303-300問題集には練習試験問題解答 [Q12-Q37]

Share

303-300問題集には練習試験問題解答

303-300はLPIC-3実際の無料試験練習テスト

質問 # 12
Which of the following commands adds users using SSSD's local service?

  • A. sss-addlocaluser
  • B. sss_useradd
  • C. sss_add
  • D. sss_local_adduser
  • E. sss_adduser

正解:B


質問 # 13
What is the purpose of the Linux Audit system?

  • A. To automate host scans
  • B. To detect intrusions and system changes
  • C. To manage installed packages
  • D. To manage system log files

正解:B


質問 # 14
What is the purpose of rkhunter?

  • A. To automate host scans
  • B. To manage installed packages
  • C. To manage system log files
  • D. To detect rootkits and other security threats

正解:D


質問 # 15
Which of the following information, within a DNSSEC- signed zone, is signed by the key signing key?

  • A. The DS records pointing to the zone.
  • B. The zone signing key of the zone.
  • C. The RRSIG records of the zone.
  • D. The non-DNSSEC records like A, AAAA or MX.
  • E. The NSEC or NSEC3 records of the zone.

正解:B


質問 # 16
What command is used to update NVTs from the OpenVAS NVT feed?
(Specify ONLY the command without any path or parameters).
Solution: openvas-nvt-sync
Determine whether the given solution is correct?

  • A. Incorrect
  • B. Correct

正解:B


質問 # 17
Which of the following commands makes the contents of the eCryptfs encrypted directory ~/Private available to the user?

  • A. ecryptfsclient
  • B. ecryptfs.mount
  • C. decryptfs
  • D. ecryptfs-mount-private
  • E. ecryptfs-manage-directory

正解:D


質問 # 18
What is Cryptography?

  • A. The art of decoding messages
  • B. The art of sending public messages
  • C. The art of sending secret messages
  • D. The art of sending anonymous messages

正解:C


質問 # 19
What effect does the following command have on TCP packets?
iptables- A INPUT d 10.142.232.1 p tcp --dport 20:21 j ACCEPT

  • A. Forward all TCP traffic not on port 20 or 21 to the IP address 10.142.232.1
  • B. Accept all TCP traffic on port 20 and 21 for the IP address 10.142.232.1
  • C. Accept only TCP traffic from 10.142.232.1 destined for port 20 or 21.
  • D. Drop all TCP traffic coming from 10.142.232.1 destined for port 20 or 21.

正解:B


質問 # 20
What is OCSP stapling?

  • A. A mechanism that allows a server to provide proof of a client's identity to other servers
  • B. A mechanism that allows a server to provide proof of the revocation status of its own SSL/TLS certificate
  • C. A mechanism that allows a server to provide proof of the revocation status of all certificates issued by a particular Certificate Authority
  • D. A mechanism that allows a server to provide proof of its own identity to clients

正解:B


質問 # 21
What is a Certificate Revocation List (CRL)?

  • A. A list of X.509 certificates that have been revoked by a particular CA
  • B. A list of private keys that have been compromised
  • C. A list of public keys that have been compromised
  • D. A list of X.509 certificates that have been issued by a particular CA

正解:A


質問 # 22
What is the purpose of a DNSKEY record in DNSSEC?

  • A. To provide information about a DNS server
  • B. To sign a DNS zone
  • C. To map an IP address to a hostname
  • D. To verify the authenticity of a DNS query

正解:B


質問 # 23
Which of the following statements are true regarding the certificate of a Root CA?
(Choose THREE correct answers.)

  • A. It is a self-signed certificate.
  • B. It has an infinite lifetime and never expires.
  • C. It does not include the private key of the CA.
  • D. It must contain a host name as the common name.
  • E. It must contain an X509v3 Authority extension.

正解:A、C、E


質問 # 24
What is social engineering?

  • A. A type of denial-of-service attack
  • B. A type of virus
  • C. A type of malware that disguises itself as legitimate software
  • D. A type of attack that exploits human psychology to gain access to sensitive information

正解:D


質問 # 25
Which command is used to set the owner and group of a file in Linux?

  • A. chmod
  • B. chgrp
  • C. setfacl
  • D. chown

正解:D


質問 # 26
Which command is used to view the access control list of a file?

  • A. chmod
  • B. ls
  • C. setfacl
  • D. getfacl

正解:D


質問 # 27
Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate?

  • A. subjectAltName: www.example.org, subjectAltName: example.org
  • B. subject= CN= www.example.org, CN=example.org
  • C. subjectAltName = DNS: www.example.org, DNS:example.org
  • D. commonName = subjectAltName= www.example.org, subjectAltName = example.org
  • E. extension= SAN: www.example.org, SAN:example.org

正解:C


質問 # 28
How are SELinux permissions related to standard Linux permissions?
(Choose TWO correct answers.)

  • A. SELinux permissions are verified before standard Linux permissions.
  • B. SELinux permissions override standard Linux permissions.
  • C. SELinux permissions are verified after standard Linux permissions.
  • D. Standard Linux permissions override SELinux permissions.

正解:C、D


質問 # 29
What is an asymmetric key?

  • A. A key used for both encryption and decryption that is generated in a pair
  • B. A key used for encryption that is different from the key used for decryption
  • C. A key used for encryption and decryption that is the same
  • D. A key used for decryption that is different from the key used for encryption

正解:A


質問 # 30
What is a honeypot?

  • A. A type of denial-of-service attack
  • B. A type of phishing scam
  • C. A type of virus
  • D. A network security tool designed to lure attackers into a trap

正解:D


質問 # 31
What is a ciphertext?

  • A. The encrypted message
  • B. The original message before encryption
  • C. The algorithm used to encrypt the message
  • D. The key used to encrypt the message

正解:A


質問 # 32
What is a rootkit?

  • A. A type of malware that disguises itself as legitimate software
  • B. A type of denial-of-service attack
  • C. A type of phishing scam
  • D. A type of virus

正解:A


質問 # 33
What effect does the configuration SSLStrictSNIVHostCheck on have on an Apache HTTPD virtual host?

  • A. The virtual host is used as a fallback default for all clients that do not support SNI.
  • B. Despite its configuration, the virtual host is served only on the common name and Subject Alternative
  • C. All of the names of the virtual host must be within the same DNS zone.
  • D. The virtual host is served only to clients that support SNI.
  • E. The clients connecting to the virtual host must provide a client certificate that was issued by the same CA that issued the server's certificate.

正解:D


質問 # 34
Which of the following commands defines an audit rule that monitors read and write operations to the file/ etc/firewall/rules and associates the rule with the name firewall?

  • A. auditctl --read /etc/firewall/rules --write /etc/firewall/rules --label firewall
  • B. auditctl -N firewall -r r: /etc/firewall/rules -r w: etc/firewall/rules
  • C. echo "n: firewall r:/etc/firewall/rules: w:/etc/firewall/rules:" | auditctl ~
  • D. auditctl -A -f /etc/firewall/rules -o r -o w -l firewall
  • E. auditctl -w /etc/firewall/rules -p rw -k firewall

正解:E


質問 # 35
What is the purpose of TSIG in DNS?

  • A. To map a domain name to an IP address
  • B. To sign DNS messages for secure communication
  • C. To encrypt DNS queries
  • D. To provide information about DNS servers

正解:B


質問 # 36
Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?

  • A. --root-swap
  • B. --keys-no-swap
  • C. --mlock
  • D. --no-swap

正解:C


質問 # 37
......

無料LPIC-3 303-300試験問題:https://jp.fast2test.com/303-300-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어