[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 121-130

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 121

Which option must be used with ifconfig, to also see interfaces that are down?

  1. -d

  2. -a

  3. -all

  4. -down

  5. None.

Answer: A

Question No: 122

What is the command to add another IP address to an interface that already has (at least) one IP address?

A. ifconfig eth0:1 192.168.1.2

B. ifconfig eth0 192.168.1.2

C. ipconfig eth0:1 192.168.1.2

D. ipconfig eth0 192.168.1.2

Answer: A

Question No: 123

The command route shows the following output:

Latesttests 2017 PDF and VCE

Which of the following statements is correct?

  1. The network 169.254.0.0 is not a valid route.

  2. The host 194.168.123.5 is temporarily down.

  3. The host route 194.168.123.5 is rejected by the kernel.

  4. The quot;!H quot; signals that traffic to the host 194.168.123.5 is dropped.

  5. The network path to the host 194.168.123.5 is not available.

Answer: C

Question No: 124

A network client has an ethernet interface configured with an IP address in the subnet 192.168.0.0/24.

This subnet has a router, with the IP address 192.168.0.1, that connects this subnet to the Internet.

What needs to be done on the client to enable it to use the router as its default gateway?

  1. Run route add default gw 192.168.0.1 eth1.

  2. Run route add gw 192.168.0.1 eth1.

  3. Run ifconfig eth0 defaultroute 192.168.0.1.

  4. Add quot;defaultroute 192.168.0.1quot; to /etc/resolv.conf.

  5. Run route add defaultgw=192.168.0.1 if=eth0.

Answer: A

Question No: 125

A server with 2 network interfaces, eth0 and eth1, should act as a router. eth0 has the IP address 192.168.0.1 in the subnet 192.168.0.1/24 and eth1 has the IP address 10.0.0.1 in the subnet 10.0.0.0/16.

The routing table looks fine, but no data is traversing the networks. Which TWO of the following need to be done?

  1. Enable IP forwarding with echo quot;1quot; gt; /proc/sys/net/ipv4/ip_forward

  2. Add new firewall chains to handle inbound amp; outbound traffic on both interfaces.

  3. Reconfigure the firewall rules to allow traffic to traverse the networks.

  4. The routing table needs to be restarted, for the changes to take effect.

  5. The server needs to be restarted, for the changes to take effect.

Answer: A,C

Question No: 126

What command is used to add a route to the 192.168.4.0/24 network via 192.168.0.2?

A. route add – network 192.168.4.0 netmask 255.255.255.0 gw 192.168.0.2

B. route add – net 192.168.4.0/24 gw 192.168.0.2

C. route add – network 192.168.4.0/24 192.168.0.2

D. route add – net 192.168.4.0 netmask 255.255.255.0 192.168.0.2

E. route add – net 192.168.4.0 netmask 255.255.255.0 gw 192.168.0.2

Answer: E

Question No: 127

Which of the following sentences is true, when using the following /etc/pam.d/login file?

#%PAM-l.0

auth required /lib/security/pam_securetty.so auth required /lib/security/pam_nologin.so

auth sufficient /lib/security/pam_unix.so shadow nullok md5 use_authtok auth required /lib/security/pam_ldap.so use_first_pass

account sufficient /lib/security/pam_unix.so account required /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so

password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/pam_ldap.so use_first_pass

session optional /lib/security/pam_console.so session sufficient /lib/security/pam_unix.so session required /lib/security/pam_ldap.so

  1. All users will be authenticated against the LDAP directory

  2. This is the only file needed to configure LDAP authentication on Linux

  3. Only local users will be able to log in, when the file/etc/nologin exists

  4. Ordinary users will be able to change their password to be blank

  5. If the control flags for auth were changed to required, local users wouldn#39;t be able to log

in

Answer: D

Question No: 128

LDAP-based authentication against a newly-installed LDAP server does not work as expected. The file /etc/pam.d/login includes the following configuration parameters. Which of them is NOT correct?

  1. password required /lib/security/pam_ldap.so

  2. auth sufficient /lib/security/pam_ldap.so use_first_pass

  3. account sufficient /lib/security/pam_ldap.so

  4. password required /lib/security/pam_pwdb.so

  5. auth required /lib/security/pam_ldap.so

Answer: E

Question No: 129

What is the advantage of using SASL authentication with OpenLDAP?

  1. It can prevent the transmission of plain text passwords over the network.

  2. It disables anonymous access to the LDAP server.

  3. It enables the use of Access Control Lists.

  4. It allows the use of LDAP to authenticate system users over the network.

  5. All of the above.

Answer: A

Question No: 130

In a PAM configuration file, which of the following is true about the required control flag?

  1. If the module returns success, no more modules of the same type will be invoked

  2. The success of the module is needed for the module-type facility to succeed. If it returns a failure, control isreturned to the calling application

  3. The success of the module is needed for the module-type facility to succeed.However, all remainingmodules of the same type will be invoked.

  4. The module is not critical and whether it returns success or failure is not important.

  5. If the module returns failure, no more modules of the same type will be invoked

Answer: C

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 111-120

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 111

Which of the following configuration lines will export /usr/local/share/ to nfsclient with read- write access, ensuring that all changes are straight to the disk?

  1. /usr/local/share nfsclient(rw) written

  2. nfsclient: /usr/local/share/:rw,sync

  3. /usr/local/share nfsclient:rw:sync

  4. /usr/local/share nfsclient(rw,sync)

  5. nfsclient(rw,sync) /usr/local/share

Answer: D

Question No: 112 CORRECT TEXT

Which Samba-related command will show all options that were not modified using smb.conf and thus are set to their default values? Please enter the command and its parameter(s):

Answer: testparm -v

Question No: 113 CORRECT TEXT

You are not sure whether the kernel has detected a piece of hardware in your machine. What command, without options or parameters, should be run to present the contents of the kernel ringbuffer?

Answer: dmesg

Question No: 114 CORRECT TEXT

Which program lists information about files opened by processes and produces output that can be parsed by other programs?

Answer: lsof

Question No: 115 CORRECT TEXT

Which site-specific configuration file for the shadow login suite must be modified to log login failures? Please enter the complete path to that file.

Answer: /etc/login.defs

Question No: 116

What command can be used to add a new newsgroup called ABC that allows posting?

  1. ctlinnd newgroup Certkiller n news

  2. ctlinnd newgroup Certkiller y news

  3. ctlinnd addgroup Certkiller y news

  4. ctlinnd newgroup Certkiller rw news

  5. ctlinnd addgroup Certkiller rw news

Answer: B

Question No: 117

Which TWO of the following commands could be used to add a second IP address to eth0?

A. ifconfig eth0 – add ip 192.168.123.10

B. ifconfig eth0:1 192.168.123.10 C. ifconfig eth0 1 192.168.123.10 D. ifconfig eth0 192.168.123.10

E. ifconfig eth0:sub1 192.168.123.10

Answer: B,E

Question No: 118

If the command arp -f is run, which file will be read by default?

  1. /etc/hosts

  2. /etc/ethers

  3. /etc/arp.conf

  4. /etc/networks

  5. /var/cache/arp

Answer: B

Question No: 119

What command must be used to print the kernel#39;s routing table?

  1. route print

  2. route enumerate

  3. route show

  4. route list

  5. route

Answer: E

Question No: 120

What command would be used to configure the interface eth1:1 with the IP address 10

10.34 and the netmask 255.255.255.0?

A. ifconfig eth1:1 10.10.3.4 netmask 255.255.255.0 start B. ifconfig 10.10.3.4 netmask 255.255.255.0 eth1:1 up C. ifconfig eth1:1 10.10.3.4 netmask 255.255.255.0 up D. ifconfig 10.10.3.4/255.255.255.0 eth1:1 up

E. ifconfig eth1:1 10.10.3.4/255.255.255.0 up

Answer: C

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 91-100

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 91

What of the following is NOT a valid ACL type, when configuring squid?

  1. src

  2. source

  3. dstdomain

  4. url_regex

  5. time

Answer: B

Question No: 92 CORRECT TEXT

The command -x foo will delete the user foo from the Samba database. (Specify the command only, no path information.)

Answer: smbpasswd

Question No: 93

The Internet gateway connects the clients with the Internet by using a Squid proxy. Only the clients from the network 192.168.1.0/24 should be able to use the proxy. Which of the following configuration sections is correct?

A. acl local src 192.168.1.0/24 http_allow local

B. acl local src 192.168.1.0/24 http_access allow local

C. acl local src 192.168.1.0/24 http access allow local

D. acl local src 192.168.1.0/24 http_access_allow=local

E. acl local src 192.168.1.0/24 httpd local allow

Answer: B

Question No: 94

The syntax of the procmail configuration file is?

  1. :0[flags][:[lockfile]] [* condition]

    action

  2. [* condition] action

    :0[flags][:[lockfile]]

  3. :0[flags][:[lockfile]] [* condition] action

  4. :0[flags][:[lockfile]]:[* condition] action

  5. :0[flags][:[lockfile]]:[* condition]:action

Answer: A

Question No: 95

Which of the following recipes will append emails from quot;rootquot; to the quot;rootmailsquot; mailbox?

