(2021) 202-450 Dumps and Practice Test (120 Questions)
Guide (New 2021) Actual Lpi 202-450 Exam Questions
Target Audience and Prerequisites
The LPIC-2 exam 202-450 is perfect for LPIC-1 certified professionals with keen interests in open source technologies and anyone looking to advance their skills in system administration, systems integration, and network engineering.
LPI 202-450: Career Prospects
Once you pass the LPI 202-450 exam and get the LPIC-2 certification, you will receive vast opportunities for your career boost. There are many positions that you can apply for and some of them include the following titles: a Linux System Administrator, a Systems Engineer, an Information Technology Architect, and a SQL Developer, among others. With any of these roles, you can earn over $80,000 per annum.
NEW QUESTION 53
Which of the following DNS records could be a glue record?
- A. ns1.labGLUE198.51.100.53
- B. ns1.A198.51.100.53
- C. ns1.labNS198.51.100.53
- D. labNS198.51.100.53
- E. ns1.labA198.51.100.53
Answer: E
NEW QUESTION 54
Which of the following statements are true regarding Server Name Indication (SNI)? (Choose two.)
- A. It submits the host name of the requested URL during the TLS handshake.
- B. It enables HTTP servers to update the DNS of their virtual hosts' names using the X 509 certificates of the virtual hosts.
- C. It allows multiple SSL/TLS secured virtual HTTP hosts to coexist on the same IP address.
- D. It provides a list of available virtual hosts to the client during the TLS handshake.
- E. It supports transparent failover of TLS sessions from one web server to another.
Answer: A,C
NEW QUESTION 55
What does the samba-tool testparm command confirm regarding the Samba configuration?
- A. The Samba services are started automatically when the system boots.
- B. The configuration loads successfully.
- C. The netfilter configuration on the Samba server does not block any access to the services defined in the configuration.
- D. All running Samba processes use the most recent configuration version.
- E. The service operates as expected.
Answer: B
NEW QUESTION 56
To which destination will a route appear in the Linux routing table after activating IPv6 on a router's network interface, even when no global IPv6 addresses have been assigned to the interface?
- A. 2000::/3
- B. 0::/0
- C. fe80::/10
- D. 0::/128
- E. fe80::/64
Answer: C
NEW QUESTION 57
The program vsftpd, running in a chroot jail, gives the following error:
Which of the following actions would fix the error?
- A. Create a symbolic link that points to the required library outside the chroot jail
- B. Copy the required library to the appropriate lib directory in the chroot jail
- C. Run the program using the command chroot and the option--static_libs
- D. The file /etc/ld.so.conf in the root filesystem must contain the path to the appropriate lib directory in the chroot jail
Answer: B
NEW QUESTION 58
What is DNSSEC used for?
- A. Authentication of the user that initiated the DNS query
- B. Cryptographic authentication of DNS zones
- C. Encrypted DNS queries between nameservers
- D. Encrypting DNS queries and answers
- E. Secondary DNS queries for local zones
Answer: B
Explanation:
Explanation/Reference:
NEW QUESTION 59
With fail2ban, what is a 'jail'?
- A. A group of services on the server which should be monitored for similar attack patterns in the log files
- B. A netfilter rules chain blocking offending IP addresses for a particular service
- C. A filter definition and a set of one or more actions to take when the filter is matched
- D. The chroot environment in which fail2ban runs
Answer: C
Explanation:
Explanation/Reference:
Reference: https://docs.plesk.com/en-US/onyx/administrator-guide/server-administration/protection- against-brute-force-attacks-fail2ban/fail2ban-jails-management.73382/
NEW QUESTION 60
In a PAM configuration file, which of the following is true about the required control flag?
- A. The success of the module is needed for the module-type facility to succeed. However, all remaining modules of the same type will be invoked
- B. If the module returns success, no more modules of the same type will be invoked
- C. The module is not critical and whether it returns success or failure is not important
- D. If the module returns failure, no more modules of the same type will be invoked
- E. The success of the module is needed for the module-type facility to succeed. If it returns a failure, control is returned to the calling application
Answer: A
NEW QUESTION 61
In order to protect a directory on an Apache HTTPD web server with a password, this configuration was added to an .htaccessfile in the respective directory:
Furthermore, a file /var/www/dir/ .htpasswdwas created with the following content:
usera:S3cr3t
Given that all these files were correctly processed by the web server processes, which of the following statements is true about requests to the directory?
- A. The browser prompts the visitor for a username and password but logins for userado not seem to work
- B. Accessing the directory as useraraises HTTP error code 442 (User Not Existent)
- C. Requests are answered with HTTP error code 500 (Internal Server Error)
- D. The web server delivers the content of the directory without requesting authentication
- E. The user useracan access the site using the password s3cr3t
Answer: E
NEW QUESTION 62
A BIND server should be upgraded to use TSIG. Which configuration parameters should be added if the server should use the algorithm hmac-md5and the key skrKc4DoTzi/takIlPi7JZA==?
- A.

- B.

- C.

- D.

- E.

Answer: D
NEW QUESTION 63
Which of the following services belongs to NFSv4 and does not exist in NFSv3?
- A. rpc.idmapd
- B. nfsd
- C. rpc.statd
- D. rpc.mountd
Answer: A
Explanation:
Explanation/Reference: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/ deployment_guide/ch-nfs
NEW QUESTION 64
Which statements about the Alias and Redirect directives in Apache HTTPD's configuration file are true? (Choose two.)
- A. Redirect works with regular expressions
- B. Alias is handled on the server side
- C. Alias can only reference files under DocumentRoot
- D. Redirect is handled on the client side
- E. Alias is not a valid configuration directive
Answer: B,D
NEW QUESTION 65
Which directive in a Nginx server configuration block defines the TCP ports on which the virtual host will be available, and which protocols it will use?
(Specify ONLY the option name without any values.)
Answer:
Explanation:
listen
NEW QUESTION 66
After the installation of Dovecot, it is observed that the dovecot processes are shown in ps ax like this:
In order to associate the processes with users and peers, the username, IP address of the peer and the connection status, which of the following options must be set?
- A. process_format = "%u %I %s"in the Dovecot configuration
- B. --with-linux-extprocnamesfor ./configurewhen building Dovecot
- C. verbose_proctitle = yesin the Dovecot configuration
- D. sys.ps.allow_descriptions = 1in sysct1.confor /proc
- E. proc.all.show_status = 1 in sysctl.confor /proc
Answer: C
NEW QUESTION 67
In which CIFS share must printer drivers be placed to allow Point'n'Print driver deployment on Windows?
- A. print$
- B. NETLOGON
- C. The name of the share is specified in the option print driver share within each printable share in smb.conf
- D. pnpdrivers$
- E. winx64drv$
Answer: A
NEW QUESTION 68
FILL BLANK
What is the name of the root element of the LDAP tree holding the configuration of an OpenLDAP server that is using directory based configuration? (Specify ONLY the element's name without any additional information.)
Answer:
Explanation:
slapd
NEW QUESTION 69
It has been discovered that the company mail server is configured as an open relay. Which of the following actions would help prevent the mail server from being used as an open relay while maintaining the possibility to receive company mails? (Choose two.)
- A. Configure netfilter to not permit port 25 traffic on the public network
- B. Upgrade the mailbox format from mbox to maildir
- C. Restrict Postfix to only accept e-mail for domains hosted on this server
- D. Restrict Postfix to only relay outbound SMTP from the internal network
- E. Configure Dovecot to support IMAP connectivity
Answer: A,D
Explanation:
Explanation/Reference:
NEW QUESTION 70
Which BIND option should be used to limit the IP addresses from which slave name servers may connect?
- A. allow-secondary
- B. allow-slaves
- C. allow-transfer
- D. allow-zone-transfer
- E. allow-queries
Answer: C
NEW QUESTION 71
In order to protect a directory on an Apache HTTPD web server with a password, this configuration was added to an .htaccessfile in the respective directory:
Furthermore, a file /var/www/dir/ .htpasswdwas created with the following content:
usera:S3cr3t
Given that all these files were correctly processed by the web server processes, which of the following statements is true about requests to the directory?
- A. The browser prompts the visitor for a username and password but logins for userado not seem to work
- B. Accessing the directory as useraraises HTTP error code 442 (User Not Existent)
- C. Requests are answered with HTTP error code 500 (Internal Server Error)
- D. The web server delivers the content of the directory without requesting authentication
- E. The user useracan access the site using the password s3cr3t
Answer: E
NEW QUESTION 72
Which of the following information has to be submitted to a certification authority in order to request a web server certificate?
- A. The web server's SSL configuration file.
- B. The web server's private key.
- C. The IP address of the web server.
- D. The certificate signing request.
- E. The list of ciphers supported by the web server.
Answer: D
NEW QUESTION 73
How must Samba be configured such that it can check CIFS passwords against those found in /etc/passwd and /etc/shadow?
- A. Run smbpasswd to convert /etc/passwd and /etc/shadow to a Samba password file
- B. It is not possible for Samba to use /etc/passwd and /etc/shadow directly
- C. Set the parameters "encrypt passwords = yes" and "password file = /etc/passwd"
- D. Delete the smbpasswd file and create a symbolic link to the passwd and shadow file
- E. Set the parameters "encrypt passwords = yes", "password file = /etc/passwd" and
"password algorithm = crypt"
Answer: B
NEW QUESTION 74
......
Topic 6: System Security
The examinees should be able to customize a system in order to forward an IP packet as well as execute network address translation (including IP masquerading & NAT). The applicants should also possess the skills in configuring an FTP server for anonymous uploads downloads. The topic also covers their competency in precautions that are to be taken in case anonymous uploads are allowed. Moreover, they should be proficient in configuring and securing an SSH daemon. This subject area also involves your skills in handling keys and customizing SSH for the users. You need to possess the capacity to forward an application protocol over SSH as well as handle the SSH login. You are required to have proficiency in receiving security alerts from different sources, installing, customizing, and operating intrusion detection systems. The individuals need to be capable of applying security patches & bugfixes. Lastly, it is essential that one possesses the expertise in customizing VPN and creating secure site-to-site or point-to-point connections.
202-450 Exam Dumps Pass with Updated 2021 Certified Exam Questions: https://www.free4torrent.com/202-450-braindumps-torrent.html
202-450 Exam Questions - Real & Updated Questions PDF: https://drive.google.com/open?id=1fuOiLccAkdTnDxfJ7AZay68o9rrh3yq6