LPI 303-200 practice test

LPIC-3 Exam 303: Security Exam


Question 1

What command is used to update NVTs from the OpenVAS NVT feed? (Specify ONLY the command
without any path or parameters).

Answer:

openvas-nvt-
sync

Explanation:
http://www.openvas.org/openvas-nvt-feed.html

Discussions

Question 2

Which of the following statements is used in a parameter file for setkey in order to create a new SPD
entry?

  • A. spd
  • B. addspd
  • C. newspd
  • D. spdnew
  • E. spdadd
Answer:

E

Discussions

Question 3

When OpenVPN sends a control packet to its peer, it expects an acknowledgement in 2 seconds by
default. Which of the following options changes the timeout period to 5 seconds?

  • A. -tls-timeout 5
  • B. -tls- timeout 500
  • C. -tls- timer 5
  • D. -tls- timer 500
Answer:

A

Discussions

Question 4

What effect does the following command have on TCP packets?
iptables- A INPUT -d 10 142 232.1 -p tcp -dport 20:21 -j ACCEPT

  • A. Forward all TCP traffic not on port 20 or 21 to the IP address 10.142 232.1
  • B. Drop all TCP traffic coming from 10 142 232.1 destined for port 20 or 21.
  • C. Accept only TCP traffic from 10.142 232.1 destined for port 20 or 21.
  • D. Accept all TCP traffic on port 20 and 21 for the IP address 10.142.232.1
Answer:

C

Discussions

Question 5

Which of the following stanzas is a valid client configuration for FreeRADIUS?

  • A. client pnvate-network-1 { ipaddr = 192 0 2.0/24 password = testing123-1 }
  • B. client private-network-1 { ip= 192.0.2.0/24 password-testing123-1 }
  • C. client private-network-1 { ip = 192 0 2.0/24 passwd = testing123-1 }
  • D. client private-network-1 { ip = 192 0.2.0/24 secret = testingl23-1 }
  • E. client private-network-1 { ipaddr = 192 0 2.0/24 secret = testing 123-1}
Answer:

E

Discussions

Question 6

Which option of the openvpn command should be used to ensure that ephemeral keys are not
written to the swap space?

  • A. --mlock
  • B. --no-swap
  • C. --root-swap
  • D. --keys-no-swap
Answer:

A

Discussions

Question 7

Which of the following statements are valid wireshark capture filters? {Choose TWO correct
answers.)

  • A. port range 10000:tcp-15000:tcp
  • B. port-range tcp 10000-15000
  • C. tcp portrange 10000-15000
  • D. portrange 10000/tcp-15000/tcp
  • E. portrange 10000-15000 and tcp
Answer:

C, E

Discussions

Question 8

Which directive is used in an OpenVPN server configuration in order to send network configuration
information to the client? (Specify ONLY the option name without any values or parameters.)

Answer:

push

Explanation:
https;//community.openvpn.net/openvpn/wiki/RoutedLans

Discussions

Question 9

Which of the following terms refer to existing scan techniques with nmap? (Choose TWO correct
answers.)

  • A. Xmas Scan
  • B. Zero Scan
  • C. FIN Scan
  • D. IP Scan
  • E. UDP SYN Scan
Answer:

A, C

Discussions

Question 10

Which of the following statements describes the purpose of ndpmon?

  • A. it monitors the network for neighbor discovery messages from new IPv6 hosts and routers
  • B. it monitors remote hosts by periodically sending echo requests to them.
  • C. it monitors the availability of a network link by querying network interfaces.
  • D. It monitors the network for IPv4 nodes that have not yet migrated to IPv6.
  • E. It monitors log files for failed login attempts in order to block traffic from offending network nodes
Answer:

A

Discussions
To page 2