303-200 Online Practice Questions and Answers

What happens when the command getfattr a file is run while the file afile has no extended attributes set?

A. getfattr prints a warning and exits with a values of 0.

B. getfattr prints a warning and exits with a value of 1.

C. No output is produced and getfattr exits with a value of 0.

D. No outputs is produced and getfattr exits with a value of 1

How are SELinux permissions related to standard Linux permissions? (Choose TWO correct answers.)

A. SELinux permissions overnde standard Linux permissions.

B. Standard Linux permissions override SELinux permissions.

C. SELinux permissions are verified before standard Linux permissions.

D. SELinux permissions are verified after standard Linux permissions.

Which PAM module checks new passwords against dictionary words and enforces complexity? (Specially the module name only without any path.)

Which of the following components are part of FreelPA? (Choose THREE correct answers.)

A. DHCP Server

B. Kerberos KDC

C. lntrusion Detection System

D. Public Key lnfrastructure

E. Directory Server

Which command included in the Linux Audit system provides searching and filtering of the audit log? (Specify ONLY the command without any path or parameters.)

What effect does the configuration SSLStrictSNlVHostCheck on have on an Apache HTTPD virtual host?

A. The clients connecting to the virtual host must provide a client certificate that was issued by the same CA that issued the server's certificate.

B. The virtual host is served only to clients that support SNl.

C. All of the names of the virtual host must be within the same DNS zone.

D. The virtual host is used as a fallback default for all clients that do not support SNl.

E. Despite its configuration, the virtual host is served only on the common name and Subject Alternative Names of theserver certificates.

Given that this device has three different keys, which of the following commands deletes only the first key?

A. cryptsetup luksDelKey/dev/sda 10

B. cryptsetup luksDelkey /dev/sda 11

C. cryptsetup luksDelKey/dev /mapper/crypt- vol 1

D. cryptsetup luksDelKey /dev/mapper/crypt- vol 0

Which of the following practices are important for the security of private keys? (Choose TWO correct answers.)

A. Private keys should be created on the systems where they will be used and should never leave them.

B. Private keys should be uploaded to public key servers.

C. Private keys should be included in X509 certificates.

D. Private keys should have a sufficient length for the algorithm used for key generation.

E. Private keys should always be stored as plain text files without any encryption.

Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file privatejkeypair.pem?

A. openssl req -key private/keypair.pem -out req/csr.pem

B. openssl req - new -key private/keypair.pem -out req/csr.pem

C. openssl gencsr -key private/keypair.pem -out req.csr.pem

D. openssl gencsr -new- key private/keypair.pem -out req.csr.pem

Which of the following commands makes the contents of the eCryptfs encrypted directory -/Private available to the user?

A. eCryptfsclient

B. eCryptfs.mount

C. eCryptfs-mount-private

D. deCryptfs

E. eCryptfs-manage-di rectory

Which of the following command lines sets the administrator password for ntop to testing 123?

A. ntop --set-admin-password=testing123

B. ntop --set-password-testing123

C. ntop --reset-password=testing 123

D. ntop --set-new-password=testing123

Which of the following keywords are built-in chairs for the iptables nat table? (Choose THREE correct answers)

A. OUTPUT

B. MASQUERADE

C. PROCESSlNG

D. POSTROUTlNG

E. PREROUTlNG

Which of the following statements describes the purpose of ndpmon?

A. It monitors the network for neighbor discovery messages from new lPv6 hosts and routers.

B. It monitors remote hosts by periodically sending echo requests to them.

C. It monitors the availability of a network link by querying network interfaces.

D. lt monitors the network for lPv4 nodes that have not yet migrated to lPv6.

E. lt monitors log files for failed login attempts in order to block traffic from offending network nodes.

Which of the following terms refer to existing scan techniques with nmap? (Choose TWO correct answers.)

A. Xmas Scan

B. Zero Scan

C. FlN Scan

D. lP Scan

E. UDP SYN Scan

Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?

A. --mlock

B. --no-swap

C. --root-swap

D. --keys-no-swap