New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium LPI 202-450 Dumps Questions Answers

Page: 1 / 9
Total 119 questions

LPIC-2 - Exam 202 (part 2 of 2), version 4.5 Questions and Answers

Question 1

A host, called lpi, with the MAC address 08:00:2b:4c:59:23 should always be given the IP address of 192.168.1.2 by a DHCP server running ISC DHCPD.

Which of the following configurations will achieve this?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Buy Now
Question 2

In order to join a file server to the Active Directory domain intra.example.com, the following smb.conf has been created:

The command net ads join raises an error and the server is not joined to the domain. What should be done to successfully join the domain?

Options:

A.

Change server role to ad member server to join an Active Directory domain instead of an NT4 domain.

B.

Add realm = intra.example.com to the smb.conf and change workgroup to the domain’s netbios workgroup name.

C.

Manually create a machine account in the Active Directory domain and specify the machine account’s name with –U when starting net ads join.

D.

Remove the winbind enum users and winbind enum groups since winbind is incompatible with Active Directory domains.

E.

Remove all idmap configuration stanzas since the id mapping is defined globally in an Active Directory domain and cannot be changed on a member server.

Question 3

What configuration directive of the Apache HTTPD server defines where log files are stored? (Specify ONE of the directives without any other options.)

Options:

Question 4

What command creates a SSH key pair? (Specify ONLY the command without any path or parameters)

Options:

Question 5

A BIND server should be upgraded to use TSIG. Which configuration parameters should be added if the server should use the algorithm hmac-md5 and the key skrKc4DoTzi/takIlPi7JZA==?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Question 6

Which of the following Samba services handles the membership of a file server in an Active Directory domain?

Options:

A.

winbindd

B.

nmbd

C.

msadd

D.

admemb

E.

samba

Question 7

On a Linux router, packet forwarding for IPv4 has been enabled. After a reboot, the machine no longer forwards IP packets from other hosts. The command:

echo 1 > /proc/sys/net/ipv4/ip_forward

temporarily resolves this issue.

Which one of the following options is the best way to ensure this setting is saved across system restarts?

Options:

A.

Add echo 1 > /proc/sys/net/ipv4/ip_forward to the root user login script

B.

Add echo 1 > /proc/sys/net/ipv4/ip_forward to any user login script

C.

In /etc/sysct1.conf change net.ipv4.ip_forward to 1

D.

In /etc/rc.local add net.ipv4.ip_forward = 1

E.

In /etc/sysconfig/iptables-config add ipv4.ip_forward = 1

Question 8

What is the purpose of DANE?

Options:

A.

Verify the integrity of name information retrieved via DNS.

B.

Allow secure dynamic DNS updates.

C.

Invalidate name information stored on caching name servers to speed up DNS updates.

D.

Discover which servers within a DNS domain offer a specific service.

E.

Provide a way to verify the association of X 509 certificates to DNS host names.

Question 9

Which keyword is used in the Squid configuration to define networks and times used to limit access to the service?

Options:

A.

acl

B.

allow

C.

http_allow

D.

permit

Question 10

In order to prevent all anonymous FTP users from listing uploaded file names, what security precaution can be taken when creating an upload directory?

Options:

A.

The directory must not have the execute permission set.

B.

The directory must not have the read permission set.

C.

The directory must not have the read or execute permission set.

D.

The directory must not have the write permission set.

E.

The directory must not contain other directories.

Question 11

Which FTP names are recognized as anonymous users in vsftp when the option anonymous_enable is set to yes in the configuration files? (Choose two.)

Options:

A.

anonymous

B.

ftp

C.

In the described configuration, any username which neither belongs to an existing user nor has another special meaning is treated as anonymous user.

D.

nobody

E.

guest

Question 12

Which Apache HTTPD directive enables HTTPS protocol support?

Options:

A.

HTTPSEngine on

B.

SSLEngine on

C.

SSLEnable on

D.

HTTPSEnable on

E.

StartTLS on

Question 13

What is the name of the network security scanner project which, at the core, is a server with a set of network vulnerability tests?

Options:

A.

NetMap

B.

OpenVAS

C.

Smartscan

D.

Wireshark

Question 14

If there is no access directive, what is the default setting for OpenLDAP?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 15

The Samba configuration file contains the following lines:

A workstation is on the wired network with an IP address of 192.168.1.177 but is unable to access the Samba server. A wireless laptop with an IP address 192.168.2.93 can access the Samba server. Additional trouble shooting shows that almost every machine on the wired network is unable to access the Samba server.

Which alternate host allow declaration will permit wired workstations to connect to the Samba server without denying access to anyone else?

Options:

A.

host allow = 192.168.1.1-255

B.

host allow = 192.168.1.100192.168.2.200localhost

C.

host deny = 192.168.1.100/255.255.255.0192.168.2.31localhost

D.

host deny = 192.168.2.200/255.255.255.0192.168.2.31localhost

E.

host allow = 192.168.1.0/255.255.255.0192.168.2.0/255.255.255.0 localhost

Question 16

Which of these tools, without any options, provides the most information when performing DNS queries?

