117-303 Exam Questions

Which of the following lines in the OpenVPN server.conf file will supply a DNS server for DHCP clients to use?

Which command will list all of the extended attributes on the file afile.txt along with the values?

Which of the following statements is true when querying the extended attributes of a file that has no extended attributes set?

SELinux is a Linux feature that:

Which of the following statements are advantages that Mandatory Access Control has over Discretionary Access Control models? (Select TWO correct answers)

What are the steps which must be followed to enable serverwide zone transfers between two BIND 9 servers securely using TSIG?

Under which path is the selinux pseudofilesystem found?

Which GPG command will publish a public key to a public key server?

Which GPG command is used to create a revocation certificate in case a GPG key ever needs to be cancelled?

Which command is used to add an additional name, email address and comment to an existing private key?

Someone who wishes to receive an encrypted file has provided a key UID and a key fingerprint for verification to the data sender. Assuming that this key is on a public keyserver, w...

You have downloaded a file named file.tgz along with a signature file named file.tgz.asc. Which commands can be used to verify that file.tgz has not been tampered with since the fi...

By default, when verifying a signed file or a file with a detached signature, which keyring is used to search for public keys?

An administrator has just configured vsftp and notices that she cannot follow symbolic links when connected to the FTP server. What is the most likely reason for this?

What is one of the primary claimed benefits of Smack over SELinux?

How does AppArmor configure its access control settings?

Which of the following is NOT included in a Snort rule header?

Which of the following methods can be used to deactivate a rule in Snort? (Select TWO correct answers)

The system administrator is keeping local configuration file changes in RCS. What command will commit the file to RCS revision control AND keep a local, unlocked copy of the latest...

What is an SO rule in the context of Snort?

Which of the following are valid ntop deployment scenarios? (Select THREE correct answers)

In the Puppet centralized configuration management tool, a manifest is:

What is the syntax error in the following simple Puppet configuration file? class test_class { file { "/tmp/test.txt": mode => 600, owner => root, group => root } } # Define the no...

Which of the following are valid Nagios objects? (Select THREE correct answers)

Which of the following are common techniques for securing Nagios? (Select THREE correct answers)

Which of the following is not an iptables rule set?

Which of the following are builtin chains for the iptables nat table? (Select THREE correct answers)

Which syslog configuration line will send out logged messages to a remote syslog server?

Which option is required to syslogd in order for it to accept remote log messages?

What does the following iptables rule accomplish: iptables A INPUT s 208.77.188.166 j DROP

What does the following iptables rule accomplish: iptables A INPUT s 208.77.188.166 d 10.142.232.1 p tcp dport 22 j ACCEPT

What does the following iptables rule accomplish: iptables A INPUT d 10.142.232.1 p tcp dport 20:21 j ACCEPT

What does the following iptables rule accomplish: iptables A INPUT s !127.0.0.0/8 p tcp dport 111 j DROP

The local system administrator has created a configuration entry for apache version 2 that isn't working. What is wrong with the following configuration? <Location /members> AuthNa...

In apache configuration which directives are used to restrict access based on host/domain name and IP address?

An administrator has just configured an OpenVPN client. Upon starting the service, the following message is displayed: TLS Error: TLS key negotiation failed to occur within 60 seco...

SELinux has just been installed on a Linux system and the administrator wants to use SELinux in permissive mode in order to audit the various services on the system. What command w...

Which of the following export options, when specified in /etc/exports, will tell the server to use the NFSv4 Pseudofilesystem?

Which of the following are common techniques for securing a sendmail server? (Select THREE correct answers)

What does ntop use for data collection?

An administrator has created a mapping with the following command: cryptsetup luksOpen /dev/sda1 cryptvol and has set three different keys. Which command below will delete the firs...

Which of the following are valid dmcrypt modes? (Choose THREE correct answers)

You are certain that your kernel has been compiled with ACL support, however, when you try to set an ACL on a file, you get the following output: % setfacl m user:hugh:r afile.txt...

Which of the following are valid OpenVPN authentication modes? (Choose TWO correct answers)

What is true about the permissions for the file afile given the following output from getfacl? (Select TWO correct answers) % getfacl afile # file: afile # owner: matt # group: sup...

You wish to revoke write access for all groups and named users on a file. Which command will make the correct ACL changes?

When adding additional users to a file's extended ACLs, what is true about the default behaviour of the ACL mask for the file?

In which of the following scenarios MUST an administrator use ethernet bridging instead of routing when configuring an OpenVPN site? (Select TWO correct answers)

Linux Extended Attributes include attribute classes. Which of the following are included in the defined attribute classes? (Select THREE correct answers)

Which of the following statements are true about Linux Extended Attributes on files? (Select TWO correct answers)