nerdexam
CompTIA

SY0-301 · Question #510

Users report that they are unable to access network printing services. The security technician checks the router access list and sees that web, email, and secure shell are allowed. Which of the follow

The correct answer is D. Implicit deny. Router and firewall ACLs operate on an implicit deny principle: any traffic not explicitly permitted by a rule is automatically denied. The ACL shown explicitly allows web (HTTP/HTTPS), email (SMTP/POP3/IMAP), and SSH traffic, but network printing protocols (such as port 9100 for

Security architecture

Question

Users report that they are unable to access network printing services. The security technician checks the router access list and sees that web, email, and secure shell are allowed. Which of the following is blocking network printing?

Options

  • APort security
  • BFlood guards
  • CLoop protection
  • DImplicit deny

How the community answered

(22 responses)
  • A
    5% (1)
  • D
    95% (21)

Explanation

Router and firewall ACLs operate on an implicit deny principle: any traffic not explicitly permitted by a rule is automatically denied. The ACL shown explicitly allows web (HTTP/HTTPS), email (SMTP/POP3/IMAP), and SSH traffic, but network printing protocols (such as port 9100 for raw printing or port 515 for LPD) are not listed. Because there is no explicit 'permit' rule for printing traffic, the implicit deny at the end of the ACL silently drops those packets. Port security (A) operates at Layer 2 on switches. Flood guards (B) protect against MAC flooding. Loop protection (C) prevents switching loops - none target printing traffic specifically.

Topics

#implicit deny#ACL#firewall rules#network printing

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice