Which firewall rule would drop SSH traffic on the input chain?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the MTCNA Foundation Exam. Prepare with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your certification!

Multiple Choice

Which firewall rule would drop SSH traffic on the input chain?

Explanation:
Blocking SSH to the device hinges on targeting traffic that ends at the router itself. In MikroTik firewall terminology, the input chain handles packets destined for the router, the forward chain handles packets being routed through it, and the output chain handles packets generated by the router itself. A rule that drops TCP traffic on port 22 in the input chain directly blocks SSH attempts that are addressed to the router, which is exactly what you want. The rule you’re looking at uses chain=input, protocol=tcp, port=22, and action=drop. This matches SSH connections coming into the device and tells the firewall to drop them, effectively disabling SSH access to the router. Why the other options don’t fit: one would allow SSH to the device, not block it; another blocks SSH traffic that is merely being forwarded through the router (not traffic aimed at the router itself); and the last would drop SSH traffic originating from the router itself to a remote host, which is not about blocking access to the router.

Blocking SSH to the device hinges on targeting traffic that ends at the router itself. In MikroTik firewall terminology, the input chain handles packets destined for the router, the forward chain handles packets being routed through it, and the output chain handles packets generated by the router itself. A rule that drops TCP traffic on port 22 in the input chain directly blocks SSH attempts that are addressed to the router, which is exactly what you want.

The rule you’re looking at uses chain=input, protocol=tcp, port=22, and action=drop. This matches SSH connections coming into the device and tells the firewall to drop them, effectively disabling SSH access to the router.

Why the other options don’t fit: one would allow SSH to the device, not block it; another blocks SSH traffic that is merely being forwarded through the router (not traffic aimed at the router itself); and the last would drop SSH traffic originating from the router itself to a remote host, which is not about blocking access to the router.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy