
2025年最新ののLpi 303-300問題集PDF303-300最速合格したいならここ
303-300練習試験問題集で99%合格率Lpi試験合格させます
質問 # 57
Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?
- A. Require valid-x509
- B. Limit valid-x509
- C. SSLVerifyClient require
- D. SSLRequestClientCert always
- E. SSLPolicy valid-client-cert
正解:C
質問 # 58
What is the purpose of file ownership in Linux systems?
- A. To protect files from being accidentally deleted
- B. To enable multiple users to access files simultaneously
- C. To ensure that files are backed up regularly
- D. To restrict access to files only to their owner
正解:D
質問 # 59
Which command is used to set the permissions of a file in Linux?
- A. chown
- B. chmod
- C. setfacl
- D. chgrp
正解:B
質問 # 60
What is the purpose of a Certificate Authority (CA)?
- A. To encrypt X.509 certificates
- B. To store X.509 certificates
- C. To decrypt X.509 certificates
- D. To issue and sign X.509 certificates
正解:D
質問 # 61
Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file private/ keypair.pem?
- A. openssl req -key private/keypair.pem -out req/csr.pem
- B. openssl gencsr -key private/keypair.pem -out req/csr.pem
- C. openssl req - new -key private/keypair.pem -out req/csr.pem
- D. openssl gencsr -new- key private/keypair.pem -out req/csr.pem
正解:C
質問 # 62
What is OCSP stapling?
- A. A mechanism that allows a server to provide proof of a client's identity to other servers
- B. A mechanism that allows a server to provide proof of the revocation status of its own SSL/TLS certificate
- C. A mechanism that allows a server to provide proof of the revocation status of all certificates issued by a particular Certificate Authority
- D. A mechanism that allows a server to provide proof of its own identity to clients
正解:B
質問 # 63
What is a rootkit?
- A. A type of malware that disguises itself as legitimate software
- B. A type of virus
- C. A type of denial-of-service attack
- D. A type of phishing scam
正解:A
質問 # 64
What is a man-in-the-middle attack?
- A. An attack that targets a specific user or organization
- B. An attack that intercepts communications between two parties to steal information
- C. An attack that floods a network or server with traffic to make it unavailable
- D. An attack that aims to steal sensitive information
正解:B
質問 # 65
Which of the following command lines sets the administrator password for ntop to testing 123?
- A. ntop --reset-password=testing123
- B. ntop --set-password=testing123
- C. ntop --set-new-password=testing123
- D. ntop --set-admin-password=testing123
正解:D
質問 # 66
What is host intrusion detection (HID)?
- A. A system that prevents malware from infecting a network
- B. A system that monitors and detects potential security threats on a single computer or server
- C. A system that scans files and folders for viruses
- D. A system that detects malicious traffic on a network
正解:B
質問 # 67
What is a honeypot?
- A. A type of virus
- B. A type of denial-of-service attack
- C. A network security tool designed to lure attackers into a trap
- D. A type of phishing scam
正解:C
質問 # 68
Which of the following methods can be used to deactivate a rule in Snort?
(Choose TWO correct answers.)
- A. By adding a pass rule to /etc/snort/rules.deactivated and waiting for Snort to reload its rules files automatically.
- B. By placing a pass rule in local.rules and restarting Snort.
- C. By placing a # in front of the rule and restarting Snort.
- D. By deleting the rule and waiting for Snort to reload its rules files automatically.
正解:B、C
質問 # 69
Which of the following sections are allowed within the Kerberos configuration file krb5.conf?
(Choose THREE correct answers.)
- A. [plugins]
- B. [crypto]
- C. [domain]
- D. [realms]
- E. [capaths]
正解:A、D、E
質問 # 70
Which of the following DNS record types can the command dnssec-signzone add to a zone?
(Choose THREE correct answers.)
- A. NSEC3
- B. NSEC
- C. RRSIG
- D. NSSIG
- E. ASIG
正解:A、B、C
質問 # 71
Which of the following DNS records is used to map an IP address to a hostname?
- A. A
- B. NS
- C. SOA
- D. PTR
正解:D
質問 # 72
What is the purpose of an access control list in Linux?
- A. To encrypt a file for secure transmission
- B. To mark a file as executable
- C. To compress a file to save disk space
- D. To specify fine-grained permissions for users and groups
正解:D
質問 # 73
Which of the following statements describes the purpose of ndpmon?
- A. It monitors remote hosts by periodically sending echo requests to them.
- B. It monitors log files for failed login attempts in order to block traffic from offending network nodes.
- C. It monitors the network for IPv4 nodes that have not yet migrated to IPv6.
- D. It monitors the availability of a network link by querying network interfaces.
- E. It monitors the network for neighbor discovery messages from new IPv6 hosts and routers.
正解:E
質問 # 74
What is the purpose of an extended attribute in Linux?
- A. To encrypt a file for secure transmission
- B. To mark a file as executable
- C. To compress a file to save disk space
- D. To store additional metadata about a file
正解:D
質問 # 75
What is Cryptography?
- A. The art of sending public messages
- B. The art of sending secret messages
- C. The art of sending anonymous messages
- D. The art of decoding messages
正解:B
質問 # 76
Which file is used to configure AIDE?
- A. /etc/audit/auditd.conf
- B. /etc/maldet.conf
- C. /etc/aide/aide.conf
- D. /etc/rkhunter.conf
正解:C
質問 # 77
Which of the following access control models is established by using SELinux?
- A. Security Access Control (SAC)
- B. Discretionary Access Control (DAC)
- C. Group Access Control (GAC)
- D. Mandatory Access Control (MAC)
- E. User Access Control (UAC)
正解:D
質問 # 78
Which PAM module checks new passwords against dictionary words and enforces complexity?
(Specially the module name only without any path.)
Solution: pam_cracklib
Determine whether the given solution is correct?
- A. Incorrect
- B. Correct
正解:B
質問 # 79
What is a ciphertext?
- A. The algorithm used to encrypt the message
- B. The encrypted message
- C. The key used to encrypt the message
- D. The original message before encryption
正解:B
質問 # 80
What is an X.509 Certificate?
- A. A digital document that verifies the identity of a website
- B. A digital document that verifies the identity of a person
- C. A digital document that verifies the identity of a company
- D. A digital document that verifies the identity of a device
正解:A
質問 # 81
What is a rogue access point?
- A. An unauthorized access point that is set up to look like a legitimate one
- B. A type of virus
- C. A legitimate access point that is incorrectly configured
- D. A type of phishing scam
正解:A
質問 # 82
......
最新の検証済み303-300問題と解答で合格保証:https://jp.fast2test.com/303-300-premium-file.html