FinalExam Flashcards
The Structure of iptables is: Tables -> Chains
->Policies -> Rules.
False
Which of the following sets the default policy for the INPUT chain as silently discarding the incoming packets
iptables -P INPUT DROP
Which of the following iptables commands flushes all rules in the OUTPUT chain only
iptables -F OUTPUT
Which of the following commands append a rule that blocks outgoing traffic to facebook.com on TCP port 443 from the subnet of 10.11.22.33/24
iptables -A OUTPUT -p tcp –dport https -d facebook.com -s 10.11.22.33/24 -j DROP
iptables -A OUTPUT -s 10.11.22.33/24 -d facebook.com -p tcp –dport 443 -j DROP
Which of the following commands append a rule that allow traffic to TCP ports from 10 to 20 from any source IP addresses.
iptables -A INPUT -p tcp -m multiport –dports 10:20 -j ACCEPT
Both “iptables -L -n OUTPUT” and “iptables-save” show the current iptables rules, while the latter shows the commands that were used to configure the rules
False
Which of the following deletes the third rule in the INPUT chain
iptables -D INPUT 3
Which of the following allows incoming SSH traffic from the subnet of 16.17.18.0./8 whose connection status are new or established
iptables -A INPUT -p tcp -s 16.17.18.0/8 –dport 22 -m conntrack –ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -s 16.17.18.0/8 -p tcp –dport ssh -m state –ctstates ESTABLISHED,NEW -j ACCEPT
Which of the following is NOT a characteristic of a Bastion host?
cannnot be a virtual machine
SSH’s dynamic port forwarding feature(the -D option when issuing ssh command) can create a SOCKS proxy
true
Given the following iptables rule:
iptables -A INPUT -p tcp –syn -m limit –limit 1/s –limit-burst 3 -j drop
Any syn traffic exceeding 3 packets with in a second will be dropped.
False
The following is legitimate iptables command:
iptables -A INPUT -s 192.168.1.0/24 -p udp –syn –dport http -j DROP
False
The followings 3 rules are designed for blocking ICMP (ping) flooding attacks.
iptables -F
iptables -A INPUT -p icmp -m limit –limit 1/min –limit-burst 3 -j ACCEPT
iptables -A INPUT -p icmp -j DROP
If “iptables -A INPUT -p icmp -j DROP” (i.e., the third rule) is replaced by “iptables -P INPUT DROP’’, it could achieve the same effects.
True
Which of the following commands can be used to save current rules in the memory?
iptables-save
Which of the following is a common feature of a device placed in a DMZ?
It has limited connectivity to the internal network, but can be accessed from the Internet.
Which of the following files contains the mount (e.g., folders) and their access information of NFS?
/etc/exports
Which of the following commands can restart the NFS service?
systemctl restart nfs-server
Which of the following can show the folders currently shared by NFS?
exportfs -v
showmount -e
Which of the following commands reload NFS configurations?
exportfs -arv
If a file has the suid flag set, it should NOT be allowed to run on a NFS shared folder by default
TRUE
There is no difference between /home bob.example.com(rw) and /home bob.example.com (rw) in /etc/exports. Note that there is a space between bob.examples.com and (rw) in the latter one.
False
The automatic mount/ unmount feature of a NFS folder needs to be set on the server side using the autofs utility.
FALSE
On a NFS server, how would you allow readonly access to /opt for any host in the 192.169.100.0/24 subnet, and read-write access from any hosts in tcu.edu?(choose all that apply)
/opt 192.168.100.0/24(ro)
/opt *.tcu.edu(rw)
/opt 192.168.100.0/24(ro) *.tcu.edu(rw)
What configuration file do you edit to add NFS entries to be mounted on an NFS client machine on boot?
/etc/fstab