XK0-005 · Question #1085
XK0-005 Question #1085: Real Exam Question with Answer & Explanation
The correct answer is A: iptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -. To allow external access to a GitLab server, the firewall must permit inbound TCP traffic on ports 80 (HTTP) and 443 (HTTPS). The iptables rule should accept new and established connections on these destination ports to enable web access.
Question
A Linux administrator built a GitLab server. Later that day, a software engineer tried to access the server to upload the repository during the final step of installation. The software engineer could not access the website. Which of the following firewall rules would allow access to this site?
Options
- Aiptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -
- Biptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -
- Ciptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -
- Diptables -A INPUT -p tcp -m multiport --dports 80,443 -m conntrack -
Explanation
To allow external access to a GitLab server, the firewall must permit inbound TCP traffic on ports 80 (HTTP) and 443 (HTTPS). The iptables rule should accept new and established connections on these destination ports to enable web access.
Common mistakes.
- B. This choice is incomplete, as it ends abruptly after -m conntrack -, making it a syntactically invalid iptables command.
- C. This choice is incomplete, as it ends abruptly after -m conntrack -, making it a syntactically invalid iptables command.
- D. This choice is incomplete, as it ends abruptly after -m conntrack -, making it a syntactically invalid iptables command.
Concept tested. Firewall configuration for web services
Reference. https://manpages.ubuntu.com/manpages/jammy/man8/iptables.8.html
Topics
Community Discussion
No community discussion yet for this question.