  1. :0c: rootmails

    • ^From.*root

  2. :0c:

    • ^From.*root

      rootmails

  3. :0c:

    • ^From=root rootmails

  4. :0c:

    • ^From=*root rootmails

  5. :0c:

$From=$root rootmails

Answer: B

Question No: 96

The internal network (192.168.1.0-192.168.1.255) needs to be able to relay email through the site#39;s sendmail server. What line must be added to /etc/mail/access to allow this?

A. 192.168.1.0/24 RELAY

B. 192.168.1 RELAY C. 192.168.1.0/24 OK D. 192.168.1 OK

Answer: B

Question No: 97

The following is an excerpt from a procmail configuration file:

:0 c

* ! ^To: backup

! backup

Which of the following is correct?

  1. All mails will be backed up to the path defined by $MAILDIR

  2. All mails to the local email address backup will be stored in the directory backup.

  3. A copy of all mails will be stored in file backup.

  4. A copy of all mails will be send to the local email address backup.

  5. Mails not addressed to backup are passed through a filter program named backup.

Answer: D

Question No: 98

Which network service or protocol is used by sendmail for RBLs (Realtime Blackhole Lists)?

  1. RBLP

  2. SMTP

  3. FTP

  4. HTTP

  5. DNS

Answer: E

Question No: 99

On a newly-installed mail server with the IP address 10.10.10.1, ONLY local networks should be able to send email. How can the configuration be tested, using telnet, from outside the local network?

A. telnet 10.10.10.1 25

MAIL FROMlt;admin@example.comgt; RECEIPT TO:lt;someone@example.orggt; B. telnet 10.10.10.1 25

RCPT FROM:admin@example.com MAIL TO:lt;someone@example.orggt; C. telnet 10.10.10.1 25

HELLO bogus.example.com

MAIL FROM:lt;anyone@example.orggt; RCPT TO:lt;someone@example.netgt; D. telnet 10.10.10.1 25

HELO bogus.example.com

MAIL FROM:lt;anyone@example.orggt; RCPT TO:lt;someone@example.netgt; E. telnet 10.10.10.1 25

HELO: bogus.example.com

RCPT FROM:lt;anyone@example.orggt; MAIL TO:lt;someone@example.netgt;

Answer: D

Question No: 100 CORRECT TEXT

What postfix configuration setting defines the domains for which Postfix will deliver mail locally? (Please provide only the configuration setting name with no other information)

Answer: mydomain

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 81-90

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 81

A web server is expected to handle approximately 200 simultaneous requests during normal use with an occasional spike in activity and is performing slowly. Which directives in httpd.conf need to be adjusted?

  1. MinSpareServers amp; MaxSpareServers.

  2. MinSpareServers, MaxSpareServers, StartServers amp; MaxClients.

  3. MinServers, MaxServers amp; MaxClients.

  4. MinSpareServers, MaxSpareServers, StartServers, MaxClients amp; KeepAlive.

Answer: B

Question No: 82

Which statements about the Alias and Redirect directives in Apache#39;s configuration file are true?

  1. Alias can only reference files under DocumentRoot

  2. Redirect works with regular expressions

  3. Redirect is handled on the client side

  4. Alias is handled on the server side

  5. Alias is not a valid configuration directive

Answer: C,D

Question No: 83

When Apache is configured to use name-based virtual hosts:

  1. it#39;s also necessary to configure a different IP address for each virtual host.

  2. the Listen directive is ignored by the server.

  3. it starts multiple daemons (one for each virtual host).

  4. it#39;s also necessary to create a VirtualHost block for the main host.

  5. only the directives ServerName and DocumentRoot may be used inside a block.

Answer: D

Question No: 84

Which Apache directive is used to configure the main directory for the site, out of which it will serve documents?

  1. ServerRoot

  2. UserDir

  3. DirectoryIndex

  4. Location

  5. DocumentRoot

Answer: E

Question No: 85

Which Apache directive allows the use of external configuration files defined by the directive AccessFileName?

  1. AllowExternalConfig

  2. AllowAccessFile

  3. AllowConfig

  4. IncludeAccessFile

  5. AllowOverride

Answer: E

Question No: 86

Which of the following is recommended to reduce Squid#39;s consumption of disk resources?

  1. Disable the use of access lists.

  2. Reduce the size of cache_dir in the configuration file.

  3. Rotate log files regularly.

  4. Disable logging of fully qualified domain names.

  5. Reduce the number of child processes to be started in the configuration file.

Answer: B

Question No: 87

Which ACL type in Squid#39;s configuration file is used for authentication purposes?

