• Home
  • Articles
  • [Dec 22, 2024] Download Free Lpi 303-300 Real Exam Questions [Q69-Q90]

[Dec 22, 2024] Download Free Lpi 303-300 Real Exam Questions [Q69-Q90]

Share

[Dec 22, 2024] Download Free Lpi 303-300 Real Exam Questions

Pass Your Exam With 100% Verified 303-300 Exam Questions

NEW QUESTION # 69
What is OCSP stapling?

  • A. A mechanism that allows a server to provide proof of the revocation status of its own SSL/TLS certificate
  • B. A mechanism that allows a server to provide proof of its own identity to clients
  • C. A mechanism that allows a server to provide proof of a client's identity to other servers
  • D. A mechanism that allows a server to provide proof of the revocation status of all certificates issued by a particular Certificate Authority

Answer: A


NEW QUESTION # 70
Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?

  • A. SSLPolicy valid-client-cert
  • B. SSLVerifyClient require
  • C. Require valid-x509
  • D. Limit valid-x509
  • E. SSLRequestClientCert always

Answer: B


NEW QUESTION # 71
Which of the following is used to perform DNSSEC validation on behalf of clients?

  • A. Secondary name server
  • B. Authoritative name server
  • C. Recursive name server
  • D. Primary name server

Answer: C


NEW QUESTION # 72
What is a Certificate Revocation List (CRL)?

  • A. A list of private keys that have been compromised
  • B. A list of X.509 certificates that have been issued by a particular CA
  • C. A list of public keys that have been compromised
  • D. A list of X.509 certificates that have been revoked by a particular CA

Answer: D


NEW QUESTION # 73
What command is used to update NVTs from the OpenVAS NVT feed?
(Specify ONLY the command without any path or parameters).
Solution: openvas-nvt-sync
Determine whether the given solution is correct?

  • A. Incorrect
  • B. Correct

Answer: B


NEW QUESTION # 74
What is privilege escalation?

  • A. An attack that targets a specific user or organization
  • B. An attack that aims to steal sensitive information
  • C. An attack that exploits a vulnerability to gain elevated privileges
  • D. An attack that floods a network or server with traffic to make it unavailable

Answer: C


NEW QUESTION # 75
What effect does the configuration SSLStrictSNIVHostCheck on have on an Apache HTTPD virtual host?

  • A. The virtual host is served only to clients that support SNI.
  • B. Despite its configuration, the virtual host is served only on the common name and Subject Alternative
  • C. The virtual host is used as a fallback default for all clients that do not support SNI.
  • D. The clients connecting to the virtual host must provide a client certificate that was issued by the same CA that issued the server's certificate.
  • E. All of the names of the virtual host must be within the same DNS zone.

Answer: A


NEW QUESTION # 76
Which of the following DNS records are used in DNSSEC?

  • A. TXT
  • B. PTR
  • C. MX
  • D. RRSIG

Answer: D


NEW QUESTION # 77
Which of the following is a best practice for implementing HID?

  • A. Disable HID when not actively monitoring for security incidents
  • B. Install HID on every computer in the network
  • C. Configure HID to block all incoming traffic
  • D. Configure HID to alert security personnel of potential security incidents

Answer: D


NEW QUESTION # 78
Which of the following practices are important for the security of private keys?
(Choose TWO correct answers.)

  • A. Private keys should be created on the systems where they will be used and should never leave them.
  • B. Private keys should always be stored as plain text files without any encryption.
  • C. Private keys should have a sufficient length for the algorithm used for key generation.
  • D. Private keys should be uploaded to public key servers.
  • E. Private keys should be included in X509 certificates.

Answer: C,E


NEW QUESTION # 79
Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file private/ keypair.pem?

  • A. openssl gencsr -new- key private/keypair.pem -out req/csr.pem
  • B. openssl gencsr -key private/keypair.pem -out req/csr.pem
  • C. openssl req - new -key private/keypair.pem -out req/csr.pem
  • D. openssl req -key private/keypair.pem -out req/csr.pem

Answer: C


NEW QUESTION # 80
Which command revokes ACL-based write access for groups and named users on the file afile?

  • A. setfacl ~m mask: : rx afile
  • B. setfacl -x mask: : rx afile
  • C. setfacl -x group: * : rx, user:*: rx afile
  • D. setfacl ~m group: * : rx, user :*: rx afile

Answer: A


NEW QUESTION # 81
What effect does the following command have on TCP packets?
iptables- A INPUT d 10.142.232.1 p tcp --dport 20:21 j ACCEPT

  • A. Forward all TCP traffic not on port 20 or 21 to the IP address 10.142.232.1
  • B. Accept all TCP traffic on port 20 and 21 for the IP address 10.142.232.1
  • C. Accept only TCP traffic from 10.142.232.1 destined for port 20 or 21.
  • D. Drop all TCP traffic coming from 10.142.232.1 destined for port 20 or 21.

Answer: B


NEW QUESTION # 82
Given a proper network and name resolution setup, which of the following commands establishes a trust between a FreeIPA domain and an Active Directory domain?

  • A. ipa-ad -add-trust --account ADDOM\Administrator--query-password
  • B. net ad ipajoin addom -U Administrator -p
  • C. ipa ad join addom -U Administrator -w
  • D. ipa trust-add --type ad addom --admin Administrator --password
  • E. trustmanager add --domain ad: //addom --user Administrator -w

Answer: D


NEW QUESTION # 83
What is a Trojan?

  • A. A type of phishing scam
  • B. A type of virus
  • C. A type of denial-of-service attack
  • D. A type of malware that disguises itself as legitimate software

Answer: D


NEW QUESTION # 84
Which command is used to view the access control list of a file?

  • A. chmod
  • B. getfacl
  • C. ls
  • D. setfacl

Answer: B


NEW QUESTION # 85
A LUKS device was mapped using the command: cryptsetup luksOpen/dev/sda1 crypt-vol Given that this device has three different keys, which of the following commands deletes only the first key?

  • A. cryptsetup luksDelKey / dev /mapper/crypt- vol 1
  • B. cryptsetup luksDelkey /dev/sda 1 1
  • C. cryptsetup luksDelKey / dev /mapper/crypt- vol 0
  • D. cryptsetup luksDelKey /dev/sda 1 0

Answer: B


NEW QUESTION # 86
Which command, included in BIND, generates DNSSEC keys?
(Specify ONLY the command without any path or parameters.)
Solution: dnssec-keygen
Determine whether the given solution is correct?

  • A. Incorrect
  • B. Correct

Answer: B


NEW QUESTION # 87
Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?

  • A. --keys-no-swap
  • B. --mlock
  • C. --root-swap
  • D. --no-swap

Answer: B


NEW QUESTION # 88
Which of the following keywords are built-in chairs for the iptables nat table?
(Choose THREE correct answers.)

  • A. OUTPUT
  • B. MASQUERADE
  • C. PROCESSING
  • D. PREROUTING
  • E. POSTROUTING

Answer: A,D,E


NEW QUESTION # 89
How can host scans be automated on a Linux system?

  • A. Using cron
  • B. Using chkrootkit
  • C. Using Linux Audit system
  • D. Using OpenSCAP

Answer: A


NEW QUESTION # 90
......

303-300 Dumps 100 Pass Guarantee With Latest Demo: https://www.examdiscuss.com/Lpi/exam/303-300/

303-300 Dumps PDF - 303-300 Real Exam Questions Answers: https://drive.google.com/open?id=1qkC1QCiSd36Bhjv9bhMYTwCizP3xeP4W

Related Articles

more
Go To 303-300 Questions
0
0
0
10