Jim’s organization has just completed a major Linux roll out and now all of the organization’s
systems are running the Linux 2.5 kernel. The roll out expenses has posed constraints on
purchasing other essential security equipment and software. The organization requires an option
to control network traffic and also perform stateful inspection of traffic going into and out of the
DMZ.
Which built-in functionality of Linux can achieve this?
A.
IP Tables
B.
IP Chains
C.
IP Sniffer
D.
IP ICMP
Explanation:
iptables is a user space application program that allows a system administrator to
configure the netfilter tables,chains,and rules (described above). Because iptables
requireselevated privileges to operate,it must be executed by user root,otherwise it fails to
function. On most Linux systems,iptables is installed as /sbin/iptables. IP Tables performs stateful
inspection while the older IP Chains only performs stateless inspection.