CompTIA Linux+ (XK0-004) — Question 287

An administrator is attempting to block SSH connections to 192.168.10.24 using the Linux firewall. After implementing a rule, a connection refused error is displayed when attempting to SSH to 192.168.10.24.
Which of the following rules was MOST likely implemented?

Answer options

• A. iptables ג€"A ג€"p tcp ג€"d 192.168.10.24 ג€"-dport 22 ג€"j REJECT
• B. iptables ג€"A ג€"p tcp ג€"d 192.168.10.24 ג€"-dport 22 ג€"j DROP
• C. iptables ג€"A ג€"p tcp ג€"d 192.168.10.24 ג€"-dport 22 ג€"j FORWARD
• D. iptables ג€"A ג€"p tcp ג€"d 192.168.10.24 ג€"-dport 22 ג€"j REFUSE

Correct answer: A

Explanation

The correct answer is A because the REJECT target not only denies the connection but also sends back an error message, which explains the 'connection refused' error. Option B uses DROP, which silently drops the packets without sending an error, while option C with FORWARD is incorrect as it doesn't block the SSH connection directly. Option D is invalid because REFUSE is not a valid iptables target.