N10-007: CompTIA Network+ Exam ACL Configuration | Web Browsing Ports | Default Gateway Router

Configurations for ACL on Default Gateway Router to Allow Web Browsing Ports

Prev Question Next Question

Question

While testing an ACL on the default gateway router to allow only web browsing, ports TCP 80 and TCP 443 were the only ports open.

When tested, no websites were accessible via their URLs inside the network.

Which of the following configurations should be added to the ACL?

A.

permit tcp any any eq 20 B.

permit udp any any eq 25 C.

permit udp any any eq 53 D.

permit udp any any eq 68 E.

permit tcp any any eq 110 F.

permit tcp any any eq 8080

C.

Explanations

While testing an ACL on the default gateway router to allow only web browsing, ports TCP 80 and TCP 443 were the only ports open.

When tested, no websites were accessible via their URLs inside the network.

Which of the following configurations should be added to the ACL?

A.

permit tcp any any eq 20

B.

permit udp any any eq 25

C.

permit udp any any eq 53

D.

permit udp any any eq 68

E.

permit tcp any any eq 110

F.

permit tcp any any eq 8080

C.

The scenario described in the question involves a network where an access control list (ACL) has been configured on the default gateway router to allow only web browsing through ports TCP 80 and TCP 443. However, when tested, websites were not accessible via their URLs inside the network. This suggests that some necessary traffic is being blocked by the ACL.

To resolve this issue, we need to identify the type of traffic that is being blocked and add the necessary configuration to the ACL to allow it.

Looking at the options provided, we can eliminate choices A, B, D, E, and F because they refer to protocols and ports that are not relevant to web browsing.

The only option that remains is C, which allows UDP traffic on port 53. This port is used for DNS (Domain Name System) resolution, which is essential for web browsing. When a user enters a website's URL into a browser, the browser first sends a DNS query to resolve the website's IP address. If DNS traffic is blocked by the ACL, the user will not be able to access websites via their URLs.

Therefore, the correct answer is C, and we should add the following configuration to the ACL: permit udp any any eq 53

This will allow DNS traffic and ensure that websites can be accessed via their URLs.