Here’s a query I received from someone recently about a firewall configuration performance question.
Me and my team desperately needs to pass Sec Plus 401. We ordered your study material. We all took the test once without having knowledge of your study material. I have a question about one of the SIMS. It involves firewall configuration. There were four computers with private ips 10.x.x.x and there were two servers other servers with ips 192.x.x.x. We were asked to allow one computer with an ip of 10.x.x.x to connect to the web server via HTTPs. The other was to use SCP from an ip of 10.x.x.x connecting to a file server. The third one was to deny access from a 10.x.x.x (accounting computer) The last one was an implicit deny. Can you explain this scenario?
Many people might be interested in this, so I’m posting my response here, with some extras:
Configuring a Firewall with Rules
You’re describing a scenario where you need to identify rules within a firewall’s ACL.
On page 167, you’ll see the Firewall Rules Solution. It includes a table listing the rules you would create to meet the requirements in the challenge, along with a description of how each of these rules meets the specific requirements.
Firewall Rules Blog Posts
You can also find a series of posts in this blog that describe ACLs and firewall rules.
Simulated Performance-Based Questions on Firewall Rules
If you have access to the practice test questions on the gcgapremium.com site, take a look at Set 3 of the simulated performance-based questions. It includes a diagram and a scenario, and includes several questions asking you how to configure different rules on a router used in the scenario.
When you complete all the questions, you’ll see the correct answers. The answers include detailed explanations letting you know why the correct answers are correct, and why the incorrect answers are incorrect. It also includes a table showing the solution with the elements of the rules.
Security+ Full Access Package
Pass the First Time!
Up-to-date Content
New multiple-choice and performance-based
questions added regularly
Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.
Buy The Full Access Study Package Today
60 Days Access
Need more time?
You can easily renew for another 60 days at a significantly reduced price.
All materials are available online shortly after making your payment.
Know the Ports for Firewall Configuration Performance Questions
These questions require you to understand how TCP/IP uses source and destination addresses, and source and destination ports. The study guide describes the process starting on page 148 in the “Putting It All Together” section and the table on page 150 shows all of the relevant ports you need to know for the exam.
Over 385 realistic Security+ practice test questions
At least 10 performance-based questions
All questions include explanations so you’ll know why the correct answers are correct,
and why the incorrect answers are incorrect.
Upgrade Your Resume with the Security+ New Version
Multiple quiz formats to let you use these questions based on the way you learn.
Learn mode – randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you’ll see the explanation. Click here to see how learn mode works.
Test mode – randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
Test mode – 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions.
Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide. This excerpt includes the introduction and Chapter 1.