次の認定試験に速く合格する!

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

会員センター  カート (0)
  • ホーム
  • ブログ
  • Lpi 303-200リアル試験問題テストエンジン問題集トレーニングには60問あります [Q17-Q36]

Lpi 303-200リアル試験問題テストエンジン問題集トレーニングには60問あります [Q17-Q36]

Share

Lpi 303-200リアル試験問題テストエンジン問題集トレーニングには60問あります

303-200実際の問題解答PDFには100%カバー率リアル試験問題

質問 17
Which of the following commands adds a new user usera to FreelPA?

  • A. ipa-user- add usera --name "User A"
  • B. ipa-admin create user --account usera -_fname User --iname A
  • C. ipa user-add usera --first User --last A
  • D. useradd usera --directory ipa --gecos *User A"
  • E. idap- useradd --H ldaps://ipa-server CN=UserA --attribs "Firstname: User: Lastname: A"

正解: C

 

質問 18
CORRECT TEXT
Which command, included in BIND, generates DNSSEC keys? (Specify ONLY the command without any path or parameters.)

正解:

解説:
dnssec-keygen
http://ripe60.ripe.net/presentations/Damas-BiND_9.7_-_DNSSE_for_humans.pdf

 

質問 19
Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?

  • A. Limit valid-x509
  • B. SSLPolicy valid-client-cert
  • C. SSLRequestClientCert always
  • D. Require valid-x509
  • E. SSLVerifyClient require

正解: E

解説:
Explanation/Reference:
https://linuxconfig.org/apache-web-server-ssl-authentication

 

質問 20
Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate?

  • A. subject= CN= www.example.org, CN=example.org
  • B. commonName = subjectAltName= www.example.org,
    subjectAltName = example.org
  • C. subjectAltName: www.example.org, subjectAltName: example.org
  • D. extension= SAN: www.example.org, SAN:example.org
  • E. subjectAltName = DNS: www.example.org, DNS:example.org

正解: E

解説:
Explanation/Reference:
https://www.openssl.org/docs/manmaster/apps/x509v3_config.html

 

質問 21
Which of the following parameters to openssl s_client specifies the host name to use for TLS Server Name Indication?

  • A. -servername
  • B. -tlsname
  • C. -host
  • D. -vhost
  • E. -sniname

正解: A

 

質問 22
Which DNS label points to the DANE information used to secure HTTPS connections to https:// www.example.com/?

  • A. www.example.com
  • B. dane.www.example.com
  • C. example.com
  • D. _443_tcp.www.example.com
  • E. soa.example.com

正解: D

解説:
Explanation/Reference:
http://paginas.fe.up.pt/~jmcruz/ssi/ssi.1112/trabs-als/final/G7T12-digit.cert.altern-final.pdf

 

質問 23
Which of the following statements are true regarding the certificate of a Root CA? (Choose TWO correct answers.)

  • A. It is a self-signed certificate.
  • B. It must contain a host name as the common name.
  • C. It has an infinite lifetime and never expires.
  • D. It must contain an X509v3 Authority extension.
  • E. It does not include the private key of the CA.

正解: A,D,E

解説:
Explanation/Reference:
https://en.wikipedia.org/wiki/Root_certificate

 

質問 24
Which of the following commands disables the automatic password expiry for the user usera?

  • A. chage --maxdays -1 usera
  • B. chage --lastday 0 usera
  • C. chage -maxdays 99 usera
  • D. chage --maxdays none usera
  • E. chage --lastday none usera

正解: A

 

質問 25
Which of the following statements is true about chroot environments?

  • A. The chroot path needs to contain all data required by the programs running in the chroot environment
  • B. Hard links to files outside the chroot path are not followed, to increase security
  • C. Programs are not able to set a chroot path by using a function call, they have to use the command chroot
  • D. Symbolic links to data outside the chroot path are followed, making files and directories accessible
  • E. When using the command chroot, the started command is running in its own namespace and cannot communicate with other processes

正解: A

 

質問 26
Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?

