejected (means that allowed).

Answers is UDP and allow to connect to any ports

WHAT IS THE CORRECT ANSWER THEN SOME RELIABLE PLEASE

The subnet masks don't match for either of them. Wouldn't that mean that both of them don't take effect?

The correct answer is TCP and allow any port...... 2nd ans is no doubt but the first ans lot of us getting wrong... think about it the first IP and Subnet for port 443 is under TCP .....

Answer: 1. Rule is for 172.16.0.0/16 172.16.0.0 - 172.16.255.255 TCP packets are blocked for port 433. 172.16.55.11 is within this range, therefore only UDP is allowed. 2. Rule is for 192.168.0.0/24 192.168.0.0 - 192.168.0.255 any packets blocked for Any port 192.168.10.100 does not fall within this range, rule will not apply. Therefore it can connect to any port. This is basic subnetting and i'm surprised there's so much disagreement here.

udp and rejected

UDP and allow to connect to any ports.

Answers : UDP and Rejected. The filters are to deny not permit. Through 172.16.0.0/16 we deny port 443 on TCP, which will allow UDP Through 192.168.0.0/24 we deny everything, it's a block altogether.

Answers is UDP and allow to connect to any ports

Guys look at the subnet masks on both options, not in each rule.

** Block List ** A) 192.168.0.0 (255.255.255.0) = 192.168.0.1 > 192.168.0.254 Target: 192.168.10.100 Result: Will allowed on all port. Reason: Target is out of blocked range. So it will be allowed. B) 172.16.0.0 (255.255.0.0) = 172.16.0.1 > 172.16.255.254 Target: 172.16.55.11 Result: Associated service linked with the target will be blocked. Rest of service is allowed. Reason: Target is inside of blocked range. So the service its carring (TCP), will be blocked. So only UDP is allowed. Correct me if i am wrong :)

Eh none of the deny rules seem to match the traffic 1st dropdown - Packet destination is 172.16.55.11 /24 The relevant rule is Deny TCP to 172.16.0.0 /16 Since the mask is different, the rule doesn’t match at all 2nd dropdown - Packet destination is TCP to 192.168.10.100 /18 The relevant rule is Block ANY to 192.168.0.0 /24 Again the mask is different so the rule doesn’t match

Answer is UDP and Allow Connection to Any Port

guys have you looked exactly at masks in answers and on the picture? rethink again your answers =) for 172.x.x.x in the pic its 255.255.0.0 and in the answers it is 255.255.255.0, same difference in the 192 subnet and its masks! rethink your answers carefully! cuz it confused me a lot!

I tested this in my lab, and i am 100% sure about it. You are doing this on network-level, so all hosts inside the networks have something to do with this. Because rule 2 says all TCP packets from 172.16.0.0/16 with port 443 are not allowed, only UDP is allowed. This is the first answer. Because rule 1 says all packets from 192.168.0.0/24 are not permitted you would say answer 2 is rejected. It is not. The question is if 192.168.10.100/16 is permitted. The subnet and network id of the IP-address are the reason why it is permitted. In short: 1. UDP 2. Allowed to connect to any port

Why wouldn't the answer be All and Any Ports? The subnet masks in both questions don't match what's in the example, so the NPS policy not apply in either case.