Comptia Security Plus Mock Test Q36

Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor?

A. Allow incoming IPSec traffic into the vendor’s IP address.
B. Set up a VPN account for the vendor, allowing access to the remote site.
C. Turn off the firewall while the vendor is in the office, allowing access to the remote site.
D. Write a firewall rule to allow the vendor to have access to the remote site.

Correct Answer: D
Section: Network Security

Explanation:
Firewall rules are used to define what traffic is able pass between the firewall and the internal network. Firewall rules block the connection, allow the connection, or allow the connection only if it is secured. Firewall rules can be applied to inbound traffic or outbound traffic and any type of network.

Incorrect Answers:
A: Doing this will not allow the vendor access to the network. It will only allow the vendor to receive IPSec encrypted messages.

B: This will allow the vendor to access the remote site from anywhere.

C: turning off the firewall will remove all rules configured, making the network vulnerable.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 96, 103, 157