303-200 Online Practice Questions and Answers

Which command revokes ACL-based write access for groups and named users on the file afile?

A. setfacl -x group: * : rx, user:*: rx afile

B. setfacl -x mask: : rx afile

C. setfacl ~m mask: : rx afile

D. setfacl ~m group: * : rx, user:*: rx afile

Which of the following access control models is established by using SELinux?

A. Security Access Control (SAC)

B. Group Access Control (GAC)

C. User Access Control (UAC)

D. Discretionary Access Control (DAC)

E. Mandatory Access Control (MAC)

Which of the following prefixes could be present in the output of get cifsacl? (Choose THREE correct answers.)

A. ACL

B. GRANT

C. GROUP

D. OWNER

E. SlD

What effect does the configuration SSLStrictSNlVHostCheck on have on an Apache HTTPD virtual host?

A. The clients connecting to the virtual host must provide a client certificate that was issued by the same CA that issued the server's certificate.

B. The virtual host is served only to clients that support SNl.

C. All of the names of the virtual host must be within the same DNS zone.

D. The virtual host is used as a fallback default for all clients that do not support SNl.

E. Despite its configuration, the virtual host is served only on the common name and Subject Alternative Names of theserver certificates.

Which option in an Apache HTTPD configuration file enables OCSP stapling? (Specify ONLY the option name without any values or parameters.)

Which of the following information, within a DNSSEC- signed zone, is signed by the key signing key?

A. The non-DNSSEC records like A, AAAA or MX.

B. The zone signing key of the zone.

C. The RRSlG records of the zone.

D. The NSEC or NSEC3 records of the zone.

E. The DS records pointing to the zone.

Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?

A. Limit valid-x509

B. SSLRequestClientCert always

C. Require valid-x509

D. SSLVerifyClient require

E. SSLPolicy valid-client-cert

Which of the following practices are important for the security of private keys? (Choose TWO correct answers.)

A. Private keys should be created on the systems where they will be used and should never leave them.

B. Private keys should be uploaded to public key servers.

C. Private keys should be included in X509 certificates.

D. Private keys should have a sufficient length for the algorithm used for key generation.

E. Private keys should always be stored as plain text files without any encryption.

Which of the following commands displays all ebtable rules contained in the table filter including their packet and byte counters?

A. ebtables -t nat -L -v

B. ebtables-L-t filter -Lv

C. ebtables -t filter –L --Lc

D. ebtables -t filter -Ln -L

E. ebtables-L -Lc-t filter

What effect does the following command have on TCP packets? iptables- A lNPUT -d 10 142 232.1 -p tcp -dport 20:21 -j ACCEPT

A. Forward all TCP traffic not on port 20 or 21 to the lP address 10.142 232.1

B. Drop all TCP traffic coming from 10 142 232.1 destined for port 20 or 21.

C. Accept only TCP traffic from 10.142 232.1 destined for port 20 or 21.

D. Accept all TCP traffic on port 20 and 21 for the lP address 10.142.232.1