  • A. --root-swap
  • B. --mlock
  • C. --no-swap
  • D. --keys-no-swap

正解: B

 

質問 27
Which of the following keywords are built-in chairs for the iptables nat table? (Choose THREE correct answers.)

  • A. OUTPUT
  • B. MASQUERADE
  • C. PREROUTING
  • D. PROCESSING
  • E. POSTROUTING

正解: A,C,E

解説:
Explanation/Reference:
http://linux.die.net/man/8/ebtables

 

質問 28
CORRECT TEXT
Which command is used to run a new shell for a user changing the SELinux context? (Specify ONLY the command without any path or parameters.)

正解:

解説:
newrole
https://www.centos.ofg/docs/5/html/DeployrnenLGuide-en-US/sec-sel-admincontrol.html

 

質問 29
Which of the following statements describes the purpose of ndpmon?

  • A. It monitors log files for failed login attempts in order to block traffic from offending network nodes.
  • B. It monitors the network for IPv4 nodes that have not yet migrated to IPv6.
  • C. It monitors the network for neighbor discovery messages from new IPv6 hosts and routers.
  • D. It monitors remote hosts by periodically sending echo requests to them.
  • E. It monitors the availability of a network link by querying network interfaces.

正解: C

解説:
Explanation/Reference:
https://en.wikipedia.org/wiki/NDPMon

 

質問 30
SIMULATION
Which command, included in BIND, generates DNSSEC keys? (Specify ONLY the command without any path or parameters.)

正解:

解説:
dnssec-keygen
Explanation/Reference:
http://ripe60.ripe.net/presentations/Damas-BIND_9.7_-_DNSSE_for_humans.pdf

 

質問 31
in which path is the data, which can be altered by the sysctl command, accessible?

  • A. /proc/sys/
  • B. /sys/
  • C. /sysctl/
  • D. /dev/sys/

正解: A

 

質問 32
Which of the following components are part of FreeIPA? (Choose THREE correct answers.)

  • A. DHCP Server
  • B. Intrusion Detection System
  • C. Public Key Infrastructure
  • D. Directory Server
  • E. Kerberos KDC

正解: C,D,E

解説:
Explanation/Reference:
https://www.freeipa.org/page/Documentation

 

質問 33
Which of the following practices are important for the security of private keys? (Choose TWO correct answers.)

  • A. private keys should be uploaded to public key servers.
  • B. Private keys should be created on the systems where they will be used and should never leave them.
  • C. Private keys should be included in X509 certificates.
  • D. Private keys should have a sufficient length for the algorithm used for key generation.
  • E. Private keys should always be stored as plain text files without any encryption.

正解: C,D

 

質問 34
CORRECT TEXT
What command is used to update NVTs from the OpenVAS NVT feed? (Specify ONLY the command without any path or parameters).

正解:

解説:
openvas-nvt-sync
http://www.openvas.org/openvas-nvt-feed.html

 

質問 35
Which of the following are differences between AppArmor and SELinux? (Choose TWO correct answers).

  • A. AppArmor neither requires nor allows any specific configuration. SELinux must always be manually configured.
  • B. AppArmor is implemented in user space only. SELinux is a Linux Kernel Module.
  • C. SELinux stores information in extended file attributes. AppArmor does not maintain file specific information and states.
  • D. The SELinux configuration is loaded at boot time and cannot be changed later on. AppArmor provides user space tools to change its behavior.
  • E. AppArmor is less complex and easier to configure than SELinux.

正解: C,E

解説:
Explanation/Reference:
http://elinux.org/images/3/39/SecureOS_nakamura.pdf

 

質問 36
......

JPNTest 303-200試験練習テスト問題:https://www.jpntest.com/shiken/303-200-mondaishu

関するブログ

もっと
303-200無料問題集

弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間:( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート:現在連絡 

関連リンク

トップ試験