Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: s2p65

Easiest Solution 2 Pass Your Certification Exams

303-200 LPI 303-200: LPIC-3 Exam 303: Security, version 2.0 Free Practice Exam Questions (2025 Updated)

Prepare effectively for your LPI 303-200 303-200: LPIC-3 Exam 303: Security, version 2.0 certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

LPI 303-200 Premium Access     Download Demo    
Page: 1 / 1
Total 60 questions

Linux Extended File Attributes are organized in namespaces. Which of the following names correspond to existing attribute namespaces? (Choose THREE correct answers.)

A.

default

B.

system

C.

owner

D.

trusted

E.

user

Which of the following prefixes could be present in the output of getcifsacl? (Choose THREE correct answers.)

A.

ACL

B.

GRANT

C.

GROUP

D.

OWNER

E.

SID

Which of the following terms refer to existing scan techniques with nmap? (Choose TWO correct answers.)

A.

Xmas Scan

B.

Zero Scan

C.

FIN Scan

D.

IP Scan

E.

UDP SYN Scan

Which of the following commands makes the contents of the eCryptfs encrypted directory -/Private available to the user?

A.

ecryptfsclient

B.

ecryptfs.mount

C.

ecryptfs-mount-private

D.

decryptfs

E.

ecryptfs-manage-di rectory

Which of the following methods can be used to deactivate a rule in Snort? (Choose TWO correct answers.)

A.

By placing a # in front of the rule and restarting Snort

B.

By placing a pass rule in local.rules and restarting Snort.

C.

By deleting the rule and waiting for Snort to reload its rules files automatically.

D.

By adding a pass rule to /etc/snort/rules.deactivated and waiting for Snort to reload its rules files automatically.

What option of mount.cifs specifies the user that appears as the local owner of the files of a mounted CIFS share when the server does not provide ownership information? (Specify ONLY the option name without any values or parameters.)

in which path is the data, which can be altered by the sysctl command, accessible?

A.

/dev/sys/

B.

/sys/

C.

/proc/sys/

D.

/sysctl/

Which DNS label points to the DANE information used to secure HTTPS connections to https://www.example.com/ ?

A.

example.com

B.

dane.www.example.com

C.

soa.example com

D.

www.example.com

E.

_443_tcp.www example.com

Which of the following expressions are valid AIDE rules? (Choose TWO correct answers.)

A.

!/var/run/.*

B.

append: /var/log/*

C.

/usr=all

D.

#/bin/

E.

/etc p+i+u+g

Which of the following types can be specified within the Linux Audit system? (Choose THREE correct answers)

A.

Control rules

B.

File system rules

C.

Network connection rules

D.

Console rules

E.

System call rules

Which command, included in BIND, generates DNSSEC keys? (Specify ONLY the command without any path or parameters.)

Which of the following commands defines an audit rule that monitors read and write operations to the file/ etc/firewall/rules and associates the rule with the name firewall?

A.

auditctl -N firewall –r r: /etc/firewall/rules –r w: etc/firewall/rules

B.

auditctl -A –f /etc/firewall/rules –o r– o w –l firewall

C.

auditctl –w /etc/firewall/rules -p rw -k firewall

D.

auditctl -_read /etc/firewall/rules -_write /etc/firewall/rules --label firewall

E.

echo "n: firewall r:/etc/firewall/rules: w:/ etc/firewall/rules:" | auditctl ~

Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file private/keypair.pem?

A.

openssl req -key private/keypair.pem -out req/csr.pem

B.

openssl req - new -key private/keypair.pem -out req/csr.pem

C.

openssl gencsr -key private/keypair.pem -out req/csr.pem

D.

openssl gencsr -new- key private/keypair.pem -out req/csr.pem

Which of the following DNS record types can the command dnssec-signzone add to a zone? (Choose THREE correct answers.)

A.

ASIG

B.

NSEC

C.

NSEC3

D.

NSSIG

E.

RRSIG

Which of the following sections are allowed within the Kerberos configuration file krb5.conf? (Choose THREE correct answers.)

A.

[plugins]

B.

[crypto]

C.

[domain]

D.

[capaths]

E.

[realms]

Which of the following authentication methods was added to NFS in version 4?

A.

Kerberos authentication

B.

SSH hostkey authentication

C.

Winbind authentication

D.

SSL certificate authentication

Which of the following statements are valid wireshark capture filters? {Choose TWO correct answers.)

A.

port range 10000:tcp-15000:tcp

B.

port-range tcp 10000-15000

C.

tcp portrange 10000-15000

D.

portrange 10000/tcp-15000/tcp

E.

portrange 10000-15000 and tcp

Which of the following statements are true regarding the certificate of a Root CA? (Choose TWO correct answers.)

A.

It is a self-signed certificate.

B.

It does not include the private key of the CA

C.

It must contain a host name as the common name.

D.

It has an infinite lifetime and never expires.

E.

It must contain an X509v3 Authority extension.

LPI 303-200 Premium Access     Download Demo    
Page: 1 / 1
Total 60 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved