A database administrator contacts a security administrator to request firewall changes for a
connection to a new internal application. The security administrator notices that the new
application uses a port typically monopolized by a virus. The security administrator denies the
request and suggests a new port or service be used to complete the application’s task. Which of
the following is the security administrator practicing in this example?
A.
Explicit deny
B.
Port security
C.
Access control lists
D.
Implicit deny
Explanation:
Traffic that comes into the router is compared to ACL entries based on the order that the entries
occur in the router. New statements are added to the end of the list. The router continues to look
until it has a match. If no matches are found when the router reaches the end of the list, the traffic
is denied. For this reason, you should have the frequently hit entries at the top of the list. There is
an implied deny for traffic that is not permitted.
This question does not make sense. “Security Admin” denies the request so he is not practicing anything
yeah it doesn’t make sense. Also this person was denying an application that uses a port typically monopolized by a virus and is requesting and suggesting a new port or service be used to complete the application’s task……. that all sounds like answer B to me. He is practicing good port security measures. Please anyone correct me if I’m wrong and explain.
Port security fundamentally is done when the device is brought into the network. In terms of operations of routing and accesses, ACL is always the option for change.
It is Implicit deny. The internal app hits an implicit deny and the admin needs to check which port is accessed by that app.
captcaveman
September 20, 2017 at 11:20 am
Screw this question, the answer is A.
The point of the question isn’t about a new application, but moreover, the potential of the virus to propagate through the port the security administrator has previously blocked. If the requested port is opened for the database application, then the port could also be used by the virus. The security administrator doesn’t want that to happen so a different port for the database application has been suggested. The virus port remains EXPLICITLY denied.