CompTIA Network+ (N10-007) — Question 551

A company is implementing a new firewall. The firewall is configured to allow only TCP ports 80 and 443 to exit the network and allow the same traffic back into the network using inbound stateful packet filtering. Users are not able to access URLs of common websites they visit. Which of the following is the MOST likely cause of the issue?

Answer options

• A. Stateful packet filtering only allows connections that originate outside the network to enter.
• B. Web browsing uses UDP and not TCP ports 80 and 443.
• C. The firewall does not allow UDP port 53 to enter and exit the network.
• D. TCP 80 and 443 should be allowed inbound and stateful inspection should be allowed outbound.

Correct answer: C

Explanation

The correct answer is C because DNS queries, which typically use UDP port 53, are necessary for resolving domain names to IP addresses. Without allowing this port, users cannot access websites since their requests cannot be translated from URLs to IP addresses. The other options are incorrect as they misrepresent the function of stateful packet filtering and the protocols used for web browsing.