Mile2_Security
MK0-201 · Question #247
MK0-201 Question #247: Real Exam Question with Answer & Explanation
Sign in or unlock MK0-201 to reveal the answer and full explanation for question #247. The question stem and answer options stay visible for context.
Question
One of your clients has been the victim of a brute force attack against their SSH server. They ask you what could be done to protect their Linux servers. You propose the use of IPTables (the built in kernel firewall) to limit connection attempts to protect their servers. You agree with your client to limit connections to the SSH port to a maximum of only three trials per minutes considering there is only one administrator who has a valid need to connect remotely onto this port. If the threshold of three connections is exceeded, the attacker will have to wait for another 60 seconds before it will resume allowing connections again. Which of the following IPTables entry would meet your clients needs?
Options
- Aiptables -A INPUT -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 60 --
- Biptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --
- Ciptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --
- Diptables -A OUTPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --
Unlock MK0-201 to see the answer
You've previewed enough free MK0-201 questions. Unlock MK0-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.