When allowing internal clients to browse external web sites, an administrator creates an outbound rule on a stateful firewall permitting TCP traffic to destination port 80. Which of the following best describes what must be configured to allow the return traffic from the web servers?
No additional inbound rule is required; the firewall tracks the session and automatically allows the return traffic.
Open an inbound rule for the client's ephemeral port range to permit the returning packets.
An inbound rule is only required if the connection uses UDP instead of TCP.
Create a matching inbound rule on TCP port 80 so that responses from the web server are permitted.
Stateful firewalls maintain a state table for every connection. After the outbound SYN packet is permitted, the firewall records the session and automatically allows packets that match the connection parameters (source IP = server, destination IP = client, source port = 80, destination port = ephemeral). Therefore, no additional inbound rule is needed. Creating separate inbound rules on port 80 or on the client's ephemeral port range is unnecessary, and UDP behavior is irrelevant because HTTP uses TCP.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a stateful firewall?
Open an interactive chat with Bash
What are ephemeral ports, and how are they used in this context?