XK0-005 · Question #713
XK0-005 Question #713: Real Exam Question with Answer & Explanation
The correct answer is B: -m recent. To implement a stateful firewall using iptables, you need to keep track of the state of connections. Stateful rules allow iptables to determine whether a packet is part of an established, new, or related connection. The two key options to accomplish this are: The -m recent option
Question
A Linux administrator is implementing a stateful firewall on the Linux server. Which of the following iptables options will be required to build the stateful rules? (Choose two.)
Options
- A--name established
- B-m recent
- C-m conntrack
- D--state
- E--remove
- F-j DROP
Explanation
To implement a stateful firewall using iptables, you need to keep track of the state of connections. Stateful rules allow iptables to determine whether a packet is part of an established, new, or related connection. The two key options to accomplish this are: The -m recent option allows iptables to track recent connections, helping to implement rate limiting or to manage recent activity states for a stateful firewall. 2. -m conntrack: The -m conntrack option allows the use of connection tracking, which is essential for building stateful rules. With -m conntrack, you can use connection states like ESTABLISHED, RELATED, or NEW to manage traffic more intelligently, ensuring that only allowed packets are
Topics
Community Discussion
No community discussion yet for this question.