Question

Geoff wants to stop all traffic from reaching or leaving a Linux system with an iptables firewall. Which of the following commands is not one of the three iptables commands needed to perform this action?

A. #iptables-policy INPUT DROP
B. #iptables-policy SERVICE DROP
C. #iptables-policy OUTPUT DROP
D. #iptables-policy FORWARD DROP

Answer 1

The correct command that is not one of the three iptables commands needed to stop all traffic from reaching or leaving a Linux system with an iptables firewall is #iptables-policy SERVICE DROP.

Correct option is B. #iptables-policy SERVICE DROP

Step-by-step explanation:

The correct command that is not one of the three iptables commands needed to stop all traffic from reaching or leaving a Linux system with an iptables firewall is #iptables-policy SERVICE DROP.The command " #iptables-policy SERVICE DROP" is not a valid iptables command. In iptables, the correct syntax for setting the default policy is "iptables -P," not "iptables-policy."

These commands respectively set the default policies for the INPUT, OUTPUT, and FORWARD chains to DROP, effectively blocking all incoming, outgoing, and forwarded traffic. The incorrect option, " #iptables-policy SERVICE DROP," does not follow the proper syntax and semantics of iptables commands, making it an invalid choice for configuring default policies in the firewall rules.