CompTIA Security+ (SY0-501) — Question 33

A Chief Security Officer (CSO) has been unsuccessful in attempts to access the website for a potential partner (www.example.net).
Which of the following rules is preventing the CSO from accessing the site?
Blocked sites: *.nonews.com, *.rumorhasit.net, *.mars?

Answer options

• A. Rule 1: deny from inside to outside source any destination any service smtp
• B. Rule 2: deny from inside to outside source any destination any service ping
• C. Rule 3: deny from inside to outside source any destination {blocked sites} service http-https
• D. Rule 4: deny from any to any source any destination any service any

Correct answer: C

Explanation

The correct answer is C, as it specifically denies HTTP and HTTPS services to blocked sites, which include the site the CSO is trying to access. The other rules either pertain to different services (SMTP and ping) or have a broader application that doesn't specifically target the site in question.