CompTIA Linux+ (XK0-004) — Question 305

A technician wants to implement a firewall ACL to block external access to the company's SSH server.
Which of the following should the technician implement to configure the firewall so it will inform the source of the action taken by the ACL?

Answer options

• A. Use the LOG option
• B. Use the REJECT option
• C. Use the CONNTRACK option
• D. Use the DROP option

Correct answer: B

Explanation

The REJECT option is correct because it actively informs the source that the connection has been denied, allowing for a clear communication of the ACL's action. In contrast, the LOG option merely records the event without notifying the source, while the DROP option silently discards packets without any feedback. The CONNTRACK option is not relevant to informing the source about blocked access.