A system administrator is hardening an SSH server using fail2ban. They want to configure it to ban an IP address for one full day after 5 failed login attempts within a 15-minute window. Which of the following configurations in /etc/fail2ban/jail.local would correctly implement this policy for the sshd jail?
The correct answer accurately configures the sshd jail according to the requirements. The [sshd] block specifies the configuration is for the SSH daemon. enabled = true activates the jail. maxretry = 5 sets the number of failed attempts to 5. findtime = 15m sets the time window to 15 minutes for counting these attempts. bantime = 1d sets the ban duration to one day. Recent versions of fail2ban allow time abbreviations like 'm' for minutes, 'h' for hours, and 'd' for days. The other options are incorrect because they either misconfigure the parameters, use incorrect values, or apply the settings to the wrong section.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is `fail2ban` and why is it used?
Open an interactive chat with Bash
What is the purpose of the `findtime`, `maxretry`, and `bantime` settings in fail2ban?
Open an interactive chat with Bash
Why is configuring `jail.local` preferred over modifying `jail.conf` in `fail2ban`?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access