CompTIA Security+ (SY0-601) — Question 214

A cybersecurity administrator is using iptables as an enterprise firewall. The administrator created some rules, but the network now seems to be unresponsive. All connections are being dropped by the firewall. Which of the following would be the BEST option to remove the rules?

Answer options

• A. # iptables -t mangle -X
• B. # iptables -F
• C. # iptables -Z
• D. # iptables -P INPUT -j DROP

Correct answer: B

Explanation

The correct command is # iptables -F, which flushes all the rules in the specified table, effectively removing them. The other options do not achieve this: # iptables -t mangle -X deletes a user-defined chain, # iptables -Z zeroes the packet and byte counters, and # iptables -P INPUT -j DROP sets the default policy to drop, which would worsen the connectivity issue.