[Free] 2018(Jan) EnsurePass Dumpsleader LPI 303-200 Dumps with VCE and PDF 1-10

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan LPI Official New Released 303-200
100% Free Download! 100% Pass Guaranteed!

LPIC-3 Exam 303: Security, 2.0

Question No: 1

Which of the following statements is true about chroot environments?

  1. Symbolic links to data outside the chroot path are followed, making files and directories accessible

  2. Hard links to files outside the chroot path are not followed, to increase security

  3. The chroot path needs to contain all data required by the programs running in the chroot environment

  4. Programs are not able to set a chroot path by using a function call, they have to use the command chroot

  5. When using the command chroot, the started command is running in its own namespace and cannot communicate with other processes

Answer: C

Question No: 2

Which of the following DNS record types can the command dnssec-signzone add to a zone? (Choose THREE correct answers.)

  1. ASIG

  2. NSEC

  3. NSEC3

  4. NSSIG

  5. RRSIG

Answer: B,C,E

Question No: 3

Which of the following prefixes could be present in the output of getcifsacl? (Choose

THREE correct answers.)

  1. ACL

  2. GRANT

  3. GROUP

  4. OWNER

  5. SID

Answer: A,C,E

Question No: 4

Which of the following commands changes the source IP address to for all IPv4 packets which go through the network interface eth0?

  1. iptables ~t nat -A POSTROUTING ~o eth0 j SNAT -to-source

  2. iptables ~t nat -A PREROUT1NG -\ eth0 -j SNAT -to-source

  3. iptables -t nat -A POSTROUTING H eth0 -j DNAT -to-source

  4. iptables -t mangle -A POSTROUTING -i eth0 -j SNAT -to-source

  5. iptables -t mangle -A POSTROUTING -0 eth0 -j SNAT -to-source

Answer: A

Question No: 5

Which of the following statements describes the purpose of ndpmon?

  1. it monitors the network for neighbor discovery messages from new IPv6 hosts and routers

  2. it monitors remote hosts by periodically sending echo requests to them.

  3. it monitors the availability of a network link by querying network interfaces.

  4. It monitors the network for IPv4 nodes that have not yet migrated to IPv6.

  5. It monitors log files for failed login attempts in order to block traffic from offending network nodes

Answer: A

Question No: 6 CORRECT TEXT

Which command installs and configures a new FreelPA server, including all sub- components, and creates a new FreelPA domain? (Specially ONLY the command without any path or parameters).

Answer: ipa-server-install


Question No: 7

Which of the following statements is true regarding eCryptfs?

  1. For every file in an eCryptfs directory there exists a corresponding file that contains the encrypted content.

  2. The content of all files in an eCryptfs directory is stored in an archive file similar to a tar file with an additional index to improve performance.

  3. After unmounting an eCryptfs directory, the directory hierarchy and the original file names are still visible, although, it is not possible to view the contents of the files.

  4. When a user changes his login password, the contents of his eCryptfs home directory has to be re-encrypted using his new login password.

  5. eCryptfs cannot be used to encrypt only directories that are the home directory of a regular Linux user.

Answer: E

Question No: 8

What effect does the configuration SSLStrictSNIVHostCheck on have on an Apache HTTPD virtual host?

  1. The clients connecting to the virtual host must provide a client certificate that was issued by the same CA that issued the server#39;s certificate.

  2. The virtual host is served only to clients that support SNI.

  3. All of the names of the virtual host must be within the same DNS zone.

  4. The virtual host is used as a fallback default for all clients that do not support SNI.

  5. Despite its configuration, the virtual host is served only on the common name and Subject Alternative Names of the server certificates.

Answer: B

Question No: 9

Which option of the openvpn command should be used to ensure that ephemeral keys are

not written to the swap space?

  1. -mlock

  2. -no-swap

  3. -root-swap

  4. -keys-no-swap

Answer: A

Question No: 10

Which of the following keywords are built-in chairs for the iptables nat table? (Choose

THREE correct answers)






Answer: A,D,E

100% Ensurepass Free Download!
Download Free Demo:303-200 Demo PDF
100% Ensurepass Free Guaranteed!
303-200 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.