[Free-Dumps] Learning New PassLeader 303-200 Exam Questions To Pass Exam Easily (Question 1 – Question 25)

New & Valid 303-200 Exam Questions from PassLeader 303-200 PDF dumps! Welcome to download the newest PassLeader 303-200 VCE dumps: http://www.passleader.com/303-200.html (70 Q&As)

Keywords: 303-200 exam dumps, 303-200 exam questions, 303-200 VCE dumps, 303-200 PDF dumps, 303-200 practice tests, 303-200 study guide, 303-200 braindumps, LPIC-3 Exam 303: Security Exam

P.S. New 303-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpNGtMZFVyU1dvRVk

P.S. New 304-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpajFKM1hKeEUxQzQ

QUESTION 1
Which of the following commands adds a new user usera to FreelPA?

A.    useradd usera –directory ipa –gecos *User A”
B.    idap- useradd –H ldaps://ipa-server CN=UserA –attribs “Firstname: User: Lastname: A”
C.    ipa-admin create user –account usera -_fname User –iname A
D.    ipa user-add usera –first User –last A
E.    ipa-user- add usera –name “User A”

Answer: D

QUESTION 2
Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?

A.    –mlock
B.    –no-swap
C.    –root-swap
D.    –keys-no-swap

Answer: A

QUESTION 3
Which of the following statements is used in a parameter file for setkey in order to create a new SPD entry?

A.    spd
B.    addspd
C.    newspd
D.    spdnew
E.    spdadd

Answer: E

QUESTION 4
Which of the following terms refer to existing scan techniques with nmap? (Choose TWO correct answers.)

A.    Xmas Scan
B.    Zero Scan
C.    FIN Scan
D.    IP Scan
E.    UDP SYN Scan

Answer: AC

QUESTION 5
When OpenVPN sends a control packet to its peer, it expects an acknowledgement in 2 seconds by default. Which of the following options changes the timeout period to 5 seconds?

A.    -tls-timeout 5
B.    -tls- timeout 500
C.    -tls- timer 5
D.    -tls- timer 500

Answer: A

QUESTION 6
Which of the following commands makes the contents of the eCryptfs encrypted directory – /Private available to the user?

A.    ecryptfsclient
B.    ecryptfs.mount
C.    ecryptfs-mount-private
D.    decryptfs
E.    ecryptfs-manage-di rectory

Answer: C

QUESTION 7
Which command revokes ACL-based write access for groups and named users on the file afile?

A.    setfacI -x group: * : rx, user:*: rx afile
B.    setfacl -x mask: : rx afile
C.    setfacl ~m mask: : rx afile
D.    setfacl ~m group: * : rx, user:*: rx afile

Answer: C

QUESTION 8
How does TSIG authenticate name servers in order to perform secured zone transfers?

A.    Both servers mutually verify their X509 certificates.
B.    Both servers use a secret key that is shared between the servers.
C.    Both servers verify appropriate DANE records for the labels of NS records used to delegate the transferred zone.
D.    Both servers use DNSSEC to mutually verify that they are authoritative for the transferred zone.

Answer: B

QUESTION 9
Which of the following are differences between AppArmor and SELinux? (Choose TWO correct answers.)

A.    AppArmor is implemented in user space only. SELinux is a Linux Kernel Module.
B.    AppArmor is less complex and easier to configure than SELinux.
C.    AppArmor neither requires nor allows any specific configuration. SELinux must always be manually configured.
D.    SELinux stores information in extended file attributes. AppArmor does not maintain file specific information and states.
E.    The SELinux configuration is loaded at boot time and cannot be changed later on AppArmor provides user space tools to change its behavior.

Answer: BD

QUESTION 10
Which of the following commands adds users using SSSD’s local service?

A.    sss_adduser
B.    sss_useradd
C.    sss_add
D.    sss_addlocaluser
E.    sss_local_adduser

Answer: B

QUESTION 11
Which of the following statements are true regarding the certificate? (Choose THREE correct answers.)

A.    This certificate belongs to a certification authority.
B.    This certificate may be used to sign certificates of subordinate certification authorities.
C.    This certificate may never be used to sign any other certificates.
D.    This certificate may be used to sign certificates that are not also a certification authority.
E.    This certificate will not be accepted by programs that do not understand the listed extension.

Answer: ABD

QUESTION 12
Which of the following statements are valid wireshark capture filters? (Choose TWO correct answers.)

