Referring to the exhibit, you want to block HTTP access to Web-Server from the subnet where Mai-User is located. All other traffic should be permitted.
Which firewall filter configuration do you use?
A.
[edit firewal family inet filter STOP-MAL-USER] user@router# show
term one{
from{
source-address{
200.200.0/24;
continues
B.
don’t know
C.
don’t know
D.
[edit firewal family inet filter STOP-MAL-USER] user@router# show
term one{
from{
source-address{
200.200.200.0/24;
}
destination-address{
100.100.100.10/32;
}
protocol tcp;
destination-port http;
}
term two {
then {
accept;
}
}
I think the answer should be:
[edit firewall family inet filter STOP-MAL-USER] user@router# show
term one {
from {
source-address {
200.200.200.0/24;
}
destination-address {
100.100.100.10/32;
}
protocol tcp;
destination-port http;
}
then reject;
}
term two {
then {
accept;
}
}
But this config is not present on the choices.
Agree. Default action when no “then” statement is specified is “accept”
Look like this a typo here as well. I have found this question in another place and the answer is correct:
D. [edit firewall family inet filter STOP-MAL-USER] user@router# show
term one {
from {
source-address {
200.200.200.0/24;
}
destination-address {
100.100.100.10/32;
}
protocol tcp;
destination-port http;
}
then reject;
}
term two {
then {
accept;
}
}