[Free-Dumps] 70q 303-200 Exam Dumps Offered By PassLeader Help Passing Exam Easily (Question 26 – Question 50)
New & Valid 303-200 Exam Questions from PassLeader 303-200 PDF dumps! Welcome to download the newest PassLeader 303-200 VCE dumps: http://www.passleader.com/303-200.html (70 Q&As) Keywords: 303-200 exam dumps, 303-200 exam questions, 303-200 VCE dumps, 303-200 PDF dumps, 303-200 practice tests, 303-200 study guide, 303-200 braindumps, LPIC-3 Exam 303: Security Exam P.S. New 303-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpNGtMZFVyU1dvRVk P.S. New 304-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpajFKM1hKeEUxQzQ QUESTION 26 Given a proper network and name resolution setup, which of the following commands establishes a trust between a FreelPA domain and an Active Directory domain? A. ipa trust-add --type ad addom --admin Administrator --password B. ipa-ad -add-trust --account ADDOMAdministrator--query-password C. net ad ipajoin addom -U Administrator -p D. trustmanager add -_domain ad: //addom --user Administrator -w E. ipa ad join addom -U Administrator –w Answer: A QUESTION 27 Which of the following resources of a shell and its child processes can be controlled by the Bash build-in command ulimit? (Choose THREE correct answers.) A. The maximum size of written files B. The maximum number of open file descriptors C. The maximum number of newly created files D. The maximum number of environment variables E. The maximum number of user processes Answer: ABE QUESTION 28 Linux Extended File Attributes are organized in namespaces. Which of the following names correspond to existing attribute namespaces? (Choose THREE correct answers.) A. default B. system C. owner D. trusted E. user Answer: BDE QUESTION 29 Which of the following stanzas is a valid client configuration for Free RADIUS? A. client pnvate-network-1 { ipaddr = 192 0 2.0/24 password = testing123-1 } B. client private-network-1 { ip = 192.0.2.0/24 password = testing123-1 } C. client private-network-1 { ip = 192 0 2.0/24 passwd = testing123-1 } D. client private-network-1 { ip = 192 0.2.0/24 secret = testing123-1 } E. client private-network-1 { ipaddr = 192 0 2.0/24 secret = testing123-1 } Answer: E QUESTION 30 Which of the following practices are important for the security of private keys? (Choose TWO correct answers.) A. Private keys should be created on the systems where they will be used and should never leave them. B. private keys should be uploaded to public key servers. C. Private keys should be included in X509 certificates. D. Private keys should have a sufficient length for the algorithm used for key generation. E. Private keys should always be stored as plain text files without any encryption. Answer: CD QUESTION 31 Given that this device has three different keys, which of the following commands deletes only the first key? A. cryptsetup luksDelKey /dev/sda 1 0 B. cryptsetup luksDelkey /dev/sda 1 1 C. cryptsetup luksDelKey / dev /mapper/crypt- vol 1 D. cryptsetup luksDelKey / dev /mapper/crypt- vol 0 Answer: A QUESTION 32 What command is used to update NVTs from the OpenVAS NVT feed? (Specify ONLY the command without any path or parameters.) Answer: openvas-nvt-sync QUESTION 33 Which command included in the Linux Audit system provides searching and filtering of the audit log? (Specify ONLY the command without any path or parameters.) Answer: ausearch QUESTION 34 Which of the following types can be specified within the Linux Audit system? (Choose THREE correct answers.) A. Control rules B. File system rules C. Network connection rules D. Console rules E. System call rules Answer: ABE QUESTION 35 Which of the following sections are allowed within the Kerberos configuration file krb5.conf? (Choose THREE correct answers.) A. [plugins] B. [crypto] C. [domain] D. [capaths] E. [realms] Answer: ADE QUESTION 36 Which of the following parameters to openssl s_client specifies the host name to use for TLS Server Name Indication? A. -tlsname B. -servername C. -sniname D. -vhost E. -host Answer: B QUESTION 37 Which of the following statements is true regarding eCryptfs? A. For every file in an eCryptfs directory there exists a corresponding file that contains the encrypted content. B. The content of all files in an eCryptfs directory is stored in an archive file similar to a tar file with an additional index to improve performance. C. After unmounting an eCryptfs directory, the directory hierarchy and the original file names are still visible, although, it is not possible to view the contents of the files. D. When a user changes his login password, the contents of his eCryptfs home directory has to be re-encrypted using his new login password. E. eCryptfs cannot be used to encrypt only directories that are the home directory of a regular Linux user. Answer: E QUESTION 38 Which of the following methods can be used to deactivate a rule in Snort? (Choose TWO correct answers.) A. By placing a # in front of the rule and restarting Snort. B. By placing a pass