Question 5) Cert-XK0-002 – CompCert: Linux+

Posted on
Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

Objective : Security
SubObjective : Given security requirements, implement basic IP tables/chains

Single Answer Multiple Choice

 

Which target option in the ‘iptables’ command will drop a data packet and send back an error message after receiving a matching data packet from the network?

 

 

  1. DROP
  2. DENY
  3. REJECT
  4. RETURN

 

 

 

Answer:
C. REJECT

Tutorial:
The REJECT target type for the ‘iptables’ command will drop the data packet and send back an error message after receiving a matching data packet from the network. The message is not sent if error messages have already been sent to the system in the past. The REJECT target type has the ‘–reject-with type‘ parameter, where the type variable is used to specify the type of message that should be sent back to the user.

The DROP target type drops the data packet. The DROP target, however, cannot send back an error message to the user.

There is no target named DENY in the ‘iptables’ command.

The RETURN target type cannot drop a data packet. While traversing a rules chain, if a RETURN target type is encountered, the control will be restored to the chain that invoked the rules chain.

The ‘iptables’ command is used to create and manage the system tables that contain rules for filtering IP packets. There are three independent tables supported by the Linux kernel: filter, nat, and mangle. Each table contains a set of chains that includes a sequence of rules for the packets traveling on the network. The filter table is the default table that contains the INPUT, OUTPUT, and the FORWARD chains. The nat table contains the PREROUTING, OUTPUT, and POSTROUTING chains. The mangle table keeps the PREROUTING, OUTPUT, INPUT, FORWARD, and POSTROUTING chains.

 

Reference:
Linux Command Directory, iptables, http://www.linuxdevcenter.com/linux/cmd/cmd.csp?path=i/iptables

 

These questions are derived from the Transcender Practice Test for the CompTIA Linux+ certification exam.

Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
cmadmin

ABOUT THE AUTHOR

Posted in Archive|

Comment: