CompTIA Network+ (N10-009) — Question 332

A server administrator deploys a new web server with an IP address of 192.168.16.100. The security policy dictates that all non-secure connection methods should be blocked. Which of the following security rules will satisfy the request without prohibiting other traffic?

Answer options

• A. Deny any 192.168.16.0 255.255.255.0 80
• B. Deny 192.168.16.100 255.255.255.255 any
• C. Deny any 192.168.16.100 255.255.255.255 80
• D. Permit any 192.168.16.100 255.255.255.255 80
• E. Permit 192.168.16.100 255.255.255.255 any

Correct answer: C

Explanation

The correct answer is C because it specifically denies HTTP traffic (port 80) to the web server IP address without blocking other types of traffic, thus adhering to the security policy. Options A and B either deny too much traffic or do not specifically target the insecure connections. Option D permits HTTP traffic, which contradicts the requirement to block insecure methods, and option E allows all types of connections, failing to enforce the security policy.