Free Cisco 200-901 Actual Exam Questions - Question 9 Discussion

Not A, because ICMP is mainly for ping and error messages, not time sync. Since NTP uses UDP port 123, C is the right pick to let those packets through the firewall.

D imo, the key here is knowing NTP uses UDP, not TCP. So option C fits best. ICMP and BGP don’t deal with time synchronization, so those can be ruled out easily. The main takeaway is that NTP traffic runs over UDP port 123, which needs to be allowed through the firewall for it to work properly.

C imo. NTP relies on UDP because it’s lightweight and doesn’t need the overhead of TCP connections. ICMP is for diagnostic messages, BGP is for routing, so they’re unrelated here. Since the question just asks for the protocol, not a port, UDP fits perfectly as the one to allow.

C/D? TCP is connection-oriented, but NTP usually doesn’t need that. UDP fits better since NTP uses it for time sync packets. TCP would just slow things down unnecessarily.

Option C mentions UDP, and I know NTP typically uses UDP on port 123. But the question doesn't specify if it's inbound or outbound traffic or if there's any specific port mentioned. Should we assume the standard port 123? Also, would allowing all UDP be too broad for just NTP? Would be good to clarify.