HOTSPOT
The security administrator has installed a new firewall which implements an implicit DENY
policy by default Click on the firewall and configure it to allow ONLY the following
communication.
1. The Accounting workstation can ONLY access the web server on the public network over
the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY,
over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network
over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match
The port number must be typed in and only one port number can be entered per rule Type
ANY for all ports. The original firewall configuration can be reset at any time by pressing the
reset button. Once you have met the simulation requirements, click save and then Done to submit.
Answer: 
TFPT uses udp by default. How are 3 and 4 set to any?
u r right.Also, with HR workstation the question said restrict it from communicated to the Financial server , but the answer give it permit not deny ???
You have to read it carefully, it says to restrict it to communicate with the Financial server ONLY.
So you are supposed to allow not deny.
Do u mean to allows the HR to communicate with the financial server over scp?
The answer allows HR to communicate with the financial server over scp and the question says restrict it over scp?
could u please explain more this answer ?
TFTP can use both TCP and UDP
Hi Penguin do you know if I should study these questions for the CAS-002?
I sure hope so 🙂
There is a question 234 and it says TFTP uses UDP.
Wikipedia says:
TFTP is a simple protocol for transferring files, implemented on top of the UDP/IP protocols using well-known port number 69.
https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol
Hi, do you know if I should study these questions for the CAS-002?
The question does say “default” so I guess UDP only for TFTP is correct. Wikipedia has it using both TCP and UDP here: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers. But again the key word in the question is “default”.
Both TCP and UDP are /registered/ for use with TFTP. This was common practice in early days. However, no implementation of TFTP uses TCP.
Read RFC 1350 and updates for details.
TFPT uses TCP and UDP
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Both TCP and UDP are /registered/ for use with TFTP. This was common practice in early days, and many protocols have both ports registered but only use one (HTTP, SSH, even telnet). However, no implementation of TFTP uses TCP.
Read RFC 1350 and updates for details.
first question said that accounting workstation should not access other networks.
so I guess action answer is “Deny” instead of permit. is it right?
You need to read statement 3 again! It states the Admin server can access the secure servers OVER the default TFTP port. It never states what service it is using (doesn’t have to be TFTP). You are forcing it to use port 69.
Passed Security+ SY0-401 yesterday with 820/900 marks! Got 68 questions and 9 SIMs in total, the performance based questions appeared first, and got 11 sub questions in the first SIM.
All materials that I learned: 1). Gibson’s materials; 2). Messer’s materials; 3). premium passleader SY0-401 dumps (reviewed two times both pdf and vce dumps from: https://tr.im/qi7i9), 100% valid now!
New SY0-401 Exam Questions and Answers Updated Recently (30/Aug/2016):
NEW QUESTION 1839
A new intern in the purchasing department requires read access to shared documents. Permissions are normally controlled through a group called “Purchasing”, however, the purchasing group permissions allow write access. Which of the following would be the BEST course of action?
A. Modify all the shared files with read only permissions for the intern.
B. Create a new group that has only read permissions for the files.
C. Remove all permissions for the shared files.
D. Add the intern to the “Purchasing” group.
Answer: B
NEW QUESTION 1840
A business has recently deployed laptops to all sales employees. The laptops will be used primarily from home offices and while traveling, and a high amount of wireless mobile use is expected. To protect the laptops while connected to untrusted wireless networks, which of the following would be the BEST method for reducing the risk of having the laptops compromised?
A. MAC filtering
B. Virtualization
C. OS hardening
D. Application white-listing
Answer: C
NEW QUESTION 1841
Which of the following is the GREATEST risk to a company by allowing employees to physically bring their personal smartphones to work?
A. Taking pictures of proprietary information and equipment in restricted areas.
B. Installing soft token software to connect to the company’s wireless network.
C. Company cannot automate patch management on personally-owned devices.
D. Increases the attack surface by having more target devices on the company’s campus
Answer: A
NEW QUESTION 1842
Which of the following is the summary of loss for a given year?
A. MTBF
B. ALE
C. SLA
D. ARO
Answer: B
NEW QUESTION 1843
A Security Officer on a military base needs to encrypt several smart phones that will be going into the field. Which of the following encryption solutions should be deployed in this situation?
A. Elliptic curve
B. One-time pad
C. 3DES
D. AES-256
Answer: D
NEW QUESTION 1844
An organization relies heavily on an application that has a high frequency of security updates. At present, the security team only updates the application on the first Monday of each month, even though the security updates are released as often as twice a week. Which of the following would be the BEST method of updating this application?
A. Configure testing and automate patch management for the application.
B. Configure security control testing for the application.
C. Manually apply updates for the application when they are released.
D. Configure a sandbox for testing patches before the scheduled monthly update.
Answer: A
NEW QUESTION 1845
A technician must configure a firewall to block external DNS traffic from entering a network. Which of the following ports should they block on the firewall?
A. 53
B. 110
C. 143
D. 443
Answer: A
NEW QUESTION 1846
A software development company needs to share information between two remote servers, using encryption to protect it. A programmer suggests developing a new encryption protocol, arguing that using an unknown protocol with secure, existing cryptographic algorithm libraries will provide strong encryption without being susceptible to attacks on other known protocols. Which of the following summarizes the BEST response to the programmer’s proposal?
A. The newly developed protocol will only be as secure as the underlying cryptographic algorithms used.
B. New protocols often introduce unexpected vulnerabilities, even when developed with otherwise secure and tested algorithm libraries.
C. A programmer should have specialized training in protocol development before attempting to design a new encryption protocol.
D. The obscurity value of unproven protocols against attacks often outweighs the potential for introducing new vulnerabilities.
Answer: B
NEW QUESTION 1847
The Chief Technology Officer (CTO) of a company, Ann, is putting together a hardware budget for the next 10 years. She is asking for the average lifespan of each hardware device so that she is able to calculate when she will have to replace each device. Which of the following categories BEST describes what she is looking for?
A. ALE
B. MTTR
C. MTBF
D. MTTF
Answer: D
NEW QUESTION 1848
A software developer wants to ensure that the application is verifying that a key is valid before establishing SSL connections with random remote hosts on the Internet. Which of the following should be used in the code? (Select TWO.)
A. Escrowed keys
B. SSL symmetric encryption key
C. Software code private key
D. Remote server public key
E. OCSP
Answer: CE
NEW QUESTION 1849
A security guard has informed the Chief Information Security Officer that a person with a tablet has been walking around the building. The guard also noticed strange white markings in different areas of the parking lot. The person is attempting which of the following types of attacks?
A. Jamming
B. War chalking
C. Packet sniffing
D. Near field communication
Answer: B
NEW QUESTION 1850
A system administrator is configuring a site-to-site VPN tunnel. Which of the following should be configured on the VPN concentrator during the IKE phase?
A. RIPEMD
B. ECDHE
C. Diffie-Hellman
D. HTTPS
Answer: C
NEW QUESTION 1851
……
P.S. These New SY0-401 Exam Questions Were Just Updated From The Real SY0-401 Exam, You Can Get The Newest SY0-401 Dumps In PDF And VCE From — http://www.passleader.com/sy0-401.html (1867 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!)
Good Luck !!!
BTW, NEW SY0-401 PDF Dumps from Google Drive for Free: https://drive.google.com/open?id=0B-ob6L_QjGLpcG9CWHp3bXlNTTg