LPIC-2 Exam 202 (Linux Engineer) — Question 11

Using its standard configuration, how does fail2ban block offending SSH clients?

Answer options

• A. By rejecting connections due to its role as a proxy in front of SSHD.
• B. By modifying and adjusting the SSHD configuration.
• C. By creating and maintaining netfilter rules.
• D. By creating null routes that drop any answer packets sent to the client.
• E. By modifying and adjusting the TCP Wrapper configuration for SSHD.

Correct answer: C

Explanation

The correct answer is C because fail2ban creates and manages netfilter rules to block IP addresses that show malicious behavior. Options A, B, D, and E are incorrect as fail2ban does not function as a proxy, does not modify SSHD or TCP Wrapper configurations directly, and does not utilize null routes for blocking clients.