PRACTICE

Performance Based Question 02

Instructions: Read the Scenario below. Then implement the required security controls.

Scenario:

You are a network security engineer for a medium-sized business. The company is concerned about data transmission into and out of the corporate network. In particular, they are concerned that the perimeter firewall rules are overly permissive. You have been granted access to the firewall control panel and Access Control List (ACL). Inspect the current configuration and then answer questions below to make the appropriate recommendations.

Please carefully note the company has the following specific requirements for their upcoming PCI DSS audit:

  • RDP traffic should never be allowed.
  • SSH is generally allowed and encouraged as a remote administration method.
  • The company operates a public-facing web server and needs to permit HTTP and HTTPS traffic but only towards its webserver. The load balancer for the webserver cluster is hosted on internal IP address 10.1.2.80.
  • The company has concerns that some of its staff are operating FTP or SMB fileshares without permission (Shadow IT). Rules should be in place to handle this.
Firewall Status: ENABLED

EG|CERT Firewall Control Panel v2.0 - Configuration Settings

Timestamp: March 29, 2026, 15:04:36 UTC

Default Gateway: 10.1.17.43

MAC Address01:23:45:67:89:ab

Platform: amd-x64

Uptime: 146 Days 21 Hours 12 Minutes

CPU Type: 8x Intel(R) Xeon(R) CPU E5645 @ 2.40 GHz

DNS Server 1: 10.1.100.53
DNS Server 2: 10.1.100.54

Version 2.0.1b-RELEASE (x86-64) built on 02 February 2026 15:22:11 UTC

Version 2.1.3c-STABLE is available.

Administrator Password: [Click below to reveal]

Hashing Algorithm

EG|CERT ACCESS CONTROL LIST
PROTO SRC DST SRC PORT DST PORT ACTION
* * * * * ALLOW
TCP * * * 3389 ALLOW
TCP * 10.1.2.80 80 80 ALLOW
TCP * * 443 443 ALLOW
* * * 21 21 DENY
* * * 22 22 DENY
UDP * * 53 53 ALLOW

Question 1 of 7

What recommendation would you make with the Status Display?

Question 2 of 7

Which of the following is the best advice to the company's CISO regarding the configuration settings?

Question 3 of 7

Which two changes would you make regarding firewall authentication?

Question 4 of 7

What is the problem with the first rule at the top of the ACL?

Question 5 of 7

What configuration change would you make to resolve the first rule, if any?

Question 6 of 7

Some actions in the ACL need to be changed to fully match the company's requirements. Which set of changes below BEST meets all the company's requirements?

Question 7 of 7

There is a firewall rule missing. Which of the following best identifies the missing ACL rule that would fully meet all requirements?