This page was exported from All The Latest MCTS Exam Questions And Answers For Free Share [ https://www.mctsdump.com ] Export date:Thu Nov 21 11:54:33 2024 / +0000 GMT ___________________________________________________ Title: [Free-Dumps] PassLeader Quality New 70q 303-200 Exam Questions For Free (Question 1 – Question 25) --------------------------------------------------- New & Valid 303-200 Exam Questions from PassLeader 303-200 PDF dumps! Welcome to download the newest PassLeader 303-200 VCE dumps: http://www.passleader.com/303-200.html (70 Q&As) Keywords: 303-200 exam dumps, 303-200 exam questions, 303-200 VCE dumps, 303-200 PDF dumps, 303-200 practice tests, 303-200 study guide, 303-200 braindumps, LPIC-3 Exam 303: Security Exam P.S. New 303-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpNGtMZFVyU1dvRVk P.S. New 304-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpajFKM1hKeEUxQzQ QUESTION 1Which of the following commands adds a new user usera to FreelPA? A.    useradd usera --directory ipa --gecos *User A"B.    idap- useradd --H ldaps://ipa-server CN=UserA --attribs "Firstname: User: Lastname: A"C.    ipa-admin create user --account usera -_fname User --iname AD.    ipa user-add usera --first User --last AE.    ipa-user- add usera --name "User A" Answer: D QUESTION 2Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space? A.    --mlockB.    --no-swapC.    --root-swapD.    --keys-no-swap Answer: A QUESTION 3Which of the following statements is used in a parameter file for setkey in order to create a new SPD entry? A.    spdB.    addspdC.    newspdD.    spdnewE.    spdadd Answer: E QUESTION 4Which of the following terms refer to existing scan techniques with nmap? (Choose TWO correct answers.) A.    Xmas ScanB.    Zero ScanC.    FIN ScanD.    IP ScanE.    UDP SYN Scan Answer: AC QUESTION 5When OpenVPN sends a control packet to its peer, it expects an acknowledgement in 2 seconds by default. Which of the following options changes the timeout period to 5 seconds? A.    -tls-timeout 5B.    -tls- timeout 500C.    -tls- timer 5D.    -tls- timer 500 Answer: A QUESTION 6Which of the following commands makes the contents of the eCryptfs encrypted directory - /Private available to the user? A.    ecryptfsclientB.    ecryptfs.mountC.    ecryptfs-mount-privateD.    decryptfsE.    ecryptfs-manage-di rectory Answer: C QUESTION 7Which command revokes ACL-based write access for groups and named users on the file afile? A.    setfacI -x group: * : rx, user:*: rx afileB.    setfacl -x mask: : rx afileC.    setfacl ~m mask: : rx afileD.    setfacl ~m group: * : rx, user:*: rx afile Answer: C QUESTION 8How does TSIG authenticate name servers in order to perform secured zone transfers? A.    Both servers mutually verify their X509 certificates.B.    Both servers use a secret key that is shared between the servers.C.    Both servers verify appropriate DANE records for the labels of NS records used to delegate the transferred zone.D.    Both servers use DNSSEC to mutually verify that they are authoritative for the transferred zone. Answer: B QUESTION 9Which of the following are differences between AppArmor and SELinux? (Choose TWO correct answers.) A.    AppArmor is implemented in user space only. SELinux is a Linux Kernel Module.B.    AppArmor is less complex and easier to configure than SELinux.C.    AppArmor neither requires nor allows any specific configuration. SELinux must always be manually configured.D.    SELinux stores information in extended file attributes. AppArmor does not maintain file specific information and states.E.    The SELinux configuration is loaded at boot time and cannot be changed later on AppArmor provides user space tools to change its behavior. Answer: BD QUESTION 10Which of the following commands adds users using SSSD's local service? A.    sss_adduserB.    sss_useraddC.    sss_addD.    sss_addlocaluserE.    sss_local_adduser Answer: B QUESTION 11Which of the following statements are true regarding the certificate? (Choose THREE correct answers.) A.    This certificate belongs to a certification authority.B.    This certificate may be used to sign certificates of subordinate certification authorities.C.    This certificate may never be used to sign any other certificates.D.    This certificate may be used to sign certificates that are not also a certification authority.E.    This certificate will not be accepted by programs that do not understand the listed extension. Answer: ABD QUESTION 12Which of the following statements are valid wireshark capture filters? (Choose TWO correct answers.) A.    port range 10000:tcp-15000:tcpB.    port-range tcp 10000-15000C.    tcp portrange 10000-15000D.    portrange 10000/tcp-15000/tcpE.    portrange 10000-15000 and tcp Answer: CE QUESTION 13Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file private/keypair.pem? A.    openssl req -key private/keypair.pem -out req/csr.pemB.    openssl req - new -key private/keypair.pem -out req/csr.pemC.    openssl gencsr -key private/keypair.pem -out req/csr.pemD.    openssl gencsr -new- key private/keypair.pem -out req/csr.pem Answer: B QUESTION 14Which of the following command lines sets the administrator password for ntop to testing 123? A.    ntop --set-admin-password=testing123B.    ntop --set-password-testing123C.    ntop --reset-password=testing 123D.    ntop --set-new-password=testing123 Answer: A QUESTION 15Which of the following statements is true about chroot environments? A.    Symbolic links to data outside the chroot path are followed, making files and directories accessibleB.    Hard links to files outside the chroot path are not followed, to increase securityC.    The chroot path needs to contain all data required by the programs running in the chroot environmentD.    Programs are not able to set a chroot path by using a function call, they have to use the command chrootE.    When using the command chroot, the started command is running in its own namespace and cannot communicate with other processes Answer: C QUESTION 16Which option in an Apache HTTPD configuration file enables OCSP stapling? (Specify ONLY the option name without any values or parameters.) Answer: httpd-ssl.conf QUESTION 17What option of mount.cifs specifies the user that appears as the local owner of the files of a mounted CIFS share when the server does not provide ownership information? (Specify ONLY the option name without any values or parameters.) Answer: uld=arg QUESTION 18Which of the following expressions are valid AIDE rules? (Choose TWO correct answers.) A.    !/var/run/.*B.    append: /var/log/*C.    /usr=allD.    #/bin/E.    /etc p+i+u+g Answer: AE QUESTION 19Which directive is used in an OpenVPN server configuration in order to send network configuration information to the client? (Specify ONLY the option name without any values or parameters.) Answer: push QUESTION 20Which of the following authentication methods was added to NFS in version 4? A.    Kerberos authenticationB.    SSH hostkey authenticationC.    Winbind authenticationD.    SSL certificate authentication Answer: A QUESTION 21Which of the following commands defines an audit rule that monitors read and write operations to the file/ etc/firewall/rules and associates the rule with the name firewall? A.    auditctl -N firewall -r r: /etc/firewall/rules -r w: etc/firewall/rulesB.    auditctl -A -f /etc/firewall/rules -p rw -k firewallC.    auditctl -w /etc/firewall/rules -p rw -k firewallD.    auditctl -_read /etc/firewall/rules -_write /etc/firewall/rules --label firewallE.    echo "n: firewall r:/etc/firewall/rules: w:/ etc/firewall/rules:" | auditctl ~ Answer: C QUESTION 22Which of the following information, within a DNSSEC- signed zone, is signed by the key signing key? A.    The non-DNSSEC records like A, AAAA or MX.B.    The zone signing key of the zone.C.    The RRSIG records of the zone.D.    The NSEC or NSEC3 records of the zone.E.    The DS records pointing to the zone. Answer: B QUESTION 23Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate? A.    subjectAltName = DNS: www example.org, DNS: example.orgB.    extension = SAN: www.example.org, SAN: example.orgC.    subjectAltName: www.example.org, subjectAltName: example.orgD.    commonName = subjectAltName = www.example.org, subjectAltName = example.orgE.    subject = CN = www.example.org, CN = example.org Answer: A QUESTION 24Which command is used to run a new shell for a user changing the SELinux context? (Specify ONLY the command without any path or parameters.) Answer: newrole QUESTION 25Which of the following configuration options makes Apache HTTPD require a client certificate for authentication? A.    Limit valid-x509B.    SSLRequestClientCert alwaysC.    Require valid-x509D.    SSLVerifyClient requireE.    SSLPolicy valid-client-cert Answer: D Download the newest PassLeader 303-200 dumps from passleader.com now! 100% Pass Guarantee! 303-200 PDF dumps & 303-200 VCE dumps: http://www.passleader.com/303-200.html (70 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!) P.S. New 303-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpNGtMZFVyU1dvRVk P.S. New 304-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpajFKM1hKeEUxQzQ --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2017-03-10 09:21:24 Post date GMT: 2017-03-10 09:21:24 Post modified date: 2017-03-10 09:21:24 Post modified date GMT: 2017-03-10 09:21:24 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com