A.    port range 10000:tcp-15000:tcp
B.    port-range tcp 10000-15000
C.    tcp portrange 10000-15000
D.    portrange 10000/tcp-15000/tcp
E.    portrange 10000-15000 and tcp

Answer: CE

QUESTION 13
Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file private/keypair.pem?

A.    openssl req -key private/keypair.pem -out req/csr.pem
B.    openssl req – new -key private/keypair.pem -out req/csr.pem
C.    openssl gencsr -key private/keypair.pem -out req/csr.pem
D.    openssl gencsr -new- key private/keypair.pem -out req/csr.pem

Answer: B

QUESTION 14
Which of the following command lines sets the administrator password for ntop to testing 123?

A.    ntop –set-admin-password=testing123
B.    ntop –set-password-testing123
C.    ntop –reset-password=testing 123
D.    ntop –set-new-password=testing123

Answer: A

QUESTION 15
Which of the following statements is true about chroot environments?

A.    Symbolic links to data outside the chroot path are followed, making files and directories accessible
B.    Hard links to files outside the chroot path are not followed, to increase security
C.    The chroot path needs to contain all data required by the programs running in the chroot environment
D.    Programs are not able to set a chroot path by using a function call, they have to use the command chroot
E.    When using the command chroot, the started command is running in its own namespace and cannot communicate with other processes

Answer: C

QUESTION 16
Which option in an Apache HTTPD configuration file enables OCSP stapling? (Specify ONLY the option name without any values or parameters.)

Answer: httpd-ssl.conf

QUESTION 17
What option of mount.cifs specifies the user that appears as the local owner of the files of a mounted CIFS share when the server does not provide ownership information? (Specify ONLY the option name without any values or parameters.)

Answer: uld=arg

QUESTION 18
Which of the following expressions are valid AIDE rules? (Choose TWO correct answers.)

A.    !/var/run/.*
B.    append: /var/log/*
C.    /usr=all
D.    #/bin/
E.    /etc p+i+u+g

Answer: AE

QUESTION 19
Which directive is used in an OpenVPN server configuration in order to send network configuration information to the client? (Specify ONLY the option name without any values or parameters.)

Answer: push

QUESTION 20
Which of the following authentication methods was added to NFS in version 4?

A.    Kerberos authentication
B.    SSH hostkey authentication
C.    Winbind authentication
D.    SSL certificate authentication

Answer: A

QUESTION 21
Which of the following commands defines an audit rule that monitors read and write operations to the file/ etc/firewall/rules and associates the rule with the name firewall?

A.    auditctl -N firewall -r r: /etc/firewall/rules -r w: etc/firewall/rules
B.    auditctl -A -f /etc/firewall/rules -p rw -k firewall
C.    auditctl -w /etc/firewall/rules -p rw -k firewall
D.    auditctl -_read /etc/firewall/rules -_write /etc/firewall/rules –label firewall
E.    echo “n: firewall r:/etc/firewall/rules: w:/ etc/firewall/rules:” | auditctl ~

Answer: C

QUESTION 22
Which of the following information, within a DNSSEC- signed zone, is signed by the key signing key?

A.    The non-DNSSEC records like A, AAAA or MX.
B.    The zone signing key of the zone.
C.    The RRSIG records of the zone.
D.    The NSEC or NSEC3 records of the zone.
E.    The DS records pointing to the zone.

Answer: B

QUESTION 23
Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate?

A.    subjectAltName = DNS: www example.org, DNS: example.org
B.    extension = SAN: www.example.org, SAN: example.org
C.    subjectAltName: www.example.org, subjectAltName: example.org
D.    commonName = subjectAltName = www.example.org, subjectAltName = example.org
E.    subject = CN = www.example.org, CN = example.org

Answer: A

QUESTION 24
Which command is used to run a new shell for a user changing the SELinux context? (Specify ONLY the command without any path or parameters.)

Answer: newrole

QUESTION 25
Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?

A.    Limit valid-x509
B.    SSLRequestClientCert always
C.    Require valid-x509
D.    SSLVerifyClient require
E.    SSLPolicy valid-client-cert

Answer: D


Download the newest PassLeader 303-200 dumps from passleader.com now! 100% Pass Guarantee!

303-200 PDF dumps & 303-200 VCE dumps: http://www.passleader.com/303-200.html (70 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!)

P.S. New 303-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpNGtMZFVyU1dvRVk

P.S. New 304-200 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpajFKM1hKeEUxQzQ