LPI 303-200 - LPIC-3 Exam 303: Security, 2.0 Exam

Page:    1 / 12   
Total 60 questions

Which of the following statements is true about chroot environments?

  • A. Symbolic links to data outside the chroot path are followed, making files and directories accessible
  • B. Hard links to files outside the chroot path are not followed, to increase security
  • C. The chroot path needs to contain all data required by the programs running in the chroot environment
  • D. Programs are not able to set a chroot path by using a function call, they have to use the command chroot
  • E. When using the command chroot, the started command is running in its own namespace and cannot communicate with other processes


Answer : C

Which of the following DNS record types can the command dnssec-signzone add to a zone? (Choose THREE correct answers.)

  • A. ASIG
  • B. NSEC
  • C. NSEC3
  • D. NSSIG
  • E. RRSIG


Answer : B,C,E

Which of the following prefixes could be present in the output of getcifsacl? (Choose
THREE correct answers.)

  • A. ACL
  • B. GRANT
  • C. GROUP
  • D. OWNER
  • E. SID


Answer : A,C,E

Which of the following commands changes the source IP address to 192.0.2.11 for all IPv4 packets which go through the network interface eth0? j SNAT -to-source 192.0.2.11 eth0 -j SNAT -to-source 192.0.2.11
C. iptables -t nat -A POSTROUTING H eth0 -j DNAT -to-source 192.0.2.11
D. iptables -t mangle -A POSTROUTING -i eth0 -j SNAT -to-source 192.0.2.11
E. iptables -t mangle -A POSTROUTING -0 eth0 -j SNAT -to-source 192.0.2.11



Answer : A

Which of the following statements describes the purpose of ndpmon?

  • A. it monitors the network for neighbor discovery messages from new IPv6 hosts and routers
  • B. it monitors remote hosts by periodically sending echo requests to them.
  • C. it monitors the availability of a network link by querying network interfaces.
  • D. It monitors the network for IPv4 nodes that have not yet migrated to IPv6.
  • E. It monitors log files for failed login attempts in order to block traffic from offending network nodes


Answer : A

Page:    1 / 12   
Total 60 questions