Lpi 303-200 Dumps Questions [2023] Pass for 303-200 Exam [Q20-Q44]

Lpi 303-200 Dumps Questions [2023] Pass for 303-200 Exam

Updated Lpi Study Guide 303-200 Dumps Questions

LPI 303-200 Certification Exam cost is as follow

• The price of the LPI 303-200 exam is $200 USD.

 

NEW QUESTION 20
Which of the following sections are allowed within the Kerberos configuration file krb5.conf? (Choose THREE correct answers.)

• A. [plugins]
• B. [realms]
• C. [crypto]
• D. [domain]
• E. [capaths]

Answer: A,B,E

 

NEW QUESTION 21
What happens when the command getfattr afile is run while the file afile has no extended attributes set?

• A. No outputs is produced and getfattr exits with a value of 1
• B. No output is produced and getfattr exits with a value of 0.
• C. getfattr prints a warning and exits with a value of 1.
• D. getfattr prints a warning and exits with a values of 0.

Answer: B

 

NEW QUESTION 22
Which of the following practices are important for the security of private keys? (Choose TWO correct answers.)

• A. Private keys should have a sufficient length for the algorithm used for key generation.
• B. Private keys should be uploaded to public key servers.
• C. Private keys should be included in X509 certificates.
• D. Private keys should be created on the systems where they will be used and should never leave them.
• E. Private keys should always be stored as plain text files without any encryption.

Answer: A,C

Explanation:
Explanation/Reference:
https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private- keys-and-csrs

 

NEW QUESTION 23
Which of the following commands makes the contents of the eCryptfs encrypted directory ~/Private available to the user?

• A. decryptfs
• B. ecryptfs-mount-private
• C. ecryptfs.mount
• D. ecryptfs-manage-directory
• E. ecryptfsclient

Answer: B

Explanation:
Explanation/Reference:
https://help.ubuntu.com/lts/serverguide/ecryptfs.html

 

NEW QUESTION 24
Which of the following commands displays all ebtable rules contained in the table filter including their packet and byte counters?

• A. ebtables-L-t filter -Lv
• B. ebtables -t filter -Ln -L
• C. ebtables-L -Lc-t filter
• D. ebtables-t filter-L-Lc
• E. ebtables -t nat -L -v

Answer: D

 

NEW QUESTION 25
Which of the following parameters to openssl s_client specifies the host name to use for TLS Server Name Indication?

• A. -sniname
• B. -vhost
• C. -servername
• D. -tlsname
• E. -host

Answer: C

Explanation:
Explanation/Reference:
https://www.openssl.org/docs/manmaster/apps/s_client.html

 

NEW QUESTION 26
Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate'?

• A. commonName = subjectAltName= www.example.org, subjectAltName = example.org
• B. subjectAltName: www.example.org, subjectAltName: example.org
• C. extension= SAN: www.example.org, SAN:example.org
• D. subjectAltName = DNS: www example.org, DNS:example.org
• E. subject= CN= www.example.org, CN=example.org

Answer: D

 

NEW QUESTION 27
Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?

• A. Require valid-x509
• B. SSLPolicy valid-client-cert
• C. SSLRequestClientCert always
• D. SSLVerifyClient require
• E. Limit valid-x509

Answer: D

Explanation:
Explanation/Reference:
https://linuxconfig.org/apache-web-server-ssl-authentication

 

NEW QUESTION 28
Which of the following resources of a shell and its child processes can be controlled by the Bash build-in command ulimit? (Choose THREE correct answers.)

• A. The maximum number of newly created files
• B. The maximum number of user processes
• C. The maximum size of written files
• D. The maximum number of environment variables
• E. The maximum number of open file descriptors

Answer: B,C,E

 

NEW QUESTION 29
Which of the following terms refer to existing scan techniques with nmap? (Choose TWO correct answers.)

• A. Xmas Scan
• B. IP Scan
• C. Zero Scan
• D. UDP SYN Scan
• E. FIN Scan

Answer: A,E

 

NEW QUESTION 30
Which of the following access control models is established by using SELinux?

• A. Group Access Control (GAC)
• B. User Access Control (UAC)
• C. Security Access Control (SAC)
• D. Discretionary Access Control (DAC)
• E. Mandatory Access Control (MAC)

Answer: E

 

NEW QUESTION 31
Which of the following methods can be used to deactivate a rule in Snort? (Choose TWO correct answers.)

• A. By placing a pass rule in local.rules and restarting Snort.
• B. By placing a # in front of the rule and restarting Snort.
• C. By adding a pass rule to /etc/snort/rules.deactivated and waiting for Snort to reload its rules files automatically.
• D. By deleting the rule and waiting for Snort to reload its rules files automatically.

Answer: A,D

 

NEW QUESTION 32
Which of the following DNS record types can the command dnssec-signzone add to a zone? (Choose THREE correct answers.)

