• Home
  • Articles
  • 303-200 Study Guide Latest [Jan 30, 2023] Realistic Verified 303-200 Dumps [Q30-Q54]

303-200 Study Guide Latest [Jan 30, 2023] Realistic Verified 303-200 Dumps [Q30-Q54]

Share

303-200 Study Guide: Latest [Jan 30, 2023] Realistic Verified 303-200 Dumps

303-200 Questions & Practice Test are Available On-Demand

NEW QUESTION 30
SIMULATION
Which command, included in BIND, generates DNSSEC keys? (Specify ONLY the command without any path or parameters.)

Answer:

Explanation:
dnssec-keygen
Explanation/Reference:
http://ripe60.ripe.net/presentations/Damas-BIND_9.7_-_DNSSE_for_humans.pdf

 

NEW QUESTION 31
Which of the following DNS record types can the command dnssec-signzone add to a zone? (Choose THREE correct answers.)

  • A. ASIG
  • B. RRSIG
  • C. NSEC3
  • D. NSSIG
  • E. NSEC

Answer: B,C,E

 

NEW QUESTION 32
Given a proper network and name resolution setup, which of the following commands establishes a trust between a FreelPA domain and an Active Directory domain?

  • A. ipa-ad -add-trust --account ADDOM\Administrator--query-password
  • B. net ad ipajoin addom -U Administrator -p
  • C. trustmanager add -_domain ad: //addom --user Administrator -w
  • D. ipa ad join addom -U Administrator -w
  • E. ipa trust-add --type ad addom --admin Administrator --password

Answer: E

 

NEW QUESTION 33
Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?

  • A. --root-swap
  • B. --mlock
  • C. --no-swap
  • D. --keys-no-swap

Answer: B

 

NEW QUESTION 34
SIMULATION
What command is used to update NVTs from the OpenVAS NVT feed? (Specify ONLY the command without any path or parameters).

Answer:

Explanation:
openvas-nvt-sync
Explanation/Reference:
http://www.openvas.org/openvas-nvt-feed.html

 

NEW QUESTION 35
Which of the following statements are true regarding the certificate of a Root CA? (Choose TWO correct answers.)

  • A. It must contain a host name as the common name.
  • B. It has an infinite lifetime and never expires.
  • C. It does not include the private key of the CA
  • D. It is a self-signed certificate.
  • E. It must contain an X509v3 Authority extension.

Answer: C,D,E

 

NEW QUESTION 36
What is the purpose of the program snort-stat?

  • A. It reports whether the Snort process is still running and processing packets.
  • B. It displays statistics from the running Snort process.
  • C. It reads syslog files containing Snort information and generates port scan statistics.
  • D. It returns the status of all configured network devices.
  • E. It displays the status of all Snort processes.

Answer: C

Explanation:
Explanation/Reference:
http://manpages.ubuntu.com/manpages/trusty/man8/snort-stat.8.html

 

NEW QUESTION 37
CORRECT TEXT
Which PAM module checks new passwords against dictionary words and enforces complexity? (Specially the module name only without any path.)

Answer:

Explanation:
pam_cracklib
http;//www-deer-run.com/~hal/sysadmin/pam_cracklib.html

 

NEW QUESTION 38
Which of the following commands changes the source IP address to 192.0.2.11 for all IPv4 packets which go through the network interface eth0?

  • A. iptables ~t nat ~A POSTROUTING ~i eth0 ~j DNAT --to~source 192.0.2.11
  • B. iptables ~t nat ~A POSTROUTING ~o eth0 ~j SNAT --to~source 192.0.2.11
  • C. iptables ~t mangle ~A POSTROUTING ~i eth0 ~j SNAT -to~source 192.0.2.11
  • D. iptables ~t mangle ~A POSTROUTING ~0 eth0 ~j SNAT -to~source 192.0.2.11
  • E. iptables ~t nat ~A PREROUTING ~i eth0 ~j SNAT --to~source 192.0.2.11

Answer: B

Explanation:
Explanation/Reference:
https://www.netfilter.org/documentation/HOWTO/NAT-HOWTO-6.html

 

NEW QUESTION 39
CORRECT TEXT
What option of mount.cifs specifies the user that appears as the local owner of the files of a mounted CIFS share when the server does not provide ownership information? (Specify ONLY the option name without any values or parameters.)

Answer:

Explanation:
uld=arg
http://linux.die.net/man/8/mount.cifs

 

NEW QUESTION 40
Which of the following command lines sets the administrator password for ntop to testing 123?

  • A. ntop --set-password=testing123
  • B. ntop --set-new-password=testing123
  • C. ntop --reset-password=testing123
  • D. ntop --set-admin-password=testing123

Answer: D

Explanation:
Explanation/Reference:
http://linux.die.net/man/8/ntop

 

NEW QUESTION 41
Which of the following commands adds users using SSSD's local service?

  • A. sss_add
  • B. sss_useradd
  • C. sss_local_adduser
  • D. sss-addlocaluser
  • E. sss_adduser

Answer: B

 

NEW QUESTION 42
What effect does the following command have on TCP packets?
iptables- A INPUT -d 10 142 232.1 -p tcp -dport 20:21 -j ACCEPT

  • A. Accept all TCP traffic on port 20 and 21 for the IP address 10.142.232.1
  • B. Drop all TCP traffic coming from 10 142 232.1 destined for port 20 or 21.
  • C. Forward all TCP traffic not on port 20 or 21 to the IP address 10.142 232.1
  • D. Accept only TCP traffic from 10.142 232.1 destined for port 20 or 21.

Answer: D

Explanation:
LPI 303-200 : Practice Test

 

NEW QUESTION 43
Which of the following statements is true regarding eCryptfs?

