A security administrator needs to configure a firewall to protect internal database servers. According to company policy, only employees connected to the corporate VPN, which uses the 10.200.0.0/16 IP range, should be able to access the servers. All other inbound traffic must be blocked. Which configuration BEST enforces this policy while adhering to the principle of least privilege?
Create a single inbound rule to deny all traffic destined for the database servers.
Create an outbound rule to allow traffic from the servers to the 10.200.0.0/16 destination.
Create an inbound rule to allow traffic from the 10.200.0.0/16 source and rely on an implicit deny for all other traffic.
Create a default 'allow all' inbound rule and add a second rule to deny traffic from the 10.200.0.0/16 source.
The correct approach is to create a specific 'allow' rule for the required traffic and then rely on the firewall's default 'implicit deny' rule to block all other traffic. This follows the principle of least privilege by only granting the minimum necessary access. An insecure 'allow all' policy creates unnecessary risk. Denying all traffic would block legitimate users, failing to meet business requirements. Creating an outbound rule does not address the requirement to protect the server from unauthorized inbound access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 10.200.0.0/16 represent in IP addressing?
Open an interactive chat with Bash
Why is 'Deny from all' considered a good security practice?
Open an interactive chat with Bash
What is the difference between an internal database server and a VPN network?