Chapter 31 Rothwell Firewalls Exam Prep - Answer Key + Test Bank | Linux Essentials 1e Rothwell by William Rothwell. DOCX document preview.
Linux Essentials for Cybersecurity (Rothwell/Kinsey)
Chapter 31 Firewalls
1) Which of the following is a network appliance that is designed to either allow or block network traffic?
A) Firewall
B) Network server
C) Router
D) Chain
2) To create firewall rules on a Linux system, you can use the __________ command.
A) chain
B) systemctl
C) iptables
D) None of the above
3) The iptables command allows you to create firewall rules that provide which of the following functions?
A) Perform NAT operations
B) Block network packets
C) Forward network packets to another system
D) All of the above
4) Packets that are routed to another network first must pass through a set of firewall rules on the __________ filtering point.
A) INPUT
B) FORWARD
C) PREROUTING
D) POSTROUTING
5) After the FORWARD filtering point, packets are sent to the __________ filtering point.
A) POSTROUTING
B) OUTPUT
C) PREROUTING
D) INPUT
6) Which of the following is a set of firewall rules that determines what actions to take on a specific packet?
A) port
B) chain
C) target
D) policy
7) Which of the following actions (called targets) allows a packet to continue to the next step, such as a filtering point or routing decision?
A) DROP
B) REJECT
C) LOG
D) ACCEPT
8) Which of the following actions (called targets) does not allow a packet to continue to the next step, but sends a response message to the origin of the packet informing it of the rejection?
A) DROP
B) REJECT
C) LOG
D) ACCEPT
9) To configure a system to either allow or block incoming packets, you place firewall rules on the __________ filter chain.
A) OUTPUT
B) PREROUTING
C) INPUT
D) FORWARD
10) How many firewall services should be active on a segment of the system at one time?
A) 1
B) 2
C) 3
D) 4
11) Which of the following options for the iptables command removes all firewall rules in a chain?
A) -F
B) -D
C) -A
D) -L
12) Which of the following options for the iptables command will place a new firewall rule at the end of the chain?
A) -F
B) -D
C) -A
D) -L
13) Which of the following files displays a list of protocols that can be used in conjunction with the -p option for the iptables command?
A) /etc/passwd
B) /etc/services
C) /etc/sysconf.conf
D) /etc/protocols
14) Which of the following options is required for iptables to make use of an extension module, an optional add-on feature for iptables?
A) -L
B) -m
C) -c
D) -N
15) You can combine multiple criteria to create a more complex firewall __________.
A) rule
B) IP address
C) protocol
D) interface
16) In a situation where an interface is assigned multiple IP addresses, use the __________ option to indicate the firewall rule applies to a destination address.
A) -a
B) -d
C) -A
D) -F
17) You can save firewall rules into a file by using the __________ command.
A) iptables-services
B) iptables-rules
C) iptables-restore
D) iptables-save
18) If you are going to disallow access to a remote system, it might be considered more “user friendly” to use the __________ target rather than the DROP target.
A) FORWARD
B) OUTPUT
C) REJECT
D) INPUT
19) Which of the following is a form of NAT that is used when you have an internal network with statically assigned private IP addresses?
A) MASQUERADE
B) SNAT
C) DNAT
D) DHCP
20) Which of the following is a form of NAT that is used when you have an internal network with dynamically assigned private IP addresses?
A) MASQUERADE
B) SNAT
C) DNAT
D) DHCP
Document Information
Connected Book
Answer Key + Test Bank | Linux Essentials 1e Rothwell
By William Rothwell