  1. proxyAuth

  2. proxy_auth

  3. proxy_passwd

  4. auth

  5. auth_required

Answer: B

Question No: 88

The listing below is an excerpt from a Squid configuration file:

Latesttests 2017 PDF and VCE

  1. Users connecting from localhost will be able to access web sites through this proxy.

  2. It#39;s necessary to include a http_access rule denying access to all, at the end of the rules.

  3. It#39;s possible to use this proxy to access SSL enabled web sites listening on any port.

  4. This proxy can#39;t be used to access FTP servers listening on the default port.

  5. This proxy is misconfigured and no user will be able to access web sites through it.

Answer: D

Question No: 89

In the file /var/squid/url_blacklist is a list of URLs that users should not be allowed to access. What is the correct entry in Squid#39;s configuration file to create an acl named blacklist based on this file?

  1. acl blacklist urlpath_regex /var/squid/url_blacklist

  2. acl blacklist file /var/squid/url_blacklist

  3. acl blacklist quot;/var/squid/url_blacklistquot;

  4. acl blacklist urlpath_regex quot;/var/squid/url_blacklistquot;

  5. acl urlpath_regex blacklist /var/squid/url_blacklist

Answer: D

Question No: 90

Users in the acl named #39;sales_net#39; must only be allowed to access to the Internet at times specified in the time_acl named #39;sales_time#39;. Which is the correct http_access directive, to configure this?

  1. http_access deny sales_time sales_net

  2. http_access allow sales_net sales_time

  3. http_access allow sales_net and sales_time

  4. allow http_access sales_net sales_time

  5. http_access sales_net sales_time

Answer: B

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 71-80

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 71

What is the purpose of a PTR record?

  1. To provide name to IP resolution.

  2. To provide IP to name resolution.

  3. To direct email to a specific host.

  4. To provide additional host information.

  5. To direct clients to another nameserver.

Answer: B

Question No: 72

Performing a DNS lookup with dig results in this answer: What might be wrong in the zone definition?

Latesttests 2017 PDF and VCE

  1. Nothing. All seems to be good.

  2. There#39;s no quot;.quot; after linuserv.example.net in the PTR record in the forward lookup zone file.

  3. There#39;s no quot;.quot; after linuserv in the PTR record in the forward lookup zone file.

  4. There#39;s no quot;.quot; after linuserv.example.net in the PTR record in the reverse lookup zone file.

  5. The quot;.quot; in the NS definition in reverse lookup zone has to be removed.

Answer: D

Question No: 73

What directive can be used in named.conf to restrict zone transfers to the 192.168.1.0/24 network?

A. allow-transfer { 192.168.1.0/24; }; B. allow-transfer { 192.168.1.0/24 }; C. allow-axfr { 192.168.1.0/24; };

D. allow-axfr { 192.168.1.0/24 };

E. allow-xfer { 192.168.1.0/24; };

Answer: A

Question No: 74

To securely use dynamic DNS updates, the use of TSIG is recommended. Which TWO statements about TSIG are true?

  1. TSIG is used for zone data encryption

  2. TSIG is a signal to start a zone update

  3. TSIG is used in zone files

  4. TSIG is used only in server configuration

  5. Servers using TSIG must be in sync (time zone!)

Answer: D,E

Question No: 75

Which option is used to configure pppd to use up to two DNS server addresses provided by the remote server?

  1. ms-dns

  2. nameserver

  3. usepeerdns

  4. dns

  5. None of the above

Answer: E

Question No: 76

A DNS server has the IP address 192.168.0.1. Which TWO of the following need to be done on a client machine to use this DNS server?

  1. Add nameserver 192.168.0.1 to /etc/resolv.conf

  2. Run route add nameserver 192.168.0.1

  3. Run ifconfig eth0 nameserver 192.168.0.1

  4. Run echo quot;nameserver 192.168.1.1quot; gt;gt; /etc/resolv.conf

  5. Run bind nameserver 192.168.1.1

Answer: A,D

Question No: 77

The mailserver is currently called fred, while the primary MX record points to mailhost.example.org.

What must be done to direct example.org email towards fred?

  1. Add an A record for mailhost to fred#39;s IP address.

  2. Add a CNAME record from mailhost to fred

  3. Add another MX record pointing to fred#39;s IP address.

  4. Add a PTR record from mailhost to fred.

Answer: A

Question No: 78

Which of these ways can be used to only allow access to a DNS server from specified networks/hosts?

  1. Using the limit{…;};statement in the named configuration file.

  2. Using the allow-query{…;};statement in the named configuration file.

  3. Using the answer only{…;};statement in the named configuration file.

  4. Using the answer{…;};statement in the named configuration file.

  5. Using the query access{…;};statement in the named configuration file.

Answer: B

Question No: 79

There is a restricted area in an Apache site, which requires users to authenticate against the file /srv/ www/security/site-passwd.

Which command is used to CHANGE the password of existing users, without losing data, when Basic authentication is being used.