rule in local.rules and restarting Snort. C. By deleting the rule and waiting for Snort to reload its rules files automatically. D. By adding a pass rule to /etc/snort/rules.deactivated and waiting for Snort to reload its rules files automatically. Answer: BC QUESTION 39 What happens when the command getfattr afile is run while the file afile has no extended attributes set? A. getfattr prints a warning and exits with a values of 0. B. getfattr prints a warning and exits with a value of 1. C. No output is produced and getfattr exits with a value of 0. D. No outputs is produced and getfattr exits with a value of 1. Answer: C QUESTION 40 What effect does the configuration SSLStrictSNIVHostCheck on have on an Apache HTTPD virtual host? A. The clients connecting to the virtual host must provide a client certificate that was issued by the same CA that issued the server's certificate. B. The virtual host is served only to clients that support SNI. C. All of the names of the virtual host must be within the same DNS zone. D. The virtual host is used as a fallback default for all clients that do not support SNI. E. Despite its configuration, the virtual host is served only on the common name and Subject Alternative Names of the server certificates. Answer: B QUESTION 41 What is the purpose of IP sets? A. They group together IP addresses that are assigned to the same network interfaces. B. They group together IP addresses and networks that can be referenced by the network routing table. C. They group together IP addresses that can be referenced by netfilter rules. D. They group together IP and MAC addresses used by the neighbors on the local network. E. They group together IP addresses and user names that can be referenced from /etc/hosts allow and /etc/hosts deny Answer: C QUESTION 42 Which of the following components are part of FreeIPA? (Choose THREE correct answers.) A. DHCP Server B. Kerberos KDC C. Intrusion Detection System D. Public Key Infrastructure E. Directory Server Answer: BDE QUESTION 43 What is the purpose of the program snort-stat? A. It displays statistics from the running Snort process. B. It returns the status of all configured network devices. C. It reports whether the Snort process is still running and processing packets. D. It displays the status of all Snort processes. E. It reads syslog files containing Snort information and generates port scan statistics. Answer: E QUESTION 44 Which of the following access control models is established by using SELinux? A. Security Access Control (SAC) B. Group Access Control (GAC) C. User Access Control (UAC) D. Discretionary Access Control (DAC) E. Mandatory Access Control (MAC) Answer: E QUESTION 45 Which of the following prefixes could be present in the output of getcifsacl? (Choose THREE correct answers.) A. ACL B. GRANT C. GROUP D. OWNER E. SID Answer: ACE QUESTION 46 What effect does the following command have on TCP packets? iptables- A INPUT -d 10 142 232.1 -p tcp -dport 20:21 -j ACCEPT A. Forward all TCP traffic not on port 20 or 21 to the IP address 10.142 232.1 B. Drop all TCP traffic coming from 10 142 232.1 destined for port 20 or 21 C. Accept only TCP traffic from 10.142 232.1 destined for port 20 or 21 D. Accept all TCP traffic on port 20 and 21 for the IP address 10.142.232.1 Answer: C QUESTION 47 How are SELinux permissions related to standard Linux permissions? (Choose TWO correct answers.) A. SELinux permissions overnde standard Linux permissions. B. standard Linux permissions override SELinux permissions. C. SELinux permissions are verified before standard Linux permissions. D. SELinux permissions are verified after standard Linux permissions. Answer: BD QUESTION 48 Which of the following commands disables the automatic password expiry for the user usera? A. chage --maxdays none usera B. chage --maxdays 99 usera C. chage --maxdays -1 usera D. chage --lastday none usera E. chage --lastday 0 usera Answer: C QUESTION 49 Which of the following commands changes the source IP address to 192.0.2.11 for all IPv4 packets which go through the network interface eth0? A. iptables ~t nat -A POSTROUTING ~o eth0 -j SNAT -to-source 192.0.2.11 B. iptables ~t nat -A PREROUT1NG - eth0 -j SNAT -to-source 192.0.2.11 C. iptables -t nat -A POSTROUTING H eth0 -j DNAT -to-source 192.0.2.11 D. iptables -t mangle -A POSTROUTING -i eth0 -j SNAT -to-source 192.0.2.11 E. iptables -t mangle -A POSTROUTING -0 eth0 -j SNAT -to-source 192.0.2.11 Answer: A QUESTION 50 Which command, included in BIND, generates DNSSEC keys? (Specify ONLY the command without any path or parameters.) Answer: dnssec-keygen Download the newest PassLeader 303-200 dumps from passleader.com now! 100% Pass Guarantee! 303-200 PDF dumps & 303-200 VCE dumps: http://www.passleader.com/303-200.html (70 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!) P.S. New 303-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpNGtMZFVyU1dvRVk P.S. New 304-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpajFKM1hKeEUxQzQ
|