Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

26. a) In Figure 4-18, explain why Rule 1 brings more security than Rule 2.b) Ex

ID: 3743467 • Letter: 2

Question

26. a) In Figure 4-18, explain why Rule 1 brings more security than Rule 2.b) Explain why the last rule in an ACL should deny anything not previously approved by earlier rules. c) Why do you think authentication is sometimes required before accepting a connection? d) When a packet addressed to 60.1.232.89 arrives what rule will the SPI firewall look at first? e) Why must Rule 2 come after Rule 1? f) Add a rule to permit access by hosts in accounting to server 60.3.4.67. Require authentication. What rule number would you give it?

Explanation / Answer

a) In Rule 1, the destination IP address is given and hence other traffic will not go to any other IP address. Thus it is restricted to only one IP address. Hence it is more secure as the access is only belongs to that particular webserver. But in rule 2, the access is open to any web server.

b) In Rule 6, it will deny everything which are not being described in the above rules because only port no 80 and 25 are open rest are denied for other external source IPs. For the Finance Department IPs, all ports are open but for any other source IP other than finance department try to enter port other than 80 and 25 will be denied.

c) If it is a critical server or a production server, that time authentication is required. Only administrator has the full permission to make changes to that server. So, server level authentication is also required to provide access to a particular IP.

d) The firewall will check whether the traffic is coming from an internal server or an external source. It will allow to only port 80 if the packet is coming from any internal server otherwise it will deny all traffics.

e) If you see both rule 1 and rule 2, you will see destination IP address of the web server is specified in Rule 1. So, traffic can only access that particular webserver and that too at port 80, whereas in rule 2, there is no such restriction other than port number, so all the webserver can be accessible. Hence Rule 1 comes before Rule 2.

f) Rule 3 will be the best rule which can be applied to access the server with IP 60.3.4.67.

Related Questions

26. When a competitive firm triples the amount of output it sells, what is the r
Question #1161139
26. When a female jewel wasp encounters a cockroach, she stings and injects neur
Question #3438769
26. When we describe regular folding patterns seen backbone we are describing it
Question #697603
26. When you say that you \"like\" or \"dislike\" someone or something, you are
Question #354823
26. Which molecule is the acceptor of hydrogens released in the reaction of glyc
Question #192790
26. Which molecule is the acceptor of hydrogens released in the reaction of glyc
Question #563021
26. Which molecule is the acceptor of hydrogens released in the reaction of glyc
Question #1082909
26. Which muscle(s) innervated by the radial nerve can adduct the wrist? A exten
Question #3513764
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
26. ______ Which of the following are direct target tissues of PTH? A. Bone B. S
Next
26. a. In the context of a firm\'s product diffusion curve, when there is a chas

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.