CompTIA Network+ (N10-007) — Question 178

While testing an ACL on the default gateway router to allow only web browsing, ports TCP 80 and TCP 443 were the only ports open. When tested, no websites were accessible via their URLs inside the network. Which of the following configurations should be added to the ACL?

Answer options

• A. permit tcp any any eq 20
• B. permit udp any any eq 25
• C. permit udp any any eq 53
• D. permit udp any any eq 68
• E. permit tcp any any eq 110
• F. permit tcp any any eq 8080

Correct answer: C

Explanation

The correct answer is C because DNS uses UDP port 53 for name resolution, which is necessary for converting domain names into IP addresses. Without this permission, users cannot access websites using URLs as the DNS queries will be blocked. The other options are not relevant for web browsing; for example, port 20 is used for FTP data transfer, port 25 for SMTP mail transfer, and ports 110 and 8080 are not essential for web browsing functionality.