Options:

A.

dig

B.

nslookup

C.

host

D.

named-checkconf

E.

named-checkzone

Question 17

Which option in named.conf specifies which host are permitted to ask for domain name information from the server?

Options:

A.

allowed-hosts

B.

accept-query

C.

permit-query

D.

allow-query

E.

query-group

Question 18

Which global option in squid.conf sets the port number or numbers that Squid will use to listen for client requests?

Options:

A.

port

B.

client_port

C.

http_port

D.

server_port

E.

squid_port

Question 19

To allow X connections to be forwarded from or through an SSH server, what configuration keyword must be set to yes in the sshd configuration file?

Options:

A.

AllowForwarding

B.

ForwardingAllow

C.

XllForwardingAllow

D.

XllForwarding

Question 20

Which http_access directive for Squid allows users in the ACL named sales_net to only access the Internet at times specified in the time_acl named sales_time?

Options:

A.

http_access deny sales_time sales_net

B.

http_access allow sales_net sales_time

C.

http_access allow sales_net and sales-time

D.

allow http_access sales_net sales_time

E.

http_access sales_net sales_time

Question 21

What is DNSSEC used for?

Options:

A.

Encrypted DNS queries between nameservers

B.

Cryptographic authentication of DNS zones

C.

Secondary DNS queries for local zones

D.

Authentication of the user that initiated the DNS query

E.

Encrypting DNS queries and answers

Question 22

Which of the following actions are available in Sieve core filters? (Choose three.)

Options:

A.

drop

B.

discard

C.

fileinto

D.

relay

E.

reject

Question 23

It has been discovered that the company mail server is configured as an open relay. Which of the following actions would help prevent the mail server from being used as an open relay while maintaining the possibility to receive company mails? (Choose two.)

Options:

A.

Restrict Postfix to only accept e-mail for domains hosted on this server

B.

Configure Dovecot to support IMAP connectivity

C.

Configure netfilter to not permit port 25 traffic on the public network

D.

Restrict Postfix to only relay outbound SMTP from the internal network

E.

Upgrade the mailbox format from mbox to maildir

Question 24

Select the Samba option below that should be used if the main intention is to setup a guest printer service?

Options:

A.

security = cups

B.

security = ldap

C.

security = pam

D.

security = share

E.

security = printing

Question 25

Which command is used to configure which file systems a NFS server makes available to clients?

Options:

A.

exportfs

B.

mkfs.nfs

C.

mount

D.

nfsservct1

E.

telinit

Question 26

When are Sieve filters usually applied to an email?

Options:

A.

When the email is delivered to a mailbox

B.

When the email is relayed by an SMTP server

C.

When the email is received by an SMTP smarthost

D.

When the email is sent to the first server by an MUA

E.

When the email is retrieved by an MUA

Question 27

Which of the following types of IPv6 address assignments does DHCPv6 support? (Choose three.)

Options:

A.

Assignments of normal IPv6 addresses that can be renewed.

B.

Assignments of temporary IPv6 addresses that cannot be renewed.

C.

Assignments of blacklisted IPv6 addresses that should no longer be used.

D.

Assignments of IPv6 prefixes that can be used for routing or further assignments.

E.

Assignments of anonymous IPv6 addresses whose assignment is not logged by the DHCPv6 server.

Question 28

Which of the following options are valid in /etc/exports? (Choose two.)

Options:

A.

rw

B.

ro

C.

rootsquash

D.

norootsquash

E.

uid

Question 29

Which Apache HTTPD configuration directive specifies the RSA private key that was used in the generation of the SSL certificate for the server?

Options:

A.

SSLCertificateKeyFile

B.

SSLKeyFile

C.

SSLPrivateKeyFile

D.

SSLRSAKeyFile

Question 30

Which doveadm sub-command displays a list of connections of Dovecot in the following format? (Specify ONLY the command without any parameters.)

Options:

Question 31

In a PAM configuration file, which of the following is true about the required control flag?

Options:

A.

If the module returns success, no more modules of the same type will be invoked

B.

The success of the module is needed for the module-type facility to succeed. If it returns a failure, control is returned to the calling application

C.

The success of the module is needed for the module-type facility to succeed. However, all remaining modules of the same type will be invoked

D.

The module is not critical and whether it returns success or failure is not important

E.

If the module returns failure, no more modules of the same type will be invoked

Question 32

Which of the following commands can be used to connect and interact with remote TCP network services? (Choose two.)

Options:

A.

nettalk

B.

nc

C.

telnet

D.

cat

E.

netmap

Question 33

What is the name of the root element of the LDAP tree holding the configuration of an OpenLDAP server that is using directory based configuration? (Specify ONLY the element’s name without any additional information.)

Options:

Question 34

Which of the following DNS record types is used for reverse DNS queries?

Options:

A.

CNAME

B.

IN

C.

PTR

D.

REV

E.

RIN

Question 35

When using mod_authz_core, which of the following strings can be used as an argument to Require in an Apache HTTPD configuration file to specify the authentication provider? (Choose three.)

Options:

A.

method

B.

all

C.

regex

D.

header

E.

expr

Page: 1 / 9
Total 119 questions