Consider the follow firewall policy defined below.

ID protocol source IP destination IP decision

$1$ udp $10\mathrm{.}1\mathrm{.}1.*10\mathrm{.}3\mathrm{.}78\mathrm{.}204$ deny

$2$ udp $172\mathrm{.}10\mathrm{.}23.*192\mathrm{.}168\mathrm{.}1\mathrm{.}24$ accept

$3$ tcp $10\mathrm{.}1\mathrm{.}2.*10\mathrm{.}3\mathrm{.}78.*$ deny

$4$ tcp $172\mathrm{.}16\mathrm{.}1.**.*.*.*$ deny

$5$ tcp $10\mathrm{.}1\mathrm{.}2\mathrm{.}310\mathrm{.}3\mathrm{.}78.*$ accept

$6$ udp $172\mathrm{.}10\mathrm{.}23\mathrm{.}48192\mathrm{.}168.*.*$ deny

$7$ udp $10\mathrm{.}1.*.**.*.*.*$ accept

$8$ tcp $172\mathrm{.}16\mathrm{.}1.*10\mathrm{.}3\mathrm{.}78\mathrm{.}201$ deny

a$)$ What is the decision returned by this policy for a tcp packet coming from the IP source $10\mathrm{.}1\mathrm{.}2\mathrm{.}3$ going to the address $10\mathrm{.}3\mathrm{.}78\mathrm{.}204?$ Which rule did you use to get this decision?

$[2$ Marks$]$

b$)$ Identify in this table an example of shadowing. $[2$ Marks$]$

c$)$ Identify in this table an example of correlation. $[2$ Marks$]$

d$)$ Identify in this table an example of generalisation. $[2$ Marks$]$

e$)$ Identify in this table an example of redundancy. $[2$ Marks$]$