In order to protect a directory on an Apache HTTPD web server with a password, this configuration was added to an .htaccess file in the respective directory:

Furthermore, a file /var/www/dir/ .htpasswd was created with the following content: usera:S3cr3t Given that all these files were correctly processed by the web server processes, which of the following statements is true about requests to the directory?

A. The user usera can access the site using the password s3cr3t

B. Accessing the directory as usera raises HTTP error code 442 (User Not Existent)

C. Requests are answered with HTTP error code 500 (Internal Server Error)

D. The browser prompts the visitor for a username and password but logins for usera do not seem to work

E. The web server delivers the content of the directory without requesting authentication A

Which Apache HTTPD configuration directive is used to specify the method of authentication, e.g. None or Basic?

A. AuthUser

B. AllowedAuthUser

C. AuthType

D. AllowAuth
eference: https://httpd.apache.org/docs/2.4/howto/auth.html
Reference: https://httpd.apache.org/docs/2.4/howto/auth.html

Which command is used to administer IPv6 net filter rules?

A. iptables

B. iptablesv6

C. iptables6

D. ip6tables

E. ipv6tables
eference: https://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-ip6tables.html Community vote distribution
Reference: https://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-ip6tables.html Community vote distribution

With Nginx, which of the following directives is used to proxy requests to a FastCGI application?

A. fastcgi_pass

B. fastcgi_proxy

C. proxy_fastcgi

D. proxy_fastcgi_pass

E. fastcgi_forward

FILL BLANK -
What option in the sshd configuration file instructs sshd to permit only specific user names to log in to a system? (Specify ONLY the option name without any values.)
sshd_config

FILL BLANK -
Which option in the Post x configuration makes Post x pass email to external destinations to another SMTP-server? (Specify ONLY the option name without any values.)

The content of which local file has to be transmitted to a remote SSH server in order to be able to log into the remote server using SSH keys?

A. ~/.ssh/authorized_keys

B. ~/.ssh/config

C. ~/.ssh/id_rsa.pub

D. ~/.ssh/id_rsa

E. ~./ssh/known_hosts
eference: https://www.digitalocean.com/community/tutorials/ssh-essentials-working-with-ssh-servers-clients-and-keys Community vote distribution
Reference: https://www.digitalocean.com/community/tutorials/ssh-essentials-working-with-ssh-servers-clients-and-keys Community vote distribution

A host, called lpi, with the MAC address 08:00:2b:4c:59:23 should always be given the IP address of 192.168.1.2 by a DHCP server running ISC DHCP

A. Which of the following configurations will achieve this?

B. IMAGE”202-450 Exam ITE-17_18.jpg” width=”456″ height=”126″>

C. IMAGE”202-450 Exam ITE-17_19.jpg” width=”316″ height=”124″>

D. host lpi = 08:00:2b:4c:59:23 192.168.1.2

E. IMAGE”202-450 Exam ITE-17_20.jpg” width=”453″ height=”128″>

F. IMAGE”202-450 Exam ITE-17_21.jpg” width=”438″ height=”133″>

Which of the following are logging directives in Apache HTTPD? (Choose two.)

A. TransferLog

B. CustomLog

C. ErrorLog

D. ServerLog

E. VHostLog
eference: http://httpd.apache.org/docs/current/mod/mod_log_config.html
Reference: http://httpd.apache.org/docs/current/mod/mod_log_config.html

A BIND server should be upgraded to use TSI

A. Which configuration parameters should be added if the server should use the algorithm hmac-md5 and the key skrKc4DoTzi/takIlPi7JZA==?

B. IMAGE”202-450 Exam ITE-37_33.jpg” width=”700″ height=”125″>

C. IMAGE”202-450 Exam ITE-37_34.jpg” width=”700″ height=”125″>

D. IMAGE”202-450 Exam ITE-37_35.jpg” width=”700″ height=”125″>

E. IMAGE”202-450 Exam ITE-37_36.jpg” width=”700″ height=”125″>

F. IMAGE”202-450 Exam ITE-37_37.jpg” width=”700″ height=”93″>

Which of these tools, without any options, provides the most information when performing DNS queries?

A. dig

B. nslookup

C. host

D. named-checkconf

E. named-checkzone

Which of the following OpenVPN configuration options makes OpenVPN forward network packets between VPN clients itself instead of passing the packets on to the Linux host which runs the OpenVPN server for further processing?

A. inter-client-traffic

B. client-to-client

C. client-router

D. client-pass

E. grant-client-traffic

When the default policy for the net filter INPUT chain is set to DROP, why should a rule allowing traffic to localhost exist?

A. All traffic to localhost must always be allowed

B. It doesn’t matter; net filter never affects packets addressed to localhost

C. Some applications use the localhost interface to communicate with other applications

D. syslogd receives messages on localhost

E. The iptables command communicates with the net filter management daemon net lterd on localhost to create and change packet filter rules

Which configuration parameter on a Post x server modifies only the sender address and not the recipient address?

A. alias_maps

B. alias_rewrite_maps

C. sender_canonical_maps

D. sender_rewrite_maps

Which Post x command can be used to rebuild all of the alias database files with a single invocation and without the need for any command line arguments?

A. makealiases

B. newaliases

C. postalias

D. postmapbuild

Which of the following commands displays an overview of the Post x queue content to help identify remote sites that are causing excessive mail traffic?

A. mailtraf

B. queuequery

C. qshape

D. postmap

E. poststats

FILL BLANK -
What command displays NFC kernel statistics? (Specify ONLY the command without any path or parameters.)
nfsstat

Which of the following statements allow the logical combinations of conditions in Sieve lters? (Choose two.)

A. allof

B. anyof

C. noneof

D. and

E. or

On a Linux router, packet forwarding for IPv4 has been enabled. After a reboot, the machine no longer forwards IP packets from other hosts. The command: echo 1 > /proc/sys/net/ipv4/ip_forward temporarily resolves this issue. Which one of the following options is the best way to ensure this setting is saved across system restarts?

A. Add echo 1 > /proc/sys/net/ipv4/ip_forward to the root user login script

B. Add echo 1 > /proc/sys/net/ipv4/ip_forward to any user login script

C. In /etc/sysct1.conf change net.ipv4.ip_forward to 1

D. In /etc/rc.local add net.ipv4.ip_forward = 1

E. In /etc/sysconfig/iptables-config add ipv4.ip_forward = 1

To allow X connections to be forwarded from or through an SSH server, what configuration keyword must be set to yes in the sshd configuration file?

A. AllowForwarding

B. ForwardingAllow

C. XllForwardingAllow

D. XllForwarding
eference: https://help.ubuntu.com/community/SSH/OpenSSH/configuring
Reference: https://help.ubuntu.com/community/SSH/OpenSSH/configuring

FILL BLANK -
Which doveadm sub-command displays a list of connections of Dovecot in the following format? (Specify ONLY the command without any parameters.)

Using its standard configuration, how does fail2ban block offending SSH clients?

A. By rejecting connections due to its role as a proxy in front of SSH

B. By modifying and adjusting the SSHD configuration.

C. By creating and maintaining net filter rules.

D. By creating null routes that drop any answer packets sent to the client.

E. By modifying and adjusting the TCP Wrapper configuration for SSH

F. eference: https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7 Community vote distribution
Reference: https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7 Community vote distribution

Which of the following nmap parameters scans a target for open TCP ports? (Choose two.)

A. -sO

B. -sZ

C. -sT

D. -sU

E. -sS

Which of the following types of IPv6 address assignments does DHCPv6 support? (Choose three.)

A. Assignments of normal IPv6 addresses that can be renewed.

B. Assignments of temporary IPv6 addresses that cannot be renewed.

C. Assignments of blacklisted IPv6 addresses that should no longer be used.

D. Assignments of IPv6 pre xes that can be used for routing or further assignments.

E. Assignments of anonymous IPv6 addresses whose assignment is not logged by the DHCPv6 server.

Which of the following PAM modules allows the system administrator to use an arbitrary file containing a list of user and group names with restrictions on the system resources available to them?

A. pam_ filter

B. pam_limits

C. pam_list file

D. pam_unix

After running ssh-keygen and accepting the default values, which of the following files are changed or created? (Choose two.)

A. ~/.ssh/id_rsa.key

B. ~/.ssh/id_rsa.pub

C. ~/.ssh/id_rsa.prv

D. ~/.ssh/id_rsa.crt

E. ~/.ssh/id_rsa

When are Sieve lters usually applied to an email?

A. When the email is delivered to a mailbox

B. When the email is relayed by an SMTP server

C. When the email is received by an SMTP smarthost

D. When the email is sent to the first server by an MUA

E. When the email is retrieved by an MUA

Given the following Squid configuration excerpt:
cache_dir ufs /var/spool/squid3/ 1024 16 256
Which of the following directories will exist directly within the directory:
/var/spool/squid3/? (Choose two.)

A. 0F

B. A0

C. 0b

D. FF

E. 00

Which option within a Nginx server configuration section defines the file system path from which the content of the server is retrieved?

A. location

B. htdocs

C. DocumentRoot

D. root

E. base_dir

When using mod_authz_core, which of the following strings can be used as an argument to Require in an Apache HTTPD configuration file to specify the authentication provider? (Choose three.)

A. method

B. all

C. regex

D. header

E. expr
eference: https://httpd.apache.org/docs/2.4/mod/mod_authz_core.html
Reference: https://httpd.apache.org/docs/2.4/mod/mod_authz_core.html

FILL BLANK -
What command creates a SSH key pair? (Specify ONLY the command without any path or parameters)

Which of the following statements is INCORRECT regarding the LDIF file format?

A. It contains a dn line that indicates where the attributes listed in the following lines of the file must be added.

B. In the file, a blank line separates one entry from another one.

C. If an attribute contains binary data, some specific configurations must be made for this entry.

D. The LDIF file accepts any type of file encoding.

In order to join a file server to the Active Directory domain intra.example.com, the following smb.conf has been created:

The command net ads join raises an error and the server is not joined to the domain. What should be done to successfully join the domain?

A. Change server role to ad member server to join an Active Directory domain instead of an NT4 domain.

B. Add realm = intra.example.com to the smb.conf and change workgroup to the domain’s netbios workgroup name.

C. Manually create a machine account in the Active Directory domain and specify the machine account’s name with “”U when starting net ads join.

D. Remove the winbind enum users and winbind enum groups since winbind is incompatible with Active Directory domains.

E. Remove all idmap configuration stanzas since the id mapping is defined globally in an Active Directory domain and cannot be changed on a member server.

What is the purpose of DANE?

A. Verify the integrity of name information retrieved via DNS.

B. Allow secure dynamic DNS updates.

C. Invalidate name information stored on caching name servers to speed up DNS updates.

D. Discover which servers within a DNS domain offer a specific service.

E. Provide a way to verify the association of X 509 certificates to DNS host names.
eference: https://wiki.archlinux.org/index.php/DANE
Reference: https://wiki.archlinux.org/index.php/DANE

Which of the following services belongs to NFSv4 and does not exist in NFSv3?

A. rpc.idmapd

B. rpc.statd

C. nfsd

D. rpc.mountd
eference: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/deployment_guide/ch-nfs
Reference: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/deployment_guide/ch-nfs

With fail2ban, what is a "~jail'?

A. A net filter rules chain blocking offending IP addresses for a particular service

B. A group of services on the server which should be monitored for similar attack patterns in the log files

C. A filter definition and a set of one or more actions to take when the filter is matched

D. The chroot environment in which fail2ban runs

FILL BLANK -
Which OpenLDAP client command can be used to change the password for an LDAP entry? (Specify ONLY the command without any path or parameters.)

Which of the following DNS records could be a glue record?

A. ns1.lab A 198.51.100.53

B. lab NS 198.51.100.53

C. ns1.lab NS 198.51.100.53

D. ns1. A 198.51.100.53

E. ns1.lab GLUE 198.51.100.53

What is the standard port used by OpenVPN?

A. 1723

B. 4500

C. 500

D. 1194

Which statements about the Alias and Redirect directives in Apache HTTPD's configuration file are true? (Choose two.)

A. Alias can only reference files under DocumentRoot

B. Redirect works with regular expressions

C. Redirect is handled on the client side

D. Alias is handled on the server side

E. Alias is not a valid configuration directive

There is a restricted area in a site hosted by Apache HTTPD, which requires users to authenticate against the file /srv/www/security/sitepasswd. Which command is used to CHANGE the password of existing users, without losing data, when Basic authentication is being used?

A. htpasswd “”c /srv/www/security/sitepasswd user

B. htpasswd /srv/www/security/sitepasswd user

C. htpasswd “”n /srv/www/security/sitepasswd user

D. htpasswd “”D /srv/www/security/sitepasswd user

A company is transitioning to a new DNS domain name and wants to accept e-mail for both domains for all of its users on a Post x server.
Which configuration option should be updated to accomplish this?

A. mydomain

B. mylocations

C. mydestination

D. myhosts

E. mydomains

In the main Post x configuration file, how are service definitions continued on the next line?

A. It isn’t possible. The service definition must t on one line.

B. The initial line must end with a backslash character ().

C. The following line must begin with a plus character (+).

D. The following line must begin with white space indentation.

E. The service definition continues on the following lines until all of the required elds are speci ed.

FILL BLANK -
In order to specify alterations to an LDAP entry, what keyword is missing from the following LDIF file excerpt?

Specify the keyword only and no other information.

Select the alternative that shows the correct way to disable a user login for all users except root.

A. The use of the pam_block module along with the /etc/login configuration file.

B. The use of the pam_deny module along with the /etc/deny configuration file.

C. The use of the pam_pwdb module along with the /etc/pwdv.conf configuration file.

D. The use of the pam_nologin module along with the /etc/nologin configuration file.

Performing a DNS lookup with dig results in this answer:

A. There is no . after linuserv.example.net in the PTR record in the forward lookup zone file

B. There is no . after linuserv in the PTR record in the forward lookup zone file

C. There is no . after linuserv.example.net in the PTR record in the reverse lookup zone file

D. The . in the NS definition in the reverse lookup zone has to be removed

Which keyword is used in the Squid configuration to define networks and times used to limit access to the service?

A. acl

B. allow

C. http_allow

D. permit
eference: https://www.tecmint.com/configure-squid-server-in-linux/
Reference: https://www.tecmint.com/configure-squid-server-in-linux/

Which of the following information has to be submitted to a certi cation authority in order to request a web server certificate?

A. The web server’s private key.

B. The IP address of the web server.

C. The list of ciphers supported by the web server.

D. The web server’s SSL configuration file.

E. The certificate signing request.

Which of the following sshd configuration should be set to no in order to fully disable password based logins? (Choose two.)

A. PAMAuthentication

B. ChallengegeResponseAuthentication

C. PermitPlaintextLogin

D. UsePasswords

E. PasswordAuthentication

In a PAM configuration file, which of the following is true about the required control flag?

A. If the module returns success, no more modules of the same type will be invoked

B. The success of the module is needed for the module-type facility to succeed. If it returns a failure, control is returned to the calling application

C. The success of the module is needed for the module-type facility to succeed. However, all remaining modules of the same type will be invoked

D. The module is not critical and whether it returns success or failure is not important

E. If the module returns failure, no more modules of the same type will be invoked C