  • A. eCryptfs cannot be used to encrypt only directories that are the home directory of a regular Linux user.
  • B. When a user changes his login password, the contents of his eCryptfs home directory has to be re-encrypted using his new login password.
  • C. After unmounting an eCryptfs directory, the directory hierarchy and the original file names are still visible, although, it is not possible to view the contents of the files.
  • D. For every file in an eCryptfs directory there exists a corresponding file that contains the encrypted content.
  • E. The content of all files in an eCryptfs directory is stored in an archive file similar to a tar file with an additional index to improve performance.

Answer: A

 

NEW QUESTION 44
Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate'?

  • A. subjectAltName = DNS: www example.org, DNS:example.org
  • B. commonName = subjectAltName= www.example.org, subjectAltName = example.org
  • C. subjectAltName: www.example.org, subjectAltName: example.org
  • D. subject= CN= www.example.org, CN=example.org
  • E. extension= SAN: www.example.org, SAN:example.org

Answer: A

 

NEW QUESTION 45
Which of the following practices are important for the security of private keys? (Choose TWO correct answers.)

  • A. Private keys should be uploaded to public key servers.
  • B. Private keys should be included in X509 certificates.
  • C. Private keys should be created on the systems where they will be used and should never leave them.
  • D. Private keys should have a sufficient length for the algorithm used for key generation.
  • E. Private keys should always be stored as plain text files without any encryption.

Answer: B,D

Explanation:
Explanation
Explanation/Reference:
https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys- and-csrs

 

NEW QUESTION 46
Which of the following commands defines an audit rule that monitors read and write operations to the file/ etc/firewall/rules and associates the rule with the name firewall?

  • A. auditctl -w /etc/firewall/rules -p rw -k firewall
  • B. echo "n: firewall r:/etc/firewall/rules: w:/
    etc/firewall/rules:" | auditctl ~
  • C. auditctl -A -f /etc/firewall/rules -o r -o w -l firewall
  • D. auditctl --read /etc/firewall/rules --write /etc/firewall/rules
    --label firewall
  • E. auditctl -N firewall -r r: /etc/firewall/rules -r w:
    etc/firewall/rules

Answer: A

Explanation:
Explanation/Reference:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sec- Defining_Audit_Rules_and_Controls.html

 

NEW QUESTION 47
Which of the following types can be specified within the Linux Audit system? (Choose THREE correct answers.)

  • A. Network connection rules
  • B. Control rules
  • C. Console rules
  • D. File system rules
  • E. System call rules

Answer: B,D,E

Explanation:
Explanation/Reference:
https://www.digitalocean.com/community/tutorials/how-to-write-custom-system-audit-rules-on-centos-7

 

NEW QUESTION 48
Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate?

  • A. subjectAltName = DNS: www.example.org, DNS:example.org
  • B. commonName = subjectAltName= www.example.org,
    subjectAltName = example.org
  • C. subjectAltName: www.example.org, subjectAltName: example.org
  • D. subject= CN= www.example.org, CN=example.org
  • E. extension= SAN: www.example.org, SAN:example.org

Answer: A

Explanation:
Explanation/Reference:
https://www.openssl.org/docs/manmaster/apps/x509v3_config.html

 

NEW QUESTION 49
Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?

  • A. Require valid-x509
  • B. SSLVerifyClient require
  • C. Limit valid-x509
  • D. SSLPolicy valid-client-cert
  • E. SSLRequestClientCert always

Answer: B

Explanation:
Explanation/Reference:
https://linuxconfig.org/apache-web-server-ssl-authentication

 

NEW QUESTION 50
What effect does the configuration SSLStrictSNIVHostCheck on have on an Apache HTTPD virtual host?

  • A. The virtual host is used as a fallback default for all clients that do not support SNI.
  • B. Despite its configuration, the virtual host is served only on the common name and Subject Alternative Names of the server certificates.
  • C. The virtual host is served only to clients that support SNI.
  • D. All of the names of the virtual host must be within the same DNS zone.
  • E. The clients connecting to the virtual host must provide a client certificate that was issued by the same CA that issued the server's certificate.

Answer: C

 

NEW QUESTION 51
Which of the following statements are valid wireshark capture filters? {Choose TWO correct answers.)

  • A. port range 10000:tcp-15000:tcp
  • B. port-range tcp 10000-15000
  • C. tcp portrange 10000-15000
  • D. portrange 10000/tcp-15000/tcp
  • E. portrange 10000-15000 and tcp

Answer: C,E

 

NEW QUESTION 52
SIMULATION
Which command included in the Linux Audit system provides searching and filtering of the audit log?
(Specify ONLY the command without any path or parameters.)

Answer:

Explanation:
ausearch
Explanation/Reference:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security- Enhanced_Linux/sect-Security-Enhanced_Linux-Fixing_Problems-
Searching_For_and_Viewing_Denials.html

 

NEW QUESTION 53
in which path is the data, which can be altered by the sysctl command, accessible?

  • A. /dev/sys/
  • B. /sysctl/
  • C. /sys/
  • D. /proc/sys/

Answer: D

 

NEW QUESTION 54
......

Valid 303-200 Exam Dumps Ensure you a HIGH SCORE: https://examkiller.itexamreview.com/303-200-valid-exam-braindumps.html

Related Articles

more
Lpi 303-200 Certification Practice Exam

Our examkiller dumps is the best provider of IT exam training, which is really worth being chosen for your exam preparation. The test actual reviews from our customer are positive. We ensure you 100% pass. In case of any failure, we will full refund you.

Latest Examkiller pdf

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ITexamReview NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy