Which THREE of the following actions should be considered when a FTP chroot jail is created?
A. Create /dev/ and /etc/ in the chroot enviroment
B. Create /etc/passwd in the chroot enviroment
C. Create /var/cache/ftp in the chroot enviroment
D. Create the user ftp in the chroot enviroment
E. Create /usr/sbin/ in the chroot enviroment
All machines outside the network are able to send emails through the server to addresses not served by that server. If the server accepts and delivers the email, then it is a (n) _____________. Please enter the English term, without any punctuation.
A. open relay
Which of the following sentences is true, when using the following /etc/pam.d/login file? #%PAM-l.0 auth required /lib/security/pam_securetty.so auth required /lib/security/pam_nologin.so auth sufficient /lib/security/pam_unix.so shadow nullok md5 use_authtok auth required /lib/security/pam_ldap.so use_first_pass account sufficient /lib/security/pam_unix.so account required /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/pam_ldap.so use_first_pass session optional /lib/security/pam_console.so session sufficient /lib/security/pam_unix.so session required /lib/security/pam_ldap.so
A. All users will be authenticated against the LDAP directory
B. This is the only file needed to configure LDAP authentication on Linux
C. Only local users will be able to log in, when the file/etc/nologin exists
D. Ordinary users will be able to change their password to be blank
E. If the control flags for auth were changed to required, local users wouldn't be able to log in
To be able to access the server with the IP address 10.12.34.56 using HTTPS, a rule for iptables has to be written. Given that the client host's IP address is 192.168.43.12, which of the following commands is correct?
A. iptables - A FORWARD -p tcp -s 0/0 -d 10.12.34.56 --dport 80 -j ACCEPT
B. iptables - A FORWARD -p tcp -s 192.168.43.12 d 10.12.34.56:443 -j ACCEPT.
C. iptables - A FORWARD -p tcp -s 192.168.43.12 -d 10.12.34.56 --dport 443 -j ACCEPT.
D. iptables - A INPUT -p tcp -s 192.168.43.12 - d 10.12.34.56:80 -j ACCEPT.
E. iptables - A FORWARD -p tcp -s 0/0 -d 10.12.34.56 --dport 443 -j ACCEPT.
An SSH server is configured to use tcp_wrappers and only hosts from the class C network 192.168.1.0 should be allowed to access it. Which of the following lines would achieve this, when entered in/etc/ hosts.allow?
A. ALLOW: 192.168.1.0/255.255.255.0 : sshd
B. sshd : 192.168.1.0/255.255.255.0 : ALLOW
C. 192.168.1.0/255.255.255.0 : ALLOW: sshd
D. tcpD. sshd : 192.168.1.0/255.255.255.0 : ALLOW
E. sshd : ALLOW: 192.168.1.0/255.255.255.0
What is the appropriate configuration file entry to allow SSH to run from inetd?
A. ssh stream tcp nowait root /usr/sbin/tcpd sshd
B. ssh stream tcp nowait root /usr/sbin/tcpd tcpd
C. ssh stream tcpd nowait root /usr/sbin/tcpd sshd
D. ssh data tcpd nowait root /usr/sbin/tcpd sshd
E. ssh data tcp nowait root /usr/sbin/tcpd sshd
Remote access to a CD-RW device on a machine on a LAN must be restricted to a selected user group. Select the TWO correct alternatives that describe the possible solutions for this problem.
A. The remote access to these devices can be allowed to users by changing the display manager configuration and allowing sudo access for the user that will log in remotely
B. The pam_console module allows access configuration to these devices via console, including simultaneous access by many users
C. The pam_console module can be used to control access to devices via console, allowing/denying access to these devices in the user's session
D. If the pam_console module is used, it must be checked as required, because it is essential for user authentication
E. Through the sudo configuration file, it is possible to set users that will have the power of the root user, so they can access the devices. Besides that, it is important to configure the /etc/pam.d/su file, so the PAM modules can secure the service
Which TWO of the following statements about xinetd and inetd are correct?
A. xinetd supports access control by time.
B. xinetd only supports TCP connections.
C. xinetd is faster than xinetd and should be preferred for this reason.
D. xinetd includes support for X connections.
E. xinetd and inetd are used to reduce the number of listening daemons.
To configure an LDAP service in the company " Certkiller Ltd", which of the following entries should be added to slapd.conf, in the Database Directives section, to set the rootdn so that the common name is Manager and the company's domain is Certkiller .com ?
A. rootdn cn=Manager dc= Certkiller dc=com
B. rootdn "cn=Manager,dc= Certkiller ,dc=com"
C. rootdn cn= Certkiller ,dc=com,dc=Manager
D. rootdn "cn= Certkiller ,dc=com,dc=Manager"
E. rootdn "cn=Manager dc= Certkiller dc=com"
What is the advantage of using SASL authentication with OpenLDAP?
A. It can prevent the transmission of plain text passwords over the network.
B. It disables anonymous access to the LDAP server.
C. It enables the use of Access Control Lists.
D. It allows the use of LDAP to authenticate system users over the network.
E. All of the above.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Lpi exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 202-450 exam preparations and Lpi certification application, do not hesitate to visit our Vcedump.com to find your solutions here.