ERASED TEST, YOU MAY BE INTERESTED ON LPIC-2 202
COMMENTS | STATISTICS | RECORDS |
---|
TAKE THE TEST
Title of test:
LPIC-2 202 Description: Exam Questions Author: LinuxTest Other tests from this author Creation Date: 22/09/2024 Category: Computers Number of questions: 30 |
Share the Test:
New Comment
No comments about this test.
Content:
On a Linux router, packet forwarding for IPv4 has been enabled. After a reboot, the machine no longer forwards IP packets from other hosts. The command:
echo 1 > /proc/sys/net/ipv4/ip_forward temporarily resolves this issue.
Which one of the following options is the best way to ensure this setting is saved across system restarts? Add echo 1 > /proc/sys/net/ipv4/ip_forward to the root user login script Add echo 1 > /proc/sys/net/ipv4/ip_forward to any user login script In /etc/sysct1.conf change net.ipv4.ip_forward to 1 In /etc/rc.local add net.ipv4.ip_forward = 1 In /etc/sysconfig/iptables-config add ipv4.ip_forward = 1. In a BIND zone file, what does the @ character indicate? A- It's the fully qualified host name of the DNS server B- It's an alias for the e-mail address of the zone master C- It's the name of the zone as defined in the zone statement in named.conf D- It's used to create an alias between two CNAME entries. What information can be found in the file specified by the status parameter in an OpenVPN server configuration file? (Choose two.) A. Errors and warnings generated by the openvpn daemon B. Routing information C. Statistical information regarding the currently running openvpn daemon D. A list of currently connected clients E. A history of all clients who have connected at some point. Which of the following lines in the sshd configuration file should, if present, be changed in order to increase the security of the server? (Choose two.) A. Protocol 2, 1 B. PermitEmptyPasswords no C. Port 22 D. PermitRootLogin yes E. IgnoreRhosts yes. Which of the following nmap parameters scans a target for open TCP ports? (Choose two.) A. -sO B. -sZ C. -sT D. -sU E. -sS. What is DNSSEC used for? A- Encrypted DNS queries between nameservers B- Cryptographic authentication of DNS zones C- Secondary DNS queries for local zones D- Authentication of the user that initiated the DNS query E- Encrypting DNS queries and answers. Which of the following DNS records could be a glue record? A- ns1.labA198.51.100.53 B- labNS198.51.100.53 C- ns1.labNS198.51.100.53 D- ns1.A198.51.100.53 E- ns1.labGLUE198.51.100.53. What option for BIND is required in the global options to disable recursive queries on the DNS server by default? A- allow-recursive-query ( none; ); B- allow-recursive-query off; C- recursion { disabled; }; D- recursion { none; }; E- recursion no;. Which of the statements below are correct regarding the following commands, which are executed on a Linux router? (Choose two.) ip6tables -A FORWARD -s fe80::/64 -j DROP ip6tables -A FORWARD -d fe80::/64 -j DROP A. Packets with source or destination addresses from fe80::/64 will never occur in the FORWARD chain B. The rules disable packet forwarding because network nodes always use addresses from fe80::/64 to identify routers in their routing tables C. ip6tables returns an error for the second command because the affected network is already part of another rule D. Both ip6tables commands complete without an error message or warning E. The rules suppress any automatic configuration through router advertisements or DHCPv6. What option in the client configuration file would tell OpenVPN to use a dynamic source port when making a connection to a peer? A. src-port B. remote C. source-port D. nobind E. dynamic-bind. Which Linux user is used by vsftpd to perform file system operations for anonymous FTP users? A. The Linux user which runs the vsftpd process B. The Linux user that owns the root FTP directory served by vsftpd C. The Linux user with the same user name that was used to anonymously log into the FTP server D. The Linux user root, but vsftpd grants access to anonymous users only to globally read-/writeable files E. The Linux user specified in the configuration option ftp_username. Which of the following sshd configuration should be set to no in order to fully disable password based logins? (Choose two.) A. PAMAuthentication B. ChallengegeResponseAuthentication C. PermitPlaintextLogin D. UsePasswords E. PasswordAuthentication. When the default policy for the netfilter INPUT chain is set to DROP, why should a rule allowing traffic