Which of the following PAM modules allows the system administrator to use an arbitrary file containing a list of user and group names with restrictions on the system resources available to them?

A. pam_ filter

B. pam_limits

C. pam_list file

D. pam_unix

In a BIND zone file, what does the @ character indicate?

A. It’s the fully quali ed host name of the DNS server

B. It’s an alias for the e-mail address of the zone master

C. It’s the name of the zone as defined in the zone statement in named.conf

D. It’s used to create an alias between two CNAME entries

Performing a DNS lookup with dig results in this answer:

A. There is no . after linuserv.example.net in the PTR record in the forward lookup zone file

B. There is no . after linuserv in the PTR record in the forward lookup zone file

C. There is no . after linuserv.example.net in the PTR record in the reverse lookup zone file

D. The . in the NS definition in the reverse lookup zone has to be removed

Which of the following services belongs to NFSv4 and does not exist in NFSv3?

A. rpc.idmapd

B. rpc.statd

C. nfsd

D. rpc.mountd
eference: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/deployment_guide/ch-nfs
Reference: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/deployment_guide/ch-nfs

What information can be found in the file speci ed by the status parameter in an OpenVPN server configuration file? (Choose two.)

A. Errors and warnings generated by the openvpn daemon

B. Routing information

C. Statistical information regarding the currently running openvpn daemon

D. A list of currently connected clients

E. A history of all clients who have connected at some point

In order to protect a directory on an Apache HTTPD web server with a password, this configuration was added to an .htaccess file in the respective directory:

Furthermore, a file /var/www/dir/ .htpasswd was created with the following content: usera:S3cr3t Given that all these files were correctly processed by the web server processes, which of the following statements is true about requests to the directory?

A. The user usera can access the site using the password s3cr3t

B. Accessing the directory as usera raises HTTP error code 442 (User Not Existent)

C. Requests are answered with HTTP error code 500 (Internal Server Error)

D. The browser prompts the visitor for a username and password but logins for usera do not seem to work

E. The web server delivers the content of the directory without requesting authentication A

Which Post x command can be used to rebuild all of the alias database files with a single invocation and without the need for any command line arguments?

A. makealiases

B. newaliases

C. postalias

D. postmapbuild

Which of the following values can be used in the OpenLDAP attribute olcBackend for any object of the class olcBackendconfig to specify a backend?
(Choose three.)

A. xml

B. bdb

C. passwd

D. ldap

E. text

Topic 2 – More Questions.

What option for BIND is required in the global options to disable recursive queries on the DNS server by default?

A. allow-recursive-query ( none; );

B. allow-recursive-query off;

C. recursion { disabled; };

D. recursion { none; };

E. recursion no;

Select the Samba option below that should be used if the main intention is to setup a guest printer service?

A. security = cups

B. security = ldap

C. security = pam

D. security = share

E. security = printing

It has been discovered that the company mail server is configured as an open relay. Which of the following actions would help prevent the mail server from being used as an open relay while maintaining the possibility to receive company mails? (Choose two.)

A. Restrict Post x to only accept e-mail for domains hosted on this server

B. configure Dovecot to support IMAP connectivity

C. configure net filter to not permit port 25 traffic on the public network

D. Restrict Post x to only relay outbound SMTP from the internal network

E. Upgrade the mailbox format from mbox to maildir

Which Linux user is used by vsftpd to perform file system operations for anonymous FTP users?

A. The Linux user which runs the vsftpd process

B. The Linux user that owns the root FTP directory served by vsftpd

C. The Linux user with the same user name that was used to anonymously log into the FTP server

D. The Linux user root, but vsftpd grants access to anonymous users only to globally read-/writeable files

E. The Linux user speci ed in the configuration option ftp_username

Which of the following commands is used to change user passwords in an OpenLDAP directory?

A. setent

B. ldpasswd

C. olppasswd

D. ldappasswd

E. ldapchpw

Which option within the ISC DHCPD configuration file defines the IPv4 DNS server address(es) to be sent to the DHCP clients?

A. domain-name-servers

B. domain-server

C. name-server

D. servers

Topic 2
Fill in the blank.
What command creates a SSH key pair? (Specify ONLY the command without any path or parameters)
ssh-keygen

Using its standard configuration, how does fail2ban block offending SSH clients?

A. By rejecting connections due to its role as a proxy in front of SSH

B. By modifying and adjusting the SSHD configuration.

C. By creating and maintaining net filter rules.

D. By creating null routes that drop any answer packets sent to the client.

E. By modifying and adjusting the TCP Wrapper configuration for SSH

F. eference: https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7 Community vote distribution
Reference: https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7 Community vote distribution

The program vsftpd, running in a chroot jail, gives the following error:

Which of the following actions would fix the error?

A. The file /etc/ld.so.conf in the root filesystem must contain the path to the appropriate lib directory in the chroot jail

B. Create a symbolic link that points to the required library outside the chroot jail

C. Copy the required library to the appropriate lib directory in the chroot jail

D. Run the program using the command chroot and the option–static_libs

Which of the following authentication mechanisms are supported by Dovecot? (Choose three.)

A. ldap

B. digest-md5

C. cram-md5

D. plain

E. krb5
eference: https://wiki2.dovecot.org/Authentication/Mechanisms
Reference: https://wiki2.dovecot.org/Authentication/Mechanisms

There is a restricted area in a site hosted by Apache HTTPD, which requires users to authenticate against the file /srv/www/security/sitepasswd. Which command is used to CHANGE the password of existing users, without losing data, when Basic authentication is being used?

A. htpasswd “”c /srv/www/security/sitepasswd user

B. htpasswd /srv/www/security/sitepasswd user

C. htpasswd “”n /srv/www/security/sitepasswd user

D. htpasswd “”D /srv/www/security/sitepasswd user

FILL BLANK -
Which doveadm sub-command displays a list of connections of Dovecot in the following format? (Specify ONLY the command without any parameters.)

Which of the following is correct about this excerpt from an LDIF file?

A. dn is the domain name.

B. o is the operator name.

C. cn is the common name.

D. dn is the relative distinguished name.

E. DC is the delegation container.

What is the name of the network security scanner project which, at the core, is a server with a set of network vulnerability tests?

A. NetMap

B. OpenVAS

C. Smartscan

D. Wireshark

Which of the following Samba services handles the membership of a file server in an Active Directory domain?

A. winbindd

B. nmbd

C. msadd

D. admemb

E. samba

Which of the following commands can be used to connect and interact with remote TCP network services? (Choose two.)

A. nettalk

B. nc

C. telnet

D. cat

E. netmap

Which tool creates a certificate Signing Request (CSR) for serving HTTPS with Apache HTTPD?

A. apachect1

B. certgen

C. cartool

D. httpsgen

E. openssl

What is the name of the Dovecot configuration variable that speci es the location of user mail?

A. mbox

B. mail_location

C. user_dir

D. maildir

E. user_mail_dir

Which rdnc sub command can be used in conjunction with the name of a zone in order to make BIND reread the content of the specific zone file without reloading other zones as well?

A. lookup

B. reload

C. leupdate

D. reread

E. zoneupdate

Which BIND option should be used to limit the IP addresses from which slave name servers may connect?

A. allow-zone-transfer

B. allow-transfer

C. allow-secondary

D. allow-slaves

E. allow-queries

What does the samba-tool testparm command confirm regarding the Samba configuration?

A. The configuration loads successfully.

B. The service operates as expected.

C. The Samba services are started automatically when the system boots.

D. The net filter configuration on the Samba server does not block any access to the services defined in the configuration.

E. All running Samba processes use the most recent configuration version.
eference: https://www.samba.org/samba/docs/current/man-html/testparm.1.html Community vote distribution
Reference: https://www.samba.org/samba/docs/current/man-html/testparm.1.html Community vote distribution

FILL BLANK -
Which OpenLDAP client command can be used to change the password for an LDAP entry? (Specify ONLY the command without any path or parameters.)

Which of the following statements is true regarding the NFSv4 pseudo file system on the NFS server?

A. It must be called /exports

B. It usually contains bind mounts of the directory trees to be exported

C. It must be a dedicated partition on the server

D. It is defined in the option Nfsv4-Root in /etc/pathmapd.conf

E. It usually contains symlinks to the directory trees to be exported

Which configuration parameter on a Post x server modifies only the sender address and not the recipient address?

A. alias_maps

B. alias_rewrite_maps

C. sender_canonical_maps

D. sender_rewrite_maps

FILL BLANK -
What command creates a SSH key pair? (Specify ONLY the command without any path or parameters)

What option in the client configuration file would tell OpenVPN to use a dynamic source port when making a connection to a peer?

A. src-port

B. remote

C. source-port

D. nobind

E. dynamic-bind

What word is missing from the following excerpt of a named.conf file?

A. networks

B. net

C. list

D. acl

E. group

Which of the following types of IPv6 address assignments does DHCPv6 support? (Choose three.)

A. Assignments of normal IPv6 addresses that can be renewed.

B. Assignments of temporary IPv6 addresses that cannot be renewed.

C. Assignments of blacklisted IPv6 addresses that should no longer be used.

D. Assignments of IPv6 pre xes that can be used for routing or further assignments.

E. Assignments of anonymous IPv6 addresses whose assignment is not logged by the DHCPv6 server.

Which of the following are logging directives in Apache HTTPD? (Choose two.)

A. TransferLog

B. CustomLog

C. ErrorLog

D. ServerLog

E. VHostLog
eference: http://httpd.apache.org/docs/current/mod/mod_log_config.html
Reference: http://httpd.apache.org/docs/current/mod/mod_log_config.html

When the default policy for the net filter INPUT chain is set to DROP, why should a rule allowing traffic to localhost exist?

A. All traffic to localhost must always be allowed

B. It doesn’t matter; net filter never affects packets addressed to localhost

C. Some applications use the localhost interface to communicate with other applications

D. syslogd receives messages on localhost

E. The iptables command communicates with the net filter management daemon net lterd on localhost to create and change packet filter rules

FILL BLANK -
According to the configuration below, what is the full e-mail address of the administrator for this domain?

Which of these tools, without any options, provides the most information when performing DNS queries?

A. dig

B. nslookup

C. host

D. named-checkconf

E. named-checkzone

FILL BLANK -
Which directive in a Nginx server configuration block defines the TCP ports on which the virtual host will be available, and which protocols it will use? (Specify
ONLY the option name without any values.)
listen

After running ssh-keygen and accepting the default values, which of the following files are changed or created? (Choose two.)

A. ~/.ssh/id_rsa.key

B. ~/.ssh/id_rsa.pub

C. ~/.ssh/id_rsa.prv

D. ~/.ssh/id_rsa.crt

E. ~/.ssh/id_rsa

Which of the following DNS records could be a glue record?

A. ns1.lab A 198.51.100.53

B. lab NS 198.51.100.53

C. ns1.lab NS 198.51.100.53

D. ns1. A 198.51.100.53

E. ns1.lab GLUE 198.51.100.53

Which of the following options are valid in /etc/exports? (Choose two.)

A. rw

B. ro

C. rootsquash

D. norootsquash

E. uid

FILL BLANK -
In order to export /usr and /bin via NFSv4, /exports was created and contains working bind mounts to /usr and /bin. The following lines are added to /etc/exports on the NFC server:

After running –
mount -t nfsv4 server:/ /mnt
of an NFC-Client, it is observed that /mnt contains the content of the server’s /usr directory instead of the content of the NFSv4 foot folder. Which option in /etc/exports has to be changed or removed in order to make the NFSv4 root folder appear when mounting the highest level of the server?
(Specify ONLY the option name without any values or parameters.)

If there is no access directive, what is the default setting for OpenLDAP?

A. IMAGE”202-450 Exam ITE-16_14.jpg” width=”269″ height=”68″>

B. IMAGE”202-450 Exam ITE-16_15.jpg” width=”277″ height=”100″>

C. IMAGE”202-450 Exam ITE-16_16.jpg” width=”273″ height=”98″>

D. IMAGE”202-450 Exam ITE-16_17.jpg” width=”284″ height=”101″>

Which of the following Samba configuration parameters is functionally identical to the parameter read only=yes?

A. browseable=no

B. read write=no

C. writeable=no

D. write only=no

E. write access=no

For what purpose is TCP/IP stack ngerprinting used by nmap?

A. It is used to determine the remote operating system.

B. It is used to filter out responses from specific servers.

C. It is used to identify duplicate responses from the same remote server.

D. It is used to masquerade the responses of remote servers.

E. It is used to uniquely identify servers on the network for forensics.
eference: https://nmap.org/nmap- ngerprinting-old.html
Reference: https://nmap.org/nmap- ngerprinting-old.html

A host, called lpi, with the MAC address 08:00:2b:4c:59:23 should always be given the IP address of 192.168.1.2 by a DHCP server running ISC DHCP

A. Which of the following configurations will achieve this?

B. IMAGE”202-450 Exam ITE-17_18.jpg” width=”456″ height=”126″>

C. IMAGE”202-450 Exam ITE-17_19.jpg” width=”316″ height=”124″>

D. host lpi = 08:00:2b:4c:59:23 192.168.1.2

E. IMAGE”202-450 Exam ITE-17_20.jpg” width=”453″ height=”128″>

F. IMAGE”202-450 Exam ITE-17_21.jpg” width=”438″ height=”133″>

The content of which local file has to be transmitted to a remote SSH server in order to be able to log into the remote server using SSH keys?

A. ~/.ssh/authorized_keys

B. ~/.ssh/config

C. ~/.ssh/id_rsa.pub

D. ~/.ssh/id_rsa

E. ~./ssh/known_hosts
eference: https://www.digitalocean.com/community/tutorials/ssh-essentials-working-with-ssh-servers-clients-and-keys Community vote distribution
Reference: https://www.digitalocean.com/community/tutorials/ssh-essentials-working-with-ssh-servers-clients-and-keys Community vote distribution