Firewall PBQs: CompTIA SecurityX (CAS-005)
easyQuestion 1 of 3
Your organization's DMZ web server (10.1.0.0/24) currently accepts both HTTP and HTTPS from the internet. A new security policy requires all public web traffic to use HTTPS only, and HTTP must be blocked. Additionally, SSH access to the DMZ is wide open and must be restricted to the management subnet (10.2.0.0/24). Review the firewall rules and correct them to comply with the updated policy.
Firewall Rules
| # | Direction | Source | Port | Protocol | Action | Order | |
|---|---|---|---|---|---|---|---|
| 1 | inbound | any | 80 | tcp | allow | ||
| 2 | inbound | any | 443 | tcp | allow | ||
| 3 | inbound | any | 22 | tcp | allow | ||
| 4 | inbound | any | any | any | deny |
Rules are evaluated top to bottom. Use ▲▼ to reorder.
Progress
0 of 3 rules correctEdit or add rules to configure the firewall, then mark complete
0 of 3 marked complete