Linux Networking Administration v8.0 (117-202)

Page:    1 / 14   
Total 200 questions

Which of the following sentences is true about ISC DHCP?

  • A. It can't be configured to assign addresses to BOOTP clients.
  • B. Its default behavior is to send DHCPNAK to clients that request inappropriate addresses.
  • C. It can't be used to assign addresses to X - terminals.
  • D. It can be configured to only assign addresses to known clients.
  • E. None of the above.


Answer : D

The host, called " Certkiller ", with the MAC address "08:00:2b:4c:59:23", should always be given the IP address of 192.168.1.2 by the DHCP server. Which of the following configurations will achieve this?

  • A. host Certkiller { hardware-ethernet 08:00:2b:4c:59:23; fixed-address 192.168.1.2; }
  • B. host Certkiller { mac=08:00:2b:4c:59:23; ip= 192.168.1.2; }
  • C. host Certkiller = 08:00:2b:4c:59:23 192.168.1.2
  • D. host Certkiller { hardware ethernet 08:00:2b:4c:59:23; fixed-address 192.168.1.2; }
  • E. host Certkiller { hardware-address 08:00:2b.4c:59:23; fixed-ip 192.168.1.2; }


Answer : D

Which dhcpd.conf option defines the DNS server address(es) to be sent to the DHCP clients?

  • A. domainname
  • B. domain-name-servers
  • C. domain-nameserver
  • D. domain-name-server


Answer : B

What is a significant difference between host and zone keys generated by dnssec-keygen?

  • A. There is no difference.
  • B. Both zone key files ( .key/.private ) contain a public and private key.
  • C. Both host keys files ( .key/. private) contain a public and private key.
  • D. Host Keys must always be generated if DNSSEC is used; zone keys are optional
  • E. Zone Keys must always be generated if is used; host keys are optional


Answer : B

Which of these would be the simplest way to configure BIND to return a different version number to queries?

  • A. Compile BIND with the option -blur-version=my version.
  • B. Set version-string "my version" in BIND's configuration file.
  • C. Set version "my version" in BIND's configuration file.
  • D. Set version=my version in BIND's configuration file.
  • E. Ser version-bind "my version" in BIND's configuration file.


Answer : C

  • A. Any host, from any network, may use this server as its main DNS server.
  • B. If the server doesn't know the answer to a query, it sends a recursive query to 192.168.0.4.
  • C. If the server doesn't know the answer to a query, it sends a query to a root DNS server.
  • D. Hosts in the network 10.0.0.0/24 will be able to ask for zone transfers.
  • E. If the server doesn't know the answer to a query, it sends a recursive query to 192.168.0.4 and, if this fails,it returns a failure.


Answer : B

A BIND server should be upgraded to use TSIG. Which configuration parameters should be added, if the server should use the algorithm hmac-md5 and the key skrKc4DoTzi/tAkllPi7JZA== ?

  • A. TSIG server.example.com. algorithm hmac-md5; secret "skrKc4DoTzi/tAkllPi7JZA=="; };
  • B. key server.example.com. { algorithm hmac-md5; secret skrKc4DoTzi/tAkllPi7JZA==; };
  • C. key server.example.com. { algorithm hmac-md5; secret "skrKc4DoTzi/tAkllPi7JZA=="; };
  • D. key server.example.com. { algorithm=hmac-md5; secret="skrKc4DoTzi/tAkllPi7JZA=="; };
  • E. key server.example.com. { algorithm hmac-md5 secret "skrKc4DoTzi/tAkI1Pi7JZA==" };


Answer : C

DNSSEC is used for?

  • A. Encrypted DNS queries between nameservers.
  • B. Cryptographic authentication of DNS zones.
  • C. Secondary DNS queries for local zones.
  • D. Defining a secure DNS section.
  • E. Querying a secure DNS section.


Answer : B

This program has 3 operating modes: copy-in mode, copy-out mode, and copy-pass mode, and is used to copy files into or out of archives. What program is this? (Please provide the command name only, with no arguments or path.)



Answer : cpio

A BIND server should never answer queries from certain networks or hosts. Which configuration directive could be used for this purpose?

  • A. deny-query { ...; };
  • B. no-answer { ...; };
  • C. deny-answer { ...; };
  • D. deny-access { ...; };
  • E. blackhole { ...; };


Answer : E

What is the purpose of a PTR record?

  • A. To provide name to IP resolution.
  • B. To provide IP to name resolution.
  • C. To direct email to a specific host.
  • D. To provide additional host information.
  • E. To direct clients to another nameserver.


Answer : B

Performing a DNS lookup with dig results in this answer: What might be wrong in the zone definition?

  • A. Nothing. All seems to be good.
  • B. There's no "." after linuserv.example.net in the PTR record in the forward lookup zone file.
  • C. There's no "." after linuserv in the PTR record in the forward lookup zone file.
  • D. There's no "." after linuserv.example.net in the PTR record in the reverse lookup zone file.
  • E. The "." in the NS definition in reverse lookup zone has to be removed.


Answer : D

What directive can be used in named.conf to restrict zone transfers to the 192.168.1.0/24 network?

  • A. allow-transfer { 192.168.1.0/24; };
  • B. allow-transfer { 192.168.1.0/24 };
  • C. allow-axfr { 192.168.1.0/24; };
  • D. allow-axfr { 192.168.1.0/24 };
  • E. allow-xfer { 192.168.1.0/24; };


Answer : A

To securely use dynamic DNS updates, the use of TSIG is recommended. Which TWO statements about TSIG are true?

  • A. TSIG is used for zone data encryption
  • B. TSIG is a signal to start a zone update
  • C. TSIG is used in zone files
  • D. TSIG is used only in server configuration
  • E. Servers using TSIG must be in sync (time zone!)


Answer : D,E

Which option is used to configure pppd to use up to two DNS server addresses provided by the remote server?

  • A. ms-dns
  • B. nameserver
  • C. usepeerdns
  • D. dns
  • E. None of the above


Answer : E

Page:    1 / 14   
Total 200 questions