  1. htpasswd -c /srv/www/security/site passwd user

  2. htpasswd /srv/www/security/site-passwd user

  3. htpasswd -n /srv/www/security/site-passwd user

  4. htpasswd -D /srv/www/security/site-passwd user

  5. None of the above.

Answer: B

Question No: 80

Consider the following / srv/www/ default/html/ restricted/.htaccess AuthType Basic

AuthUserFile / srv/www/ security/ site-passwd AuthName Restricted

Require valid-user Order deny,allow Deny from all

Allow from 10.1.2.0/24 Satisfy any

Considering that DocumentRoot is set to /srv/www/default/html, which TWO of the following sentences are true?

  1. Apache will only grant access to http://server/restricted/to authenticated users connecting from clients in the10.1.2.0/24 network

  2. This setup will only work if the directory /srv/www/default/html/restricted/ is configured with AllowOverrideAuthConfig Limit

  3. Apache will require authentication for every client requesting connections to http://server/restricted/

  4. Users connecting from clients in the 10.1.2.0/24 network won#39;t need to authenticate themselves to accesshttp://server/restricted/

  5. The Satisfy directive could be removed without changing Apachebehaviorfor this directory

Answer: B,D

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 61-70

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 61

Which of the following sentences is true about ISC DHCP?

  1. It can#39;t be configured to assign addresses to BOOTP clients.

  2. Its default behavior is to send DHCPNAK to clients that request inappropriate addresses.

  3. It can#39;t be used to assign addresses to X – terminals.

  4. It can be configured to only assign addresses to known clients.

  5. None of the above.

Answer: D

Question No: 62

The host, called quot; Certkiller quot;, with the MAC address quot;08:00:2b:4c:59:23quot;, should always be given the IP address of 192.168.1.2 by the DHCP server. Which of the following configurations will achieve this?

  1. host Certkiller {

    hardware-ethernet 08:00:2b:4c:59:23; fixed-address 192.168.1.2;

    }

  2. host Certkiller { mac=08:00:2b:4c:59:23; ip= 192.168.1.2;

}

C. host Certkiller = 08:00:2b:4c:59:23 192.168.1.2

  1. host Certkiller {

    hardware ethernet 08:00:2b:4c:59:23; fixed-address 192.168.1.2;

    }

  2. host Certkiller {

hardware-address 08:00:2b.4c:59:23; fixed-ip 192.168.1.2;

}

Answer: D

Question No: 63

Which dhcpd.conf option defines the DNS server address(es) to be sent to the DHCP clients?

  1. domainname

  2. domain-name-servers

  3. domain-nameserver

  4. domain-name-server

Answer: B

Question No: 64

What is a significant difference between host and zone keys generated by dnssec-keygen?

  1. There is no difference.

  2. Both zone key files ( .key/.private ) contain a public and private key.

  3. Both host keys files ( .key/. private) contain a public and private key.

  4. Host Keys must always be generated if DNSSEC is used; zone keys are optional

  5. Zone Keys must always be generated if is used; host keys are optional

Answer: B

Question No: 65

Which of these would be the simplest way to configure BIND to return a different version number to queries?

  1. Compile BIND with the option -blur-version=my version.

  2. Set version-string quot;my versionquot; in BIND#39;s configuration file.

  3. Set version quot;my versionquot; in BIND#39;s configuration file.

  4. Set version=my version in BIND#39;s configuration file.

  5. Ser version-bind quot;my versionquot; in BIND#39;s configuration file.

Answer: C

Question No: 66

Latesttests 2017 PDF and VCE

  1. Any host, from any network, may use this server as its main DNS server.

  2. If the server doesn#39;t know the answer to a query, it sends a recursive query to 192.168.0.4.

  3. If the server doesn#39;t know the answer to a query, it sends a query to a root DNS server.

  4. Hosts in the network 10.0.0.0/24 will be able to ask for zone transfers.

  5. If the server doesn#39;t know the answer to a query, it sends a recursive query to 192.168.0.4 and, if this fails,it returns a failure.

Answer: B

Question No: 67

A BIND server should be upgraded to use TSIG. Which configuration parameters should be added, if the server should use the algorithm hmac-md5 and the key skrKc4DoTzi/tAkllPi7JZA== ?

  1. TSIG server.example.com. algorithm hmac-md5;

    secret quot;skrKc4DoTzi/tAkllPi7JZA==quot;;

    };

  2. key server.example.com. { algorithm hmac-md5;

    secret skrKc4DoTzi/tAkllPi7JZA==;

    };

  3. key server.example.com. { algorithm hmac-md5;

    secret quot;skrKc4DoTzi/tAkllPi7JZA==quot;;

    };

  4. key server.example.com. {

    algorithm=hmac-md5; secret=quot;skrKc4DoTzi/tAkllPi7JZA==quot;;

    };

  5. key server.example.com. { algorithm hmac-md5

secret quot;skrKc4DoTzi/tAkI1Pi7JZA==quot;

};

Answer: C

Question No: 68

DNSSEC is used for?

