CompTIA Network+ (N10-006) — Question 84

A network technician wants to allow HTTP traffic through a stateless firewall. The company uses the 192.168.0.0/24 network.
Which of the following ACL should the technician configure? (Select TWO)

Answer options

• A. PERMIT SRCIP 192.168.0.0/24 SPORT:80 DSTIP:192.168.0.0/24 DPORT:80
• B. PERMIT SRCIP 192.168.0.0/24 SPORT:ANY DSTIP:ANY DPORT 80
• C. PERMIT SRCIP:ANY SPORT:80 DSTIP:192.168.0.0/24 DPORT ANY
• D. PERMIT SRCIP: ANYSPORT:80 DSTIP:192.168.0.0/24 DPORT:80
• E. PERMIT SRCIP:192.168.0.0/24 SPORT:80 DSTIP:ANY DPORT:80

Correct answer: B

Explanation

Option B is correct because it allows any source IP from the 192.168.0.0/24 network to reach any destination IP on port 80, which is necessary for HTTP traffic. The other options either restrict the source or destination IPs too much or do not properly define the traffic flow needed for HTTP, thus making them unsuitable for this requirement.