LPI 303-200 Exam Practice Test Instant Access

Question 1

Which of the following types can be specified within the Linux Audit system? (Choose THREE correct answers)

AControl rules

BFile system rules

CNetwork connection rules

DConsole rules

ESystem call rules

Answer : A, B, E

Question 2

Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?

A--mlock

B--no-swap

C--root-swap

D--keys-no-swap

Answer : A

Question 3

What effect does the configuration SSLStrictSNIVHostCheck on have on an Apache HTTPD virtual host?

AThe clients connecting to the virtual host must provide a client certificate that was issued by the same CA that issued the server's certificate.

BThe virtual host is served only to clients that support SNI.

CAll of the names of the virtual host must be within the same DNS zone.

DThe virtual host is used as a fallback default for all clients that do not support SNI.

EDespite its configuration, the virtual host is served only on the common name and Subject Alternative Names of the server certificates.

Answer : B

Question 4

Which of the following database names can be used within a Name Service Switch (NSS) configuration file? (Choose THREE correct answers).

Ahost

Bshadow

Cservice

Dpasswd

Egroup

Answer : A, C, E

Question 5

Which of the following statements is true about chroot environments?

ASymbolic links to data outside the chroot path are followed, making files and directories accessible

BHard links to files outside the chroot path are not followed, to increase security

CThe chroot path needs to contain all data required by the programs running in the chroot environment

DPrograms are not able to set a chroot path by using a function call, they have to use the command chroot

EWhen using the command chroot, the started command is running in its own namespace and cannot communicate with other processes

Answer : C

Question 6

Given that this device has three different keys, which of the following commands deletes only the first key?

Acryptsetup luksDelKey /dev/sda 1 0

Bcryptsetup luksDelkey /dev/sda 1 1

Ccryptsetup luksDelKey / dev /mapper/crypt- vol 1

Dcryptsetup luksDelKey / dev /mapper/crypt- vol 0

Answer : A

Question 7

What is the purpose of the program snort-stat?

AIt displays statistics from the running Snort process.

BIt returns the status of all configured network devices.

CIt reports whether the Snort process is still running and processing packets.

DIt displays the status of all Snort processes.

EIt reads syslog files containing Snort information and generates port scan statistics.

Answer : E

LPIC-3 Exam 303: Security 303-200 Exam Practice Test