A database administrator contacts a security administrator to request firewall changes for a connection to a new
internal application. The security administrator notices that the new application uses a port typically
monopolized by a virus. The security administrator denies the request and suggests a new port or service be
used to complete the application’s task. Which of the following is the security administrator practicing in this
example?

A.
Explicit deny

B.
Port security

C.
Access control lists

D.
Implicit deny

Explanation:
Traffic that comes into the router is compared to ACL entries based on the order that the entries occur in the
router. New statements are added to the end of the list. The router continues to look until it has a match. If no
matches are found when the router reaches the end of the list, the traffic is denied. For this reason, you should
have the frequently hit entries at the top of the list. There is an implied deny for traffic that is not permitted.