• A. ASIG
• B. NSEC
• C. RRSIG
• D. NSEC3
• E. NSSIG

Answer: B,C,D

Explanation:
Explanation/Reference:
http://linux.die.net/man/8/dnssec-signzone

 

NEW QUESTION 33
CORRECT TEXT
What option of mount.cifs specifies the user that appears as the local owner of the files of a mounted CIFS share when the server does not provide ownership information? (Specify ONLY the option name without any values or parameters.)

Answer:

Explanation:
uld=arg
http://linux.die.net/man/8/mount.cifs

 

NEW QUESTION 34
What is the purpose of the program snort-stat?

• A. It displays the status of all Snort processes.
• B. It returns the status of all configured network devices.
• C. It reads syslog files containing Snort information and generates port scan statistics.
• D. It reports whether the Snort process is still running and processing packets.
• E. It displays statistics from the running Snort process.

Answer: C

Explanation:
Explanation/Reference:
http://manpages.ubuntu.com/manpages/trusty/man8/snort-stat.8.html

 

NEW QUESTION 35
Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate?

• A. subjectAltName: www.example.org, subjectAltName: example.org
• B. extension= SAN: www.example.org, SAN:example.org
• C. subjectAltName = DNS: www.example.org, DNS:example.org
• D. subject= CN= www.example.org, CN=example.org
• E. commonName = subjectAltName= www.example.org,
  subjectAltName = example.org

Answer: C

Explanation:
Explanation/Reference:
https://www.openssl.org/docs/manmaster/apps/x509v3_config.html

 

NEW QUESTION 36
When OpenVPN sends a control packet to its peer, it expects an acknowledgement in 2 seconds by default. Which of the following options changes the timeout period to 5 seconds?

• A. -tls-timeout 5
• B. -tls- timeout 500
• C. -tls- timer 500
• D. -tls- timer 5

Answer: A

 

NEW QUESTION 37
What happens when the command getfattr afile is run while the file afile has no extended attributes set?

• A. No output is produced and getfattr exits with a value of 0.
• B. getfattr prints a warning and exits with a value of 1.
• C. getfattr prints a warning and exits with a values of 0.
• D. No outputs is produced and getfattr exits with a value of 1.

Answer: A

 

NEW QUESTION 38
Which of the following resources of a shell and its child processes can be controlled by the Bash build-in command ulimit? (Choose THREE correct answers.)

• A. The maximum number of newly created files
• B. The maximum number of user processes
• C. The maximum size of written files
• D. The maximum number of environment variables
• E. The maximum number of open file descriptors

Answer: B,C,E

Explanation:
Explanation/Reference:
http://ss64.com/bash/ulimit.html

 

NEW QUESTION 39
Which DNS label points to the DANE information used to secure HTTPS connections to https://www.example.com/?

• A. example.com
• B. _443_tcp.www example.com
• C. soa.example com
• D. dane.www.example.com
• E. www.example.com

Answer: B

 

NEW QUESTION 40
Which of the following sections are allowed within the Kerberos configuration file krb5.conf? (Choose THREE correct answers.)

• A. [plugins]
• B. [realms]
• C. [crypto]
• D. [domain]
• E. [capaths]

Answer: A,B,E

Explanation:
Explanation/Reference:
http://linux.die.net/man/5/krb5.conf

 

NEW QUESTION 41
Which of the following commands defines an audit rule that monitors read and write operations to the file/ etc/firewall/rules and associates the rule with the name firewall?

• A. echo "n: firewall r:/etc/firewall/rules: w:/
  etc/firewall/rules:" | auditctl ~
• B. auditctl -N firewall -r r: /etc/firewall/rules -r w:
  etc/firewall/rules
• C. auditctl --read /etc/firewall/rules --write /etc/firewall/rules
  --label firewall
• D. auditctl -A -f /etc/firewall/rules -o r -o w -l firewall
• E. auditctl -w /etc/firewall/rules -p rw -k firewall

Answer: E

Explanation:
Explanation/Reference:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sec- Defining_Audit_Rules_and_Controls.html

 

NEW QUESTION 42
Which of the following authentication methods was added to NFS in version 4?

• A. Winbind authentication
• B. Kerberos authentication
• C. SSL certificate authentication
• D. SSH hostkey authentication

Answer: B

 

NEW QUESTION 43
Which of the following expressions are valid AIDE rules? (Choose TWO correct answers.)

• A. /etc p+i+u+g
• B. !/var/run/.*
• C. #/bin/
• D. /usr=all
• E. append: /var/log/*

Answer: A,B

 

NEW QUESTION 44
......

LPI LPIC-3 Exam Certification Details:

Exam Price	$200 (USD)
Number of Questions	60
Duration	90 mins
Exam Name	LPIC-3 Security
Passing Score	500 / 800
Schedule Exam	LPI Marketplace

 

Achieve Success in Actual 303-200 Exam 303-200 Exam Dumps: https://freetorrent.actual4dumps.com/303-200-study-material.html