Browse Exams Pricing

Exams303-300Questions

303-300 Exam Questions

118 real 303-300 exam questions with expert-verified answers and explanations. Page 2 of 3.

Question #52Network Security
Which of the following keywords are built-in chairs for the iptables nat table? (Choose THREE correct answers.)
iptablesnat-chainsnetfilterfirewall
Question #53Access Control
Which command is used to set the permissions of a file in Linux?
file permissionschmodLinux filesystemaccess control
Question #54Network Security
Which of the following DNS records is used to publish X.509 certificate and certificate authority information in DNS?
DNS recordsX.509 certificatesCAACertificate Authority
Question #55Network Security
What is the purpose of a TLSA record in DANE?
DANETLSA recordsCertificate AuthenticationDNSSEC
Question #56Host Security
Which of the following resources of a shell and its child processes can be controlled by the Bash build- in command ulimit? (Choose THREE correct answers.)
ulimitresource limitsfile descriptorsprocess management
Question #57Network Security
What effect does the configuration SSLStrictSNIVHostCheck on have on an Apache HTTPD virtual host?
SNIApache SSL configurationVirtual hostsTLS protocol
Question #58Access Control
Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?
SSL/TLSClient CertificatesApache HTTPDAuthentication
Question #59Cryptography
Which of the following statements are true regarding the certificate of a Root CA? (Choose THREE correct answers.)
Root CAX.509 certificatesSelf-signed certificatesPKI
Question #60Host Security
Which of the following is a best practice for implementing HID?
Host-based Intrusion DetectionSecurity MonitoringIncident AlertingHost Security Controls
Question #61Access Control
How are SELinux permissions related to standard Linux permissions? (Choose TWO correct answers.)
SELinuxAccess ControlDAC/MACLinux Permissions
Question #62Access Control
Which command is used to set the owner and group of a file in Linux?
file ownershipchown commandLinux permissionsaccess control
Question #63Network Security
Which of the following statements are valid wireshark capture filters? (Choose TWO correct answers.)
WiresharkCapture filtersPort filteringTCP protocol
Question #64Threat Detection and Incident Response
What command is used to update NVTs from the OpenVAS NVT feed? (Specify ONLY the command without any path or parameters). Solution: openvas-nvt-sync Determine whether the given sol...
OpenVASNVT synchronizationVulnerability feed updatesSecurity tools
Question #65Access Control
Which permission bit allows a file to be executed?
file permissionsexecute bitunix modesaccess control
Question #66Host Security
How can host scans be automated on a Linux system?
cron schedulinghost scanningautomationLinux administration
Question #67Host Security
In which path is the data, which can be altered by the sysctl command, accessible?
sysctlproc filesystemkernel parameterssystem configuration
Question #68Access Control
What is the purpose of an access control list in Linux?
ACLLinux permissionsFine-grained access controlUser/group permissions
Question #69Access Control
Which of the following authentication methods was added to NFS in version 4?
NFS v4KerberosAuthenticationNetwork protocols
Question #70Cryptography
What is OCSP stapling?
OCSP StaplingCertificate RevocationSSL/TLSPKI
Question #71Access Control
Which command installs and configures a new FreeIPA server, including all sub-components, and creates a new FreeIPA domain? (Specially ONLY the command without any path or paramete...
FreeIPAIdentity ManagementLDAP/KerberosServer Installation
Question #72Cryptography
Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file private/ keypair.pem?
CSR generationOpenSSL syntaxPKIPrivate key
Question #73Cryptography
What is Cryptography?
cryptographyconfidentialityencryptiondata protection
Question #74Host Security
What type of activity does HID monitor for?
Host Intrusion DetectionAccess ControlSystem MonitoringThreat Detection
Question #75Threat Detection and Incident Response
Which of the following is NOT a benefit of using HID?
Host Intrusion DetectionIncident DetectionThreat ResponseDetection vs Prevention
Question #76Cryptography
What is a ciphertext?
ciphertextencryptionplaintextcryptography basics