  1. Encrypted DNS queries between nameservers.

  2. Cryptographic authentication of DNS zones.

  3. Secondary DNS queries for local zones.

  4. Defining a secure DNS section.

  5. Querying a secure DNS section.

Answer: B

Question No: 69 CORRECT TEXT

This program has 3 operating modes: copy-in mode, copy-out mode, and copy-pass mode, and is used to copy files into or out of archives. What program is this? (Please provide the command name only, with no arguments or path.)

Answer: cpio

Question No: 70

A BIND server should never answer queries from certain networks or hosts. Which configuration directive could be used for this purpose?

  1. deny-query { …; };

  2. no-answer { …; };

  3. deny-answer { …; };

  4. deny-access { …; };

  5. blackhole { …; };

Answer: E

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 51-60

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 51 CORRECT TEXT

Postfix daemons can be chroot#39;d by setting the chroot flag in . (Supply only the filename, without a path)

Answer: master.cf

Question No: 52

Some users are unable to connect to specific local hosts by name, while accessing hosts in other zones works as expected. Given that the hosts are reachable by their IP addresses, which is the default log file that could provide hints about the problem?

  1. /var/named/log

  2. /var/lib/named/dev/log

  3. /var/log/bind_errors

  4. /var/log/bind/errors

  5. /var/log/messages

Answer: E

Question No: 53

Which Squid configuration directive defines the authentication method to use?

  1. auth_param

  2. auth_method

  3. auth_program

  4. auth_mechanism

  5. proxy_auth

Answer: A

Question No: 54

Which entry in the .procmailrc file will send a copy of an email to another mail address?

  1. :0 c

  2. :0 copy

  3. :c

  4. :copy

  5. :s

Answer: A

Question No: 55

A security-conscious administrator would change which TWO of the following lines found in an SSH configuration file?

  1. Protocol 2,1

  2. PermitEmptyPasswords no

  3. Port 22

  4. PermitRootLogin yes

  5. IgnoreRhosts yes

Answer: A,D

Question No: 56 CORRECT TEXT

What is the default location for sendmail configuration files? (Please provide the complete path to the directory)

Answer: /etc/mail

Question No: 57 CORRECT TEXT

In which directory can all parameters available to sysctl be found? (Provide the full path)

Answer: /proc/sys

Question No: 58 CORRECT TEXT

Instead of running the command echo 1 gt;/proc/sys/net/ipv4/ip_forward, the configuration setting is going to be added to /etc/sysctl.conf. What is the missing value in the configuration line below? (Please specify only the missing value)

Answer: net.ipv4.ip_forward

Question No: 59 CORRECT TEXT

What is the name of the module in Apache that provides the HTTP Basic Authentication functionality? (Please provide ONLY the module name)

Answer: mod_auth

Question No: 60 CORRECT TEXT

What command is used to print NFS kernel statistics? (Provide the command with or without complete path)

Answer: nfsstat

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 41-50

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 41

Which answer best describes the meaning of the following LDAP search command: ldapseareh -xquot; (amp;

(cn=marie)(telephoneNumber=9*))quot;

  1. It is searching for all entries that don#39;t have the cn attribute equal to marie OR the telephoneNumberattribute starting with number 9

  2. It is searching for all entries that have the cn attribute equal to marie AND the telephoneNumber attributestarting with number 9

  3. It is searching for all entries that have the cn attribute equal to marie AND the telephoneNumber attributeending with number 9

  4. It is searching for all entries that don#39;t have the cn attribute equal to marie AND the telephoneNumberattribute starting with number 9

  5. It is searching for all entries that have the cn attribute different than marie OR the telephoneNumberattribute starting with number 9

Answer: B

Question No: 42

In a PAM configuration file, a sufficient control allows access:

  1. Immediately on success, if no previous required or requisite control failed

  2. Immediately on success, regardless of other controls

  3. After waiting if all other controls return success

  4. Immediately, but only if the user is root

Answer: A

Question No: 43

After setting up Apache to run inside a chroot jail as a non-root user, httpd no longer starts. What is the primary cause of the problem?

  1. Apache needs to start as root to bind to port 80

  2. Apache cannot read the main index.html file because it was not moved into the chroot environment

  3. A LoadModule line for mod_chroot needs to be added to httpd.conf

  4. Apache requires a VirtualHost directive when running from a chroot environment

  5. The mod_chroot configuration needs the absolute path to the chroot environment

Answer: A

Question No: 44

Which is a valid Squid option to define a listening port?

  1. port = 3128

  2. http-listen-port=3128

  3. http_port 3128

  4. squid_port 3128

Answer: C

Question No: 45

What is the name of the network security scanner project which, at the core, is a server with a set of network vulnerability tests (NVTs)?

