You are configuring a new Solaris 10 OS system to act as a firewall between the hme0 and ce1 interfaces. What must you do in addition to using the Solaris IP Filter configuration?

You are configuring Solaris IP Filter on your Solaris 10 OS system so that it
logs all packets that are blocked to the /var/adm/ipf.blocked file. Syslog and IP Filter are already running
on the system. Which three commands must you use to enable logging? (Choose three.)

Much information can be found in log records of the Solaris IP Filter firewall. When using state, the output of the ipmon -o I command is:

15:34:33.803147 ppp0 @0:2 b 100.100.100.103,443 -> 20.20.20.10,4923 PR tcp len 20 1488 -A

Which statement accurately describes the third field, @0:2?

A system administrator is implementing Solaris IP Filter for the first time.

Solaris IP Filter is enabled and an initial set of filtering rules in /etc/ipf/ipf.conf is applied.

Unexpectedly, the rules, as implemented, are preventing users from accessing the system. The administrator wants to quickly restore user access to the system while troubleshooting incorrect rule processing in the configuration file.

Which two commands should the administrator use? (Choose two.)

The Solaris IP Filter firewall includes the ability to log its actions. The logging device of Solaris IP Filter is /dev/ipl. The log keyword ensures that packets are available to the logging device. To configure a rule match to be logged, the log keyword must be used. Which rule match is logged by the Solaris IP Filter firewall?

Investigating the output of ipfstat -in on a system running Solaris IP Filter, which is the sequence of rules matched for an inbound telnet connection from system 192.168.1.55?

1 block in all
2 pass in from 192.168.1.0/24 to any
3 pass in quick from any to any port = 80
4 block in from 192.168.1.6/32 to any
5 pass in quick from any to any port = 23
6 block in all

You configure Solaris IP Filter on your bge0 network interface to block all incoming connections, but you are still able to telnet to the server. Which two commands can be used to confirm that the Solaris IP Filter kernel modules are loaded and bound to your network interface? (Choose two.)

You need to log attempts to connect to the SMTP port on your web server.

Which rule should you add to your Solaris IP Filter configuration file on the web server?

A Solaris 10 OS server has packet filtering enabled. The rule set includes:

pass in all
pass in quick from any to any port = 22
pass in quick from any to any port = 80
pass in from any to any port = 23
pass in from any to any port = 25
block in all

Which three network connections are blocked by the ipfilter software? (Choose three.)

Which two statements about Solaris IP Filter are correct? (Choose two.)