Firewall PBQs: Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)
easyQuestion 1 of 3
You are a network security engineer reviewing the ACL applied to a Cisco ASA firewall's outside interface. A recent security audit found that Telnet (port 23) is permitted from any source into the DMZ server subnet (10.2.0.0/24). Company policy requires that only SSH (port 22) be allowed for remote management, and only from the internal management subnet (10.0.0.0/8). Review the current rules and correct the misconfigurations.
Firewall Rules
| # | Direction | Source | Port | Protocol | Action | Order | |
|---|---|---|---|---|---|---|---|
| 1 | inbound | any | 443 | tcp | allow | ||
| 2 | inbound | any | 23 | tcp | allow |
Rules are evaluated top to bottom. Use ▲▼ to reorder.
Progress
0 of 2 rules correctEdit or add rules to configure the firewall, then mark complete
0 of 3 marked complete