  1. nmap

  2. OpenVAS

  3. Snort

  4. wireshark

Answer: B

Question No: 46

How must Samba be configured, so that it can check passwords against the ones in

/etc/passwd and / etc/shadow?

  1. Set the parameters quot;encrypt passwords = yesquot; and quot;password file = /etc/passwdquot;.

  2. Set the parameters quot;encrypt passwords = yesquot;, quot;password file = /etc/passwdquot; and quot;password algorithm =cryptquot;

  3. Delete the smbpasswd file and create a symbolic link to the passwd and shadow file

  4. It is not possible for Samba to use/etc/passwd and /etc/shadow

  5. Run smbpasswd to convert /etc/passwd and /etc/shadow to a Samba pass word file

Answer: D

Question No: 47

What is the standard port number for the unencrypted IMAP service?

A. 25 B. 143 C. 443 D. 993 E. 1066

Answer: B

Question No: 48

Considering the following kernel IP routing table below, which of the following commands must be used to remove the route to the network 10.10.1.0/24?

Latesttests 2017 PDF and VCE

A. route del 10.10.1.0

B. route del 10.10.1.0/24

C. route del – net 10.10.1.0/24

D. route del 10.10.1.0/24 gw 192.168.246.11

E. route del -net 10.10.1.0

Answer: C

Question No: 49

After changing /etc/exports on a server, remote hosts are still unable to mount the exported directories. What should be the next action? Please select TWO correct answers.

  1. Restart the NFS daemon

  2. Run exportfs -a on the server

  3. Run exportfs -f on the server

  4. Run showmount -a on the server

  5. Restart the remote hosts

Answer: B,C

Question No: 50

Considering the following kernel IP routing table now, which of the following commands must be remove the route to the network 10.10.1.0/24?

Latesttests 2017 PDF and VCE

Kernel IP routing table

A. routedel 10.10.1.0

B. routedel 10.10.1.0/24

C. routedel -net 10.10.1.0/24

D. routedel 10.10.1.0/24 gw 192.168.246.11

E. routedel -net 10.10.1.0

Answer: C

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 31-40

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 31

Running sysctl has the same effect as:

  1. Changing the kernel compilation parameters

  2. Writing to files inside /proc

  3. Changing process limits using ulimit

  4. Editing files inside /etc/sysconfig

  5. There is no equivalent to this utility

Answer: B

Question No: 32

Which files are read by the lsdev command? (Please specify THREE answers)

  1. /proc/dma

  2. /proc/filesystems

  3. /proc/interrupts

  4. /proc/ioports

  5. /proc/swaps

Answer: A,C,D

Question No: 33

Which of the following describes the main purpose of strace?

  1. Show the TCP/IP stack data, to help to solve network problems

  2. Help to follow the traces of intruders of the internal network

  3. Debug programs by displaying the original code of the program. Itis a kind of quot;disassemblerquot;

  4. Reverse engineer applications, resulting in the source code of the program

  5. Debug programs by monitoring system calls and reporting them

Answer: E

Question No: 34

The following data is some of the output produced by a program. Which program produced this output?

strftime (quot; Thuquot;, 1024, quot;%aquot;, 0xb7f64380) =4 fwrite (quot;Thuquot;, 3, 1, 0xb7f614e0) =1

fputc (#39; #39;, 0xb7f614e0) =32

strftime (quot; Febquot;, 1024, quot; %bquot;, 0xb7f64380) =4 fwrite (quot;Febquot;, 3, 1, 0xb7f614e0) =1

fputc (#39; #39;, 0xb7f614e0) =32

fwrite (quot;19quot;, 2, 1, 0xb7f614e0) =1

  1. lsof

  2. ltrace

  3. nm

  4. strace

  5. time

Answer: B

Question No: 35

On bootup, LILO prints out LIL and stops. What is the cause of this?

  1. The descriptor table is bad

  2. LILO failed to load the second stage loader

  3. LILO failed to load the primary stage loader

  4. LILO failed to locate the kernel image

Answer: A

Question No: 36

A server was rebuilt using a full system backup but with a different disk setup. The kernel won#39;t boot, complaining it cannot find the root filesystem. Which of the following commands will fix this error by pointing the kernel image to the new root partition?

  1. mkbootdisk

  2. tune2fs

  3. rdev

  4. grub-install

  5. fdisk

Answer: C

Question No: 37

An administrator wants to issue the command echo 1 gt;/var/ log/boater.log once all of the scripts in / etc/rc2.d have been executed. What is the best way to accomplish this?

  1. Add the command to /etc/rc.local

  2. Create a script in ~/.kde/Autostart/ and place the command in it

  3. Create a script in /etc/init.d/ and place a link to it in /etc/rc2.d/

  4. Create a script in /etc/rc2.d/ and place the command in it

Answer: A

Question No: 38

An administrator has placed an executable in the directory /etc/init.d, however it is not being executed when the system boots into runlevel 2. What is the most likely cause of this?

  1. The script has not been declared in /etc/services

  2. runleve1 2 is not declared in /etc/inittab

  3. The script has the permissions 700 and is owned by root

  4. A corresponding link was not created in /etc/rc2.d

Answer: D

Question No: 39

For an LDAP client configuration, the LDAP base needs to be set. Which TWO of the following actions would achieve that?

  1. export LDAPBASE=dc=linuxfoo,dc=com

  2. export BASE=dc=linuxfoo,dc=com

  3. Edit ldapbase.conf and add quot;BASE dc=linuxfoo,dc=comquot;.

  4. Edit cldap.conf and add quot;BASE dc=linuxfoo,dc=comquot;.

  5. Edit ldap.conf and add quot;BASE dc=linuxfoo,dc=comquot;.

Answer: A,E

Question No: 40

Which of the following options can be passed to a DHCP client machine using configuration options on the DHCP server?

  1. The NIS domain name

  2. The resolving order in /etc/resolv.conf

  3. The priority order in nsswitch.conf

  4. The filter rules for iptables

  5. The contents of hosts.allow and hosts.deny

Answer: A

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

[Free] 2017(Nov) Latesttests Pass4sure LPI 117-202 Dumps with VCE and PDF 21-30

Latesttests
2017 Nov LPI Official New Released 117-202
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/117-202.html

Linux Networking Administration

Question No: 21

What does the following procmail configuration section do?

:0fw

* lt; 256000

| /usr/bin/foo

  1. procmail sends all email older than 256000 seconds to the external program foo

  2. If an email contains a value less than 256000 anywhere within it, procmail will process the email with theprogram foo

  3. procmail sends mail containing less than 256000 words to program foo

  4. The program foo is used instead of procmail for all emails larger than 256000 Bytes

  5. If the email smaller than 256000 Bytes, procmail will process it with the program foo

Answer: E

Question No: 22

Which setting in the Courier IMAP configuration file will tell the IMAP daemon to only listen on the localhost interface?

A. ADDRESS=127.0.0.1

B. Listen 127.0.0.1

  1. INTERFACE=127.0.0.1

  2. LOCALHOST_ONLY=1

Answer: A

Question No: 23

You suspect that you are receiving messages with a forged From: address. What could help you find out where the mail is originating?

  1. Install TCP wrappers, and log all connections on port 25

  2. A dd the command #39;FR-strlog#39; to the sendmail.cf file

  3. Add the command #39;define (#39;LOG_REAL_FROM#39;) dnl#39; to the sendmail.mc file

  4. Run a filter in the aliases file that checks the originating address when mail arrives

  5. Look in the Received: and Message-ID: parts of the mail header

Answer: E

Question No: 24

You have to mount the /data filesystem from an NFS server(srvl) that does not support locking. Which of the following mount commands should you use?

  1. mount -a -t nfs

  2. mount -o locking=off srvl:/data /mnt/data

  3. mount -o nolocking srvl:/data /mnt/data

  4. mount -o nolock srvl:/data /mnt/data

  5. mount -o nolock /data@srvl /mn/data

Answer: D

Question No: 25

In what mode is your FTP session when the client side makes the connections to both the data and command ports of the FTP server?

  1. passive

  2. active

  3. impassive

  4. safe

  5. inactive

Answer: A

Question No: 26

Which of the following organisations track and report on security related flaws in computer technology? (Please select TWO answers)

  1. Bugtraq

  2. CERT

  3. CSIS

  4. Freshmeat

  5. Kernel.org

Answer: A,C

Question No: 27

Which of the following Linux services has support for only the Routing Information Protocol (RIP) routing protocol?

  1. gated

  2. ipchains

  3. netfilter

  4. routed

  5. zebra

Answer: D

Question No: 28

Which of the following is NOT included in a Snort rule header?

  1. protocol

  2. action

  3. source IP address

  4. packet byte offset

  5. source port

Answer: D

Question No: 29

Which environment variables are used by ssh-agent? (Please select TWO variables)

  1. SSH_AGENT_KEY

  2. SSH_AGENT_SOCK

  3. SSH_AGENT_PID

  4. SSH_AUTH_SOCK

  5. SSH_AUTH_PID

Answer: B,C

Question No: 30

What tool scans log files for unsuccessful login attempts and blocks the offending IP addresses with firewall rules?

  1. nessus

  2. nmap

  3. nc

  4. watchlogs

  5. fail2ban

Answer: E

100% Free Download!
Download Free Demo:117-202 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 117-202 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE