Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred
of a firewall that is configured ONLY with the following ACL?
PERMIT TCP ANY HOST 192.168.0.10 EQ 80
PERMIT TCP ANY HOST 192.168.0.10 EQ 443
A.
It implements stateful packet filtering.
B.
It implements bottom-up processing.
C.
It failed closed.
D.
It implements an implicit deny.
Explanation:
Implicit deny is the default security stance that says if you aren’t specifically granted access or privileges
for a resource, you’re denied access by default. Implicit deny is the default response when an explicit
allow or deny isn’t present.
Incorrect Answers:
A: Stateful packet filtering automatically creates a response rule for the replay on the fly. But that rule
exists only as long as the conversation is taking place.B: Bottom-up processing is a type of information processing based on incoming data from the
environment to form a perception.
C: This option is a reaction to a failure, which has nothing to do with ACL’sStewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 6, 26
http://en.wikipedia.org/wiki/Top-down_and_bottom-up_design