Certified SOC Analyst (CSA) — Question 8

Which of the following command is used to enable logging in iptables?

Answer options

• A. $ iptables -B INPUT -j LOG
• B. $ iptables -A OUTPUT -j LOG
• C. $ iptables -A INPUT -j LOG
• D. $ iptables -B OUTPUT -j LOG

Correct answer: C

Explanation

The correct command to enable logging for incoming packets is '$ iptables -A INPUT -j LOG', which appends a rule to the INPUT chain. The other options either attempt to log outgoing packets or use the wrong flag ('-B' instead of '-A'), which does not serve to append a logging rule.