A network administrator is configuring firewall rules to lock down the network from outside attacks. Which of the following should the administrator configure to create the most strict set of rules?
Comprehensive and Detailed Explanation From Exact Extract:
An Allow List (also known as Whitelisting) is the most restrictive firewall rule approach. It blocks all traffic by default and only permits explicitly defined trusted IPs, URLs, or applications. This minimizes the attack surface and ensures that only known, safe traffic is allowed into the network.
Relevant Extract from CompTIA CloudNetX CNX-001 Study Guide — under “Firewall and Security Rule Configuration”:
“Whitelisting or Allow Listing enforces a default-deny security posture by permitting only specified trusted sources. This approach offers the highest level of control and reduces exposure to unknown threats.”
Other options:
A. URL filtering restricts content access but is not as strict as allow lists.
B. File blocking targets malicious payloads but doesn’t limit traffic sources.
C. Network Security Groups (NSGs) are effective but broader in scope; they use allow/deny rules but may not be as tightly controlled as explicit allow lists.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit