LPI 303-200 Exam Questions Instant Access

Question 1

Which of the following commands displays all ebtable rules contained in the table filter including their packet and byte counters?

Aebtables -t nat -L -v

Bebtables-L-t filter -Lv

Cebtables-t filter-L-Lc

Debtables -t filter -Ln -L

Eebtables-L -Lc-t filter

Answer : C

Question 2

Which of the following commands adds a new user usera to FreelPA?

Auseradd usera --directory ipa --gecos *User A'

Bidap- useradd --H ldaps://ipa-server CN=UserA --attribs 'Firstname: User: Lastname: A'

Cipa-admin create user --account usera -_fname User --iname A

Dipa user-add usera --first User --last A

Eipa-user- add usera --name 'User A'

Answer : D

Question 3

Which command installs and configures a new FreelPA server, including all sub-components, and creates a new FreelPA domain? (Specially ONLY the command without any path or parameters).

See Below Explanation:

https://www.freeipa.org/images/2/2b/lnstallation_and_Deployment.Guidep.pdf

Answer : A

https://www.freeipa.org/images/2/2b/lnstallation_and_Deployment.Guidep.pdf

Question 4

Which of the following are differences between AppArmor and SELinux? (Choose TWO correct answers).

AAppArmor is implemented in user space only. SELinux is a Linux Kernel Module.

BAppArmor is less complex and easier to configure than SELinux.

CAppArmor neither requires nor allows any specific configuration. SELinux must always be manually configured.

DSELinux stores information in extended file attributes. AppArmor does not maintain file specific information and states.

EThe SELinux configuration is loaded at boot time and cannot be changed later on AppArmor provides user space tools to change its behavior.

Answer : B, D

Question 5

Which DNS label points to the DANE information used to secure HTTPS connections to https://www.example.com/?

Aexample.com

Bdane.www.example.com

Csoa.example com

Dwww.example.com

E_443_tcp.www example.com

Answer : E

Question 6

Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file private/keypair.pem?

Aopenssl req -key private/keypair.pem -out req/csr.pem

Bopenssl req - new -key private/keypair.pem -out req/csr.pem

Copenssl gencsr -key private/keypair.pem -out req/csr.pem

Dopenssl gencsr -new- key private/keypair.pem -out req/csr.pem

Answer : B

Question 7

Which PAM module checks new passwords against dictionary words and enforces complexity? (Specially the module name only without any path.)

See Below Explanation:

http;//www-deer-run.com/~hal/sysadmin/pam_cracklib.html

Answer : A

http;//www-deer-run.com/~hal/sysadmin/pam_cracklib.html

LPIC-3 Exam 303: Security 303-200 Exam Questions