Question #77Host Security
Which of the following commands defines an audit rule that monitors read and write operations to the file/ etc/firewall/rules and associates the rule with the name firewall?
auditctlaudit loggingfile monitoringsystem auditing
Question #78Host Security
What is a rootkit?
rootkitmalwareprivilege escalationpersistence
Question #79Network Security
Which of the following commands displays all ebtable rules contained in the table filter including their packet and byte counters?
ebtablesfirewall rulespacket countersbridge filtering
Question #80Cryptography
What is a plaintext?
plaintextencryptioncryptography basicsmessage encoding
Question #81Cryptography
Which protocol is commonly used to transmit X.509 certificates?
X.509 certificatesLDAPPKI infrastructurecertificate distribution
Question #82Threat Detection and Incident Response
What is the purpose of the program snort-stat?
Snort IDSLog AnalysisPort Scan DetectionNetwork Monitoring
Question #83Host Security
Which tool can be used to check for rootkits on a Linux system?
rootkit detectionchkrootkitmalware detectionhost monitoring
Question #84Access Control
What happens when the command getfattr afile is run while the file afile has no extended attributes set?
getfattrextended attributesexit codesfile attributes
Question #85Cryptography
A LUKS device was mapped using the command: cryptsetup luksOpen/dev/sda1 crypt-vol Given that this device has three different keys, which of the following commands deletes only the...
LUKS encryptionkey slot managementcryptsetup syntaxkey deletion
Question #86Cryptography
Which of the following statements is true regarding eCryptfs?
eCryptfsFilesystem EncryptionData at Rest ProtectionLinux Encryption
Question #87Access Control
Which of the following commands disables the automatic password expiry for the user usera?
password expirychage commanduser account securityLinux administration
Question #88Network Security
How does TSIG authenticate name servers in order to perform secured zone transfers?
TSIGZone TransfersDNS SecurityShared Secrets
Question #89Access Control
Which of the following components are part of FreeIPA? (Choose THREE correct answers.)
FreeIPAKerberos AuthenticationLDAP DirectoryPublic Key Infrastructure
Question #90Cryptography
Which of the following utilities is used to generate keys for DNSSEC?
DNSSECKey GenerationDNS SecurityCryptographic Utilities
Question #91Cryptography
Which of the following commands makes the contents of the eCryptfs encrypted directory ~/Private available to the user?
eCryptfsfile-encryptionencrypted-filesystemslinux-tools
Question #92Threat Detection and Incident Response
Which of the following is an example of an HID tool?
HID toolsSIEM systemsSecurity monitoringThreat detection
Question #93Cryptography
An X509 certificate contains the following information: X509v3 Basic Constraints: critical CA:TRUE, pathlen:0 Which of the following statements are true regarding the certificate?...
X509 certificateBasic ConstraintsCertification authoritypathlen
Question #94Access Control
Which of the following are differences between AppArmor and SELinux? (Choose TWO correct answers)
AppArmorSELinuxMandatory Access ControlFile Attributes
Question #95Cryptography
What is an X.509 Certificate?
X.509digital certificatesPKIidentity verification
Question #96Host Security
Which of the following statements is true about chroot environments?
chrootfilesystem isolationcontainmentdirectory jail
Question #97Cryptography
Which of the following information, within a DNSSEC- signed zone, is signed by the key signing key?
DNSSECKey Signing KeyZone Signing KeyDigital Signatures
Question #98Network Security
Which of the following DNS records is used to map an IP address to a hostname?
DNS RecordsPTR RecordsReverse DNSIP-to-Hostname Mapping
Question #99Host Security
What is host intrusion detection (HID)?
host intrusion detectionthreat detectionhost-based securitysecurity monitoring
Question #100Cryptography
What is a Certificate Revocation List (CRL)?
CRLX.509 certificatesPKICertificate revocation
Question #101Cryptography
What is the purpose of a DNSKEY record in DNSSEC?
DNSSECDigital SignaturesPublic Key CryptographyZone Signing

PreviousPage 2 of 3Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.