Q: Do you require the http authentication to be set up for a remote server somewhere?
A: No, keep all your configuration on R3.
Q: For the virus, I have not been told if it is using TCP or UDP?
A: Correct, the decision is yours.
Q: Can I just use the log feature within my ACL?
A: You need to provide details at both Layer 2 and Layer 3.
Q: Do you require the http authentication to be set up for a remote server somewhere?
A: No, keep all your configuration on R3.
Q: Do you require that the ICMP message be blocked by the same ACL?
A: No, this would not stop R2 from sending it but stop other devices from receiving it.