Ensurepass

QUESTION 151

Which THREE of the following actions should be considered when a FTP chroot jail is created?

 

A.      Create /dev/ and /etc/ in the chroot enviroment

B.      Create /etc/passwd in the chroot enviroment

C.      Create /var/cache/ftp in the chroot enviroment

D.      Create the user ftp in the chroot enviroment

E.       Create /usr/sbin/ in the chroot enviroment

Answer: A, B, D

QUESTION 152

Connecting to a remote host on the same LAN using ssh public-key authentication works but forwarding X11 doesn’t. The remote host allows access to both services. Which of the following can be the reason for that behavior?

 

A.      The remote user’s ssh_config file disallows X11 forwarding

B.      The remote server’s sshd_config file disallows X11 forwarding

C.      A different public key has to be used for X11

D.      X11 cannot be forwarded if public-key authentication was used

E.       X11 though SSH needs a special X11 server application installed

Answer: B

QUESTION 153

An iptables firewall was configured to use the target MASQUERADE to share a dedicated wireless connection to the Internet with a few hosts on the local network.

The Internet connection becomes very unstable in rainy days and users complain their connections drop when downloading e-mail or large files, while web browsing seems to be working fine.

Which change to your iptables rules could alleviate the problem?

 

A.        Change the target MASQUERADE to SNAT

B.        Change the target MASQUERADE to DNAY

C.        Change the target MASQUERADE to BALANCE and provide a backup Internet connection

D.        Change the target MASQUERADE to REDIRECT and provide a backup Internet connection

E.         Change the target MASQUERADE to BNAT

Answer: A

QUESTION 154

Which command line create an SSH tunnel for POP and SMTP protocols?

 

A.        ssh- L :110 -L :25 -1 user -N mailhost

B.        ssh -L 25:110 -1 user -N mailhost

C.        ssh -L mailhost:110 -L mailhost:25 -1 user -N mailhost

D.        ssh -L mailhost:25:110 -1 user

E.         ssh -L 110:mailhost:110 -L 25:mailhost:25 -1 user -N mailhost

Answer: E

QUESTION 155

Which of these tools can provide the most information about DNS queries?

 

A.      dig

B.      nslookup

C.      host

D.      named-checkconf

E.       named-checkzone

Answer: A

QUESTION 156

Which records must be entered in a zone file in order to use “Round Robin Load Distribution” for a web server?

 

A.        www.example.org. 60 IN A 192.168.1.1 www.example.org. 60 IN A 192.168.1.2 www.example.org. 60 IN A 192.168.1.3

B.        www.example.org. 60 IN A 192.168.1.1;192.168.1.2;192.168.1.3

C.        www.example.org. 60 IN A 192.168.1-3

D.        www.example.org. 60 IN RR 192.168.1:3

E.         www.example.org. 60 IN RR 192.168.1.1;192.168.1.2;192.168.1.3

Answer: A

QUESTION 157

Which command would release the current IP address leased by a DHCP server?

 

A.      ipconfig /release

B.      ifconfig –release-all

C.      dhclient -r

D.      ifconfig –release

E.       pump –release

Answer: C

QUESTION 158

Remote access to a CD-RW device on a machine on a LAN must be restricted to a selected user group. Select the TWO correct alternatives that describe the possible solutions for this problem.

 

A.      The remote access to these devices can be allowed to users by changing the display manager configurationand allowing sudo access for the user that will log in remotely

B.      The pam_console module allows access configuration to these devices via console, including simultaneousaccess by many users

C.      The pam_console module can be used to control access to devices via console, allowing/denying access tothese devices in the user’s session

D.      If the pam_console module is used, it must be checked as required, because it is essential for userauthentication

E.       Through the sudo configuration file, it is possible to set users that will have the power of the root user, sothey can access the devices. Besides that, it is important to configure the /etc/pam.d/su file, so the PAMmodules can secure the service

Answer: C,E

QUESTION 159

Select the alternative that shows the correct way to disable a user login (except for root)

 

A.      The use of the pam_nologin module along with the /etc/login configuration file

B.      The use of the pam_deny module along with the /etc/deny configuration file

C.      The use of the pam_pwdb module along with the /etc/pwdb.conf configuration file

D.      The use of the pam_console module along with the /etc/security/console.perms configuration file

E.       The use of the pam_nologin module along with the /etc/nologin configuration file

Answer: E

QUESTION 160

A new user was created on a master NIS server using useradd but cannot log in from an NIS client.

Older users can log in. Which step was probably forgotten, when creating the new user?

 

A.      Running yppush on the NIS server to propagate map changes to NIS clients

B.      Running make inside /var/yp on the NIS server to generate new maps

C.      Starting the yppasswdd daemon on the NIS server to receive login re quests from NIS clients

D.      Starting the ypxfr daemon on the NIS client to fetch map changes from the NIS server

E.       Restarting ypxfr daemons on the NIS client and server to fetch map changes

Answer: A

 

 




Download Latest LPI 117-202 Real Free Tests , help you to pass exam 100%.

Comments are closed.