Renew LPIC-3 Exam 303: Security, Version 2.0 303-200 Preparation Exams
Want to know Exambible 303-200 Exam practice test features? Want to lear more about LPI LPIC-3 Exam 303: Security, version 2.0 certification experience? Study Practical LPI 303-200 answers to Renew 303-200 questions at Exambible. Gat a success with an absolute guarantee to pass LPI 303-200 (LPIC-3 Exam 303: Security, version 2.0) test on your first attempt.
Free demo questions for LPI 303-200 Exam Dumps Below:
NEW QUESTION 1
Which of the following components are part of FreelPA? (Choose THREE correct answers.)
- A. DHCP Server
- B. Kerberos KDC
- C. lntrusion Detection System
- D. Public Key lnfrastructure
- E. Directory Server
Answer: BDE
NEW QUESTION 2
Which directive is used in an OpenVPN server configuration in order to send network configuration information to the client? (Specify ONLY the option name without any values or parameters.)
Solution:
https;//community.openvpn.net/openvpn/wiki/RoutedLans
Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 3
Which of the following authentication methods was added to NFS in version 4?
- A. Kerberos authentication
- B. SSH hostkey authentication
- C. Winbind authentication
- D. SSL certificate authentication
Answer: A
NEW QUESTION 4
Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?
- A. --mlock
- B. --no-swap
- C. --root-swap
- D. --keys-no-swap
Answer: A
NEW QUESTION 5
Which command revokes ACL-based write access for groups and named users on the file afile?
- A. setfacl -x group: * : rx, user:*: rx afile
- B. setfacl -x mask: : rx afile
- C. setfacl ~m mask: : rx afile
- D. setfacl ~m group: * : rx, user:*: rx afile
Answer: C
NEW QUESTION 6
Which of the following access control models is established by using SELinux?
- A. Security Access Control (SAC)
- B. Group Access Control (GAC)
- C. User Access Control (UAC)
- D. Discretionary Access Control (DAC)
- E. Mandatory Access Control (MAC)
Answer: E
NEW QUESTION 7
Which of the following statements is true about chroot environments?
- A. Symbolic links to data outside the chroot path are followed, making files and directories accessible
- B. Hard links to files outside the chroot path are not followed, to increase security
- C. The chroot path needs to contain all data required by the programs running in the chroot environment
- D. Programs are not able to set a chroot path by using a function call, they have to use the command chroot
- E. When using the command chroot, the started command is running in its own namespace and cannot communicate with other processes
Answer: C
NEW QUESTION 8
What command is used to update NVTs from the OpenVAS NVT feed? (Specify ONLY the command without any path or parameters).
Solution:
http://www.openvas.org/openvas-nvt-feed.html
Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 9
What is the purpose of lP sets?
- A. They group together lP addresses that are assigned to the same network interfaces.
- B. They group together lP addresses and networks that can be referenced by the network routing table.
- C. They group together lP addresses that can be referenced by netfilter rules.
- D. They group together lP and MAC addresses used by the neighbors on the local network.
- E. They group together lP addresses and user names that can be referenced from /etc/hosts allow and /etc/hosts deny
Answer: C
NEW QUESTION 10
What option of mount.cifs specifies the user that appears as the local owner of the files of a mounted ClFS share when the server does not provide ownership information? (Specify ONLY the option name without any values or parameters.)
Solution:
http://linux.die.net/man/8/mount.cifs
Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 11
Which command is used to run a new shell for a user changing the SELinux context? (Specify ONLY the command without any path or parameters.)
Solution:
https://www.centos.ofg/docs/5/html/DeployrnenLGuide-en-US/sec-sel-admincontrol.html
Does this meet the goal?
- A. Yes
- B. Not Mastered
Answer: A
NEW QUESTION 12
Which of the following are differences between AppArmor and SELinux? (Choose TWO correct answers).
- A. AppArmor is implemented in user space onl
- B. SELinux is a Linux Kernel Module.
- C. AppArmor is less complex and easier to configure than SELinux.
- D. AppArmor neither requires nor allows any specific configuratio
- E. SELinux must always be manually configured.
- F. SELinux stores information in extended file attribute
- G. AppArmor does not maintain file specific information and states.
- H. The SELinux configuration is loaded at boot time and cannot be changed later on AppArmor provides user space tools to change its behavior.
Answer: BD
NEW QUESTION 13
Which of the following commands disables the automatic password expiry for the user usera?
- A. chage --maxdays none usera
- B. chage -maxdays 99 usera
- C. chage --maxdays -1 usera
- D. chage --lastday none usera
- E. chage --lastday 0 usera
Answer: C
NEW QUESTION 14
Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file private/keypair.pem?
- A. openssl req -key private/keypair.pem -out req/csr.pem
- B. openssl req - new -key private/keypair.pem -out req/csr.pem
- C. openssl gencsr -key private/keypair.pem -out req/csr.pem
- D. openssl gencsr -new- key private/keypair.pem -out req/csr.pem
Answer: B
NEW QUESTION 15
Which of the following stanzas is a valid client configuration for FreeRADlUS?
- A. client pnvate-network-1 { ipaddr = 192 0 2.0/24 password = testing123-1 }
- B. client private-network-1 { ip= 192.0.2.0/24 password-testing123-1 }
- C. client private-network-1 { ip = 192 0 2.0/24 passwd = testing123-1 }
- D. client private-network-1 { ip = 192 0.2.0/24 secret = testingl23-1 }
- E. client private-network-1 { ipaddr = 192 0 2.0/24 secret = testing 123-1}
Answer: E
NEW QUESTION 16
Which of the following statements are valid wireshark capture filters? {Choose TWO correct answers.)
- A. port range 10000:tcp-15000:tcp
- B. port-range tcp 10000-15000
- C. tcp portrange 10000-15000
- D. portrange 10000/tcp-15000/tcp
- E. portrange 10000-15000 and tcp
Answer: CE
NEW QUESTION 17
......
P.S. Easily pass 303-200 Exam with 60 Q&As Surepassexam Dumps & pdf Version, Welcome to Download the Newest Surepassexam 303-200 Dumps: https://www.surepassexam.com/303-200-exam-dumps.html (60 New Questions)