How should she configure her firewall?

Lucy is a system administrator who wants to block all NNTP traffic between her network and the Internet. How should she configure her firewall?

Lucy is a system administrator who wants to block all NNTP traffic between her network and the Internet. How should she configure her firewall?

A.
Configure the firewall to block all incoming and outgoing packets except for those with the source and destination port of 119. Then, allow all traffic with destination ports above 1024 to transverse the firewall.

B.
Configure the firewall to block all incoming packets with the source port of 119, and outgoing packets with a source port lower than 1024. Then, block all packets with the destination port of 119 and with a source port lower than 1024.

C.
Configure the firewall to block incoming packets with the destination port of 119, and to block outgoing packets with the destination port of 119.

D.
Configure the firewall to block all incoming packets with the source port of 119.

Explanation:
By blocking at the firewall all incoming packets at port 119, this prevents anyone on the Internet from access a NTTP server inside the corporate intranet. By blocking all outgoing packets with a destination port of 119, that prevents anyone from inside the corporate network from accessing a NNTP server out on the Internet.
Incorrect Answers:
A: This will block almost everything BUT NNTP.
B: When we block all outgoing packets with a port below 1024, we just disables ALL out servers, so if we have a Web Server TO THE INTERNET, it is now blocked. Blocking packets with a source address of less than 1024 now disables all incoming packets, and no one can access a server out on the Internet.
D: A source port of 119 is a message from NNTP. We need to even prevent the initiation of a NNTP connection, this is after the fact. And this does not affect incoming messages to connect to a NNTP server inside the company network.



Leave a Reply 0

Your email address will not be published. Required fields are marked *