HOTSPOT
The security administrator has installed a new firewall which implements an implicit DENY
policy by default Click on the firewall and configure it to allow ONLY the following
communication.
1. The Accounting workstation can ONLY access the web server on the public network over
the default HTTPS port. The accounting workstation should not access other networks.
2. The HR workstation should be restricted to communicate with the Financial server ONLY,
over the default SCP port
3. The Admin workstation should ONLY be able to access the servers on the secure network
over the default TFTP port.
Instructions: The firewall will process the rules in a top-down manner in order as a first match
The port number must be typed in and only one port number can be entered per rule Type
ANY for all ports. The original firewall configuration can be reset at any time by pressing the
reset button. Once you have met the simulation requirements, click save and then Done to submit.
Answer: 
TFPT uses udp by default. How are 3 and 4 set to any?
0
0
u r right.Also, with HR workstation the question said restrict it from communicated to the Financial server , but the answer give it permit not deny ???
0
0
You have to read it carefully, it says to restrict it to communicate with the Financial server ONLY.
So you are supposed to allow not deny.
0
0
Do u mean to allows the HR to communicate with the financial server over scp?
The answer allows HR to communicate with the financial server over scp and the question says restrict it over scp?
could u please explain more this answer ?
0
0
TFTP can use both TCP and UDP
0
0
Hi Penguin do you know if I should study these questions for the CAS-002?
0
0
I sure hope so 🙂
0
0
There is a question 234 and it says TFTP uses UDP.
Wikipedia says:
TFTP is a simple protocol for transferring files, implemented on top of the UDP/IP protocols using well-known port number 69.
https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol
0
0
Hi, do you know if I should study these questions for the CAS-002?
0
0
The question does say “default” so I guess UDP only for TFTP is correct. Wikipedia has it using both TCP and UDP here: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers. But again the key word in the question is “default”.
0
0
Both TCP and UDP are /registered/ for use with TFTP. This was common practice in early days. However, no implementation of TFTP uses TCP.
Read RFC 1350 and updates for details.
0
0
TFPT uses TCP and UDP
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
0
0
Both TCP and UDP are /registered/ for use with TFTP. This was common practice in early days, and many protocols have both ports registered but only use one (HTTP, SSH, even telnet). However, no implementation of TFTP uses TCP.
Read RFC 1350 and updates for details.
0
0
first question said that accounting workstation should not access other networks.
so I guess action answer is “Deny” instead of permit. is it right?
0
0
You need to read statement 3 again! It states the Admin server can access the secure servers OVER the default TFTP port. It never states what service it is using (doesn’t have to be TFTP). You are forcing it to use port 69.
0
0
BTW, NEW SY0-401 PDF Dumps from Google Drive for Free: https://drive.google.com/open?id=0B-ob6L_QjGLpcG9CWHp3bXlNTTg
0
0