An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25.
Which of the following firewall ACLs will accomplish this goal?
A . Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53
Access list outbound deny 10.50.10.25 32 0.0.0.0/0 port 53
B . Access list outbound permit 0.0.0.0/0 10.50.10.25 32 port 53
Access list outbound deny 0.0.0.0 0 0.0.0.0/0 port 53
C . Access list outbound permit 0.0.0.0 0 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0/0 10.50.10.25 32 port 53
D . Access list outbound permit 10.50.10.25 32 0.0.0.0/0 port 53
Access list outbound deny 0.0.0.0.0.0.0.0.0/0 port 53
Answer: D
Explanation:
The correct answer is D because it allows only the device with the IP address 10.50.10.25 to send outbound DNS requests on port 53, and denies all other devices from doing so. The other options are incorrect because they either allow all devices to send outbound DNS requests (A and C), or they allow no devices to send outbound DNS requests (B).
Reference = You can learn more about firewall ACLs and DNS in the following resources:
CompTIA Security+ SY0-701 Certification Study Guide, Chapter 4: Network Security1
Professor Messer’s CompTIA SY0-701 Security+ Training Course, Section 3.2: Firewall Rules2
TOTAL: CompTIA Security+ Cert (SY0-701) | Udemy, Section 6: Network Security, Lecture 28: Firewall Rules3
Latest SY0-701 Dumps Valid Version with 77 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund