ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam
Go to Exam

Exam SY0-701 topic 1 question 21 discussion

Actual exam question from CompTIA's SY0-701
Question #: 21
Topic #: 1
[All SY0-701 Questions]

During a security incident, the security operations team identified sustained network traffic from a malicious IP address: 10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization’s network. Which of the following fulfills this request?

  • A. access-list inbound deny ip source 0.0.0.0/0 destination 10.1.4.9/32
  • B. access-list inbound deny ip source 10.1.4.9/32 destination 0.0.0.0/0
  • C. access-list inbound permit ip source 10.1.4.9/32 destination 0.0.0.0/0
  • D. access-list inbound permit ip source 0.0.0.0/0 destination 10.1.4.9/32
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Mehsotopes at May 8, 2024, 6:28 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
dbrowndiver
Highly Voted 8 months, 2 weeks ago
Selected Answer: B
Source: 10.1.4.9/32 specifies the exact malicious IP address to block. Destination: 0.0.0.0/0 indicates all possible destinations within the network. Action: deny specifies that traffic from this source IP should be blocked. • Scenario Application: Blocking Malicious IP: This rule effectively blocks any incoming traffic from the IP address 10.1.4.9 from accessing any part of the network. Inbound Rule: As an inbound rule, it prevents traffic from the specified IP from entering the network, which aligns with the requirement to block the malicious IP. This rule directly addresses the need to block the specified IP address, fulfilling the requirement by denying access to all destinations, effectively preventing any communication from the malicious IP.
upvoted 5 times
...
PukaSudu
Most Recent 10 months, 3 weeks ago
Selected Answer: B
B. access-list inbound deny ip source 10.1.4.9/32
upvoted 1 times
...
SHADTECH123
11 months ago
Selected Answer: B
B. access-list inbound deny ip source 10.1.4.9/32 destination 0.0.0.0/0 Explanation: This rule specifically denies all inbound traffic from the malicious IP address 10.1.4.9 to any destination within the network. This is the correct way to block the malicious IP address.
upvoted 3 times
...
shady23
11 months, 1 week ago
Selected Answer: B
B. access-list inbound deny ip source 10.1.4.9/32 destination 0.0.0.0/0
upvoted 1 times
...
Mehsotopes
11 months, 1 week ago
Selected Answer: B
/32 would cover all possible subnets, & their communicating devices within the IP range, & destination 0.0.0.0/0 would cover the gateway surface of your network.
upvoted 2 times
rjbb
11 months, 1 week ago
A correction to this, /32 would block only this IP address. but B is still the correct answer.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago