PrepAway - Latest Free Exam Questions & Answers

You need to configure Server1 to support the client con…

Your network contains an Active Directory domain named contoso.com. The domain contains an Application
server named Server1. Server1 runs Windows Server 2012 R2.
Server1 is configured as an FTP server.
Client computers use an FTP Application named App1.exe. App1.exe uses TCP port 21 as the control port and
dynamically requests a data port.
On Server1, you create a firewall rule to allow connections on TCP port 21.
You need to configure Server1 to support the client connections from App1.exe.
What should you do?

PrepAway - Latest Free Exam Questions & Answers

A.
Run netsh advfirewall set global statefulftp enable.

B.
Create an inbound firewall rule to allow App1.exe.

C.
Create a tunnel connection security rule.

D.
Run Set-NetFirewallRule -DisplayName DynamicFTP -Profile Domain

Explanation:
The netsh firewall context is supplied only for backward compatibility. We recommend that you do not use this
context on a computer that is running Windows Vista or a later version of Windows.
In the netsh advfirewall firewall context, the add command only has one variation, the add rule command. Netsh
advfirewall set global statefulftp:
Configures how Windows Firewall with Advanced Security handles FTP traffic that uses an initial connection on
one port to request a data connection on a different port.
When statefulftp is enabled, the firewall examines the PORT and PASV requests for these other port numbers
and then allows the corresponding data connection to the port number that was requested.
Syntax
set global statefulftp { enable | disable | notconfigured }Parameters
statefulftp can be set to one of the following values:
enable
The firewall tracks the port numbers specified in PORT command requests and in the responses to PASV
requests, and then allows the incoming FTP data traffic entering on the requested port number.
disable
This is the default value. The firewall does not track outgoing PORT commands or PASV responses, and so
incoming data connections on the PORT or PASV requested port is blocked as an unsolicited incoming
connection.
not configured
Valid only when netsh is configuring a GPO by using the set store command.


Leave a Reply