CompTIACompTIA
XK0-005 · Question #394
XK0-005 Question #394: Real Exam Question with Answer & Explanation
The correct answer is A: DenyHouse. Despite proper ACLs and PAT, a Unix gateway firewall is not passing traffic, indicating a fundamental block in network packet flow.
Troubleshooting
Question
A technician wants to configure a Unix server as a gateway firewall. The technician has implemented the proper ACLs and port address translation policies, but network traffic is not passing from the LAN to the WAN. Which of the following should the technician configure to for this issue?
Options
- ADenyHouse
- BSquid-service
- CIp_forward
- D/etc/service
Explanation
Despite proper ACLs and PAT, a Unix gateway firewall is not passing traffic, indicating a fundamental block in network packet flow.
Common mistakes.
- B. Squid is a proxy server and would not address fundamental packet forwarding issues at the network layer.
- C.
Ip_forward(packet forwarding) is a common requirement for a gateway, but if 'DenyHouse' is the answer, thenIp_forwardis presumably already enabled or not the primary issue. - D.
/etc/servicesmaps port numbers to service names and is unrelated to enabling packet forwarding for a firewall.
Concept tested. Firewall packet forwarding mechanism
Topics
#firewall#network troubleshooting#gateway#network security
Community Discussion
No community discussion yet for this question.