New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA XK0-005 Exam - Topic 3 Question 57 Discussion

Actual exam question for CompTIA's XK0-005 exam
Question #: 57
Topic #: 3
[All XK0-005 Questions]

Users report that they are unable to reach the company website https://www.comptia.org. A systems administrator confirms the issue with the following command:

# curl https://www.comptia.org

curl: (7) Failed to connect to www.comptia.org port 443: No route to host

The administrator logs in to the company's web server to check its configuration and sees the following output:

root@comptia.org:-># firewall-cmd --list-all

public (active)

target: default

icmp-block-inversion: no

interfaces: dummy0 eth0

sources:

services: cockpit dhcpv6-client http ssh

ports: 3001/tcp

protocols:

forward: no

masquerade: no

forward-ports:

source-ports:

icmp-blocks:

rich rules:

rule family="ipv4" source address="61.177.173.6" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"

rule family="ipv4" source address="185.143.45.164" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"

rule family="ipv4" source address="143.198.60.41" port port="ssh" protocol="tcp" reject type="icmp-port-unreachable"

root@comptia.org:-># ip route

default via 172.31.1.1 dev eth0 proto dhcp src 65.21.187.65 metric 100

10.0.6.0/24 dev dummy0 proto kernel scope link src 10.0.6.65 metric 550

172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1

172.18.0.0/16 dev br-28ac2eaeeca1 proto kernel scope link src 172.18.0.1

172.19.0.0/16 dev br-fb3897555ca3 proto kernel scope link src 172.19.0.1 linkdown

172.31.1.1 dev eth0 proto dhcp scope link src 65.21.187.65 metric 100

192.168.224.0/20 dev br-e949ab177d79 proto kernel scope link src 192.168.224.1 linkdown

192.168.240.0/20 dev br-6adf72ac0ae3 proto kernel scope link src 192.168.240.1 linkdown

Which of the following is causing the issue?

Show Suggested Answer Hide Answer
Suggested Answer: C

The curl error 'No route to host' suggests that the server is unreachable on port 443 (HTTPS).

The firewall-cmd --list-all output shows the active firewall rules:

The firewall is only allowing the following services:services: cockpit dhcpv6-client http ssh

The firewall is only allowing the following services:services: cockpit dhcpv6-client http ssh

The firewall is only allowing the following services:services: cockpit dhcpv6-client http ssh

The firewall is only allowing the following services:services: cockpit dhcpv6-client http ssh

Port 443 (HTTPS) is missing from the allowed services list.

Port 3001/tcp is open, but port 443 is not listed, which means HTTPS traffic is being blocked.

The routing table (ip route output) appears correct, as the default route is properly set to 172.31.1.1 via eth0. This rules out option B.

Option A is incorrect because eth0 is active and configured (default via 172.31.1.1 dev eth0), meaning the network interface is not down.

Option D is misleading because the firewall rules are only rejecting SSH traffic from specific IP addresses, not HTTPS traffic.

Fixing the Issue:

To allow HTTPS traffic, the administrator should enable HTTPS in the firewall:

# firewall-cmd --add-service=https --permanent

# firewall-cmd --reload

This will allow HTTPS (port 443) through the firewall.

:

CompTIA Linux+ Official Documentation

firewalld Documentation - Red Hat

Linux Firewall Configuration - CompTIA Security+ Guide


by Latrice at Aug 03, 2025, 06:37 AM

Limited Time Offer

25%

Off

Get Premium XK0-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Arlette
2 months ago
I'm leaning towards user IPs being rejected.
upvoted 0 times
...
Ciara
2 months ago
I agree, definitely a firewall issue.
upvoted 0 times
...
Wayne
3 months ago
The web server's interface seems fine to me.
upvoted 0 times
...
Royal
3 months ago
Wait, how can the default route be wrong if it's showing up?
upvoted 0 times
...
Mireya
3 months ago
Looks like HTTPS isn't allowed through the firewall.
upvoted 0 times
...
Carla
3 months ago
I wonder if the user IP addresses being rejected by the firewall could be the problem. It seems like a possibility based on the output.
upvoted 0 times
...
Mabelle
4 months ago
Could it be that the web server's interface has no link? I feel like that could definitely cause a "no route to host" error.
upvoted 0 times
...
Sharika
4 months ago
I remember a practice question where the default route was a common issue, but here it looks like the default route is set correctly.
upvoted 0 times
...
Irving
4 months ago
I'm not entirely sure, but I think the firewall might be blocking HTTPS traffic since port 443 isn't listed in the allowed ports.
upvoted 0 times
...
Christoper
4 months ago
Ah, I see the default route is set correctly, but there could be an issue with the web server's interface. The "linkdown" status on some of the interfaces is concerning. I'll investigate that further.
upvoted 0 times
...
Alpha
4 months ago
Okay, the key information here is the "No route to host" error from the curl command. That points to a routing or connectivity problem on the web server. I'll focus on analyzing the IP routes.
upvoted 0 times
...
Norah
4 months ago
Hmm, the firewall rules seem to be blocking SSH traffic from certain IP addresses, but that doesn't seem directly related to the website issue. I'll need to think this through step-by-step.
upvoted 0 times
...
Cary
5 months ago
This looks like a tricky networking question. I'll need to carefully review the firewall and routing configuration details to identify the issue.
upvoted 0 times
...
Filiberto
5 months ago
I agree, the firewall is blocking the HTTPS traffic.
upvoted 0 times
...
Valene
5 months ago
I think the issue is with the firewall configuration.
upvoted 0 times
...
Eleonora
7 months ago
The issue is definitely related to the firewall. The firewall rules are blocking SSH traffic from certain IP addresses, but the question is about accessing the website, not SSH.
upvoted 0 times
Nicolette
5 months ago
A) The web server's interface has no link.
upvoted 0 times
...
Tracie
6 months ago
A) The web server's interface has no link.
upvoted 0 times
...
...

Save Cancel