Question

The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. Also he needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router nobody can access to the ftp and the permitted hosts cannot access to the Internet. According to the next configuration what is happening in the network? access-list 102 deny tcp any any access-list 104 permit udp host 10.0.0.3 any access-list 110 permit tcp host 10.0.0.2 eq www any access-list 108 permit tcp any eq ftp any

A. The ACL 110 needs to be changed to port 80
B. The ACL for FTP must be before the ACL 110
C. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router D. The ACL 104 needs to be first because is UDP

Answer 1

The correct selection is the letter C. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router.

Step-by-step explanation:

In this case, the letter C is the right answer because with the first ACL exactly:

access-list 102 deny tcp any any

We are denying all traffic with the next line deny tcp any any, in this case, the others line are being ignored.

access-list 104 permit udp host 10.0.0.3 any

access-list 110 permit tcp host 10.0.0.2 eq www any

access-list 108 permit tcp any eq ftp any

For that nobody can access to the internet, the security administrator of ABC must change the first ACL.