Firewall Configuration Performance Question

Posted on by Darril

Here’s a query I received from someone recently about a firewall configuration performance question.

Me and my team desperately needs to pass Sec Plus 401. We ordered your study material. We all took the test once without having knowledge of your study material. I have a question about one of the SIMS. It involves firewall configuration. There were four computers with private ips 10.x.x.x and there were two servers other servers with ips 192.x.x.x. We were asked to allow one computer with an ip of 10.x.x.x to connect to the web server via HTTPs. The other was to use SCP from an ip of 10.x.x.x connecting to a file server. The third one was to deny access from a 10.x.x.x (accounting computer) The last one was an implicit deny. Can you explain this scenario?

Many people might be interested in this, so I’m posting my response here, with some extras:

Configuring a Firewall with Rules

You’re describing a scenario where you need to identify rules within a firewall’s ACL.

I’m not sure what study materials of mine you have, but the knowledge you need to answer this is included in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide and in the simulated performance practice test questions on the gcgapremium.com site.

Firewall Rules Challenge in the Study Guide

If you have the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide, take a look at the Firewall Rules section starting on page 158. It includes a challenge with specific requirements and asks you to identify what rules you should create.

On page 167, you’ll see the Firewall Rules Solution. It includes a table listing the rules you would create to meet the requirements in the challenge, along with a description of how each of these rules meets the specific requirements.Firewall Configuration Performance Question

Firewall Rules Blog Posts

You can also find a series of posts in this blog that describe ACLs and firewall rules.

Simulated Performance-Based Questions on Firewall Rules

If you have access to the practice test questions on the gcgapremium.com site, take a look at Set 3 of the simulated performance-based questions. It includes a diagram and a scenario, and includes several questions asking you how to configure different rules on a router used in the scenario.

When you complete all the questions, you’ll see the correct answers. The answers include detailed explanations letting you know why the correct answers are correct, and why the incorrect answers are incorrect. It also includes a table showing the solution with the elements of the rules.

Security+ Full Access Package
Get Certified Get Ahead Security+

Pass the First Time!

Up-to-date Content

New multiple-choice and performance-based questions added regularly

Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.

Buy The Full Access Study Package Today

60 Days Access

Need more time? You can easily renew for another 60 days at a significantly reduced price.

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.

This exam is expensive.

Make sure you’re ready before exam day. 

Here’s what you’ll get:
  • All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
  • Realistic SY0-601 Security+ Practice Test Questions
  • Performance-based questions.
  • All of the flashcards from the study guide. View them in any Web browser. See demo here
  • All of the audio from the study guide.
  • Access to a free discount code for 10% off your Security+ voucher.

Buy The Full Access Study Package Today

60 Days Access

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Know the Ports for Firewall Configuration Performance Questions

These questions require you to understand how TCP/IP uses source and destination addresses, and source and destination ports. The study guide describes the process starting on page 148 in the “Putting It All Together” section and the table on page 150 shows all of the relevant ports you need to know for the exam.

There are also several blogs on ports listed in the Networking section of the Security+ blog links page.  Here are links to two relevant posts:

Other Security+ Study Resources

Security+ (SY0-601) Practice Test Questions

SY0-601 Practice Test Questions 

Over 385 realistic Security+ practice test questions

At least 10 performance-based questions

All questions include explanations so you’ll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Upgrade Your Resume with the Security+ New Version

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode – randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you’ll see the explanation. Click here to see how learn mode works.
  • Test mode – randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode – 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions.

Pass the First Time You Take It

Get the full bank of SY0-601 Practice Test Questions Here

Click here if you’re looking for SY0-501 Online Study Package

Security+ Full Access Package
Get Certified Get Ahead Security+

Pass the First Time!

Up-to-date Content

New multiple-choice and performance-based questions added regularly

Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.

Buy The Full Access Study Package Today

60 Days Access

Need more time? You can easily renew for another 60 days at a significantly reduced price.

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.

This exam is expensive.

Make sure you’re ready before exam day. 

Here’s what you’ll get:
  • All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
  • Over 40 new multiple-choice questions we’ve added after publishing the study guide.
  • Over 30 performance-based questions. See a demo here.
  • All of the flashcards from the study guide. View them in any Web browser.
  • All of the audio from the study guide. Listen to a sample here.
  • Access to a free discount code for 10% off your Security+ voucher.

Buy The Full Access Study Package Today

60 Days Access

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!