A SOHO firewall evaluates IPv4 access control lists from top to bottom, stopping at the first match. You need to let only the consultant's static address (198.51.100.55) open an RDP session (TCP port 3389) to an internal server at 10.1.1.30. All other inbound RDP requests must be blocked. Which ACL line should you add just above the implicit deny?
ACLs are read sequentially, and evaluation stops as soon as a packet matches a rule. Because an implicit "deny any" sits at the end of every ACL, you only need a single explicit permit for the consultant's IP. By inserting "permit tcp host 198.51.100.55 host 10.1.1.30 eq 3389" at the top (or immediately before the implicit deny), traffic from that lone address to TCP port 3389 is allowed. All other RDP attempts fail when they hit the implicit deny. The other options either open the port to everyone, block the consultant, or use the wrong protocol (UDP), so they do not meet the requirement.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.