Explanation of Answer A:The commandfirewall-cmd --zone=public --add-service=cockpit --permanentadds the Cockpit service to the public zone permanently. This means that the service is explicitly allowed only within the public zone, not in any other zones.
Explanation of Answer C:Using the--permanentflag withfirewall-cmdcommands ensures that the changes are stored in the firewalld configuration and are persistent across reboots. Therefore, when thefirewalldservice restarts or the system reboots, the runtime configuration will not be lost, and the changes will remain in effect.
[Reference:, Oracle Linux 8 Documentation:Oracle Linux Firewall Configuration Guide, Thefirewall-cmddocumentation details how to manage services, ports, and other settings within specific zones and how to make these settings persistent., Clarification on Incorrect Options:, Option B:is incorrect because egress traffic is not related to the port specification; the command allows the Cockpit service for all ports it uses, and1313/tcpis unrelated to this., Option D:is incorrect because the rule does not block traffic on port 1313; it explicitly opens it., Option E:is incorrect because adding a service viafirewall-cmddoes not directly update files in/usr/lib/firewalld/services; this directory contains predefined service files., , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit