Mile2_Security
ML0-320 · Question #163
ML0-320 Question #163: Real Exam Question with Answer & Explanation
Sign in or unlock ML0-320 to reveal the answer and full explanation for question #163. The question stem and answer options stay visible for context.
Question
One of your clients has been the victim of a brute force attack against their SSH server. They ask you what could be done to protect their Linux servers. You propose the use of IP Tables (the built in kernel firewall) to limit connection attempts to protect their servers. You agree with your client to limit connections to the SSH port to a maximum of only three trials per minutes consideirng there is only one administrator who has a valid need to connect remotely onto this port. If the threshold of three connectors is exceeded, the attacker will have to wait for another 60 seconds before it will resume allowing connections again. Which of the following IP Tables entry would meet your clients needs?
Options
- Aiptables-A INPUT -p tcp -dport 23 -m state -state NEW -m recent -update -second 60 -hitcount4 -
- Biptables-A INPUT -p tcp -dport 22 -m state -state NEW -m recent -update -second 60 -hit count3 -
- Ciptables-A INPUT -p tcp -dport 22 -m state -state NEW -m recent -update -second 60 -hitcount4 -
- Diptables-A OUTPUT -p tcp -dport 23 -m state -state NEW -m recent -update -second 60 -hitcount4
Unlock ML0-320 to see the answer
You've previewed enough free ML0-320 questions. Unlock ML0-320 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.