to localhost exist? A. All traffic to localhost must always be allowed B. It doesn't matter; netfilter never affects packets addressed to localhost C. Some applications use the localhost interface to communicate with other applications D. syslogd receives messages on localhost E. The iptables command communicates with the netfilter management daemon netfilterd on localhost to create and change packet filter rules. What command creates a SSH key pair? (Specify ONLY the command without any path or parameters). The content of which local file has to be transmitted to a remote SSH server in order to be able to log into the remote server using SSH keys? A. ~/.ssh/authorized_keys B. ~/.ssh/config C. ~/.ssh/id_rsa.pub D. ~/.ssh/id_rsa E. ~./ssh/known_hosts. Which of these tools, without any options, provides the most information when performing DNS queries? A- dig B- nslookup C- host D- named-checkconf E- named-checkzone. What is the name of the network security scanner project which, at the core, is a server with a set of network vulnerability tests? A. NetMap B. OpenVAS C. Smartscan D. Wireshark. Which command is used to configure which file systems a NFS server makes available to clients? A- exportfs B- mkfs.nfs C- mount D- nfsservct1 E- telinit. With fail2ban, what is a "˜jail'? A. A netfilter rules chain blocking offending IP addresses for a particular service B. A group of services on the server which should be monitored for similar attack patterns in the log files C. A filter definition and a set of one or more actions to take when the filter is matched D. The chroot environment in which fail2ban runs. Which of the following Samba configuration parameters is functionally identical to the parameter read only=yes? A. browseable=no B. read write=no C. writeable=no D. write only=no E. write access=no. How must Samba be configured such that it can check CIFS passwords against those found in /etc/passwd and /etc/shadow? A. Set the parameters "encrypt passwords = yes" and "password file = /etc/passwd" B. Set the parameters "encrypt passwords = yes", "password file = /etc/passwd" and "password algorithm = crypt" C. Delete the smbpasswd file and create a symbolic link to the passwd and shadow file D. It is not possible for Samba to use /etc/passwd and /etc/shadow directly E. Run smbpasswd to convert /etc/passwd and /etc/shadow to a Samba password file. Which of the following options are valid in /etc/exports? (Choose two.) A- rw B- ro C- rootsquash D- norootsquash E- uid. Which of the following statements is true regarding the NFSv4 pseudo file system on the NFS server? A- It must be called /exports B- It usually contains bind mounts of the directory trees to be exported C- It must be a dedicated partition on the server D- It is defined in the option Nfsv4-Root in /etc/pathmapd.conf E- It usually contains symlinks to the directory trees to be exported. Which of the following Samba services handles the membership of a file server in an Active Directory domain? A- winbindd B- nmbd C- msadd D- admemb E- samba. In which CIFS share must printer drivers be placed to allow Point'n'Print driver deployment on Windows? A. winx64drv$ B. print$ C. The name of the share is specified in the option print driver share within each printable share in smb.conf D. pnpdrivers$ E. NETLOGON. Which of the following statements is true regarding the NFSv4 pseudo file system on the NFS server? A. It must be called /exports B. It usually contains bind mounts of the directory trees to be exported C. It must be a dedicated partition on the server D. It is defined in the option Nfsv4-Root in /etc/pathmapd.conf E. It usually contains symlinks to the directory trees to be exported. Which attitude of an object in LDAP defines which other attributes can be set for the object? (Specify ONLY the attribute name without any values.). Which of the following actions are available in Sieve core filters? (Choose three.) drop discard fileinto relay reject. Which option in named.conf specifies which host are permitted to ask for domain name information from the server? allowed-hosts accept-query permit-query allow-query query-group. Which of the following information has to be submitted to a certification authority in order to request a web server certificate? The web server's private key. The IP address of the web server. The list of ciphers supported by the web server. The web server's SSL configuration file. The certificate signing request. |
Report abuse