LPI 303-200 practice test

Question 1

What command is used to update NVTs from the OpenVAS NVT feed? (Specify ONLY the command
without any path or parameters).

Question 2

Which of the following statements is used in a parameter file for setkey in order to create a new SPD
entry?

• A. spd
• B. addspd
• C. newspd
• D. spdnew
• E. spdadd

Question 3

When OpenVPN sends a control packet to its peer, it expects an acknowledgement in 2 seconds by
default. Which of the following options changes the timeout period to 5 seconds?

• A. -tls-timeout 5
• B. -tls- timeout 500
• C. -tls- timer 5
• D. -tls- timer 500

Question 4

What effect does the following command have on TCP packets?
iptables- A INPUT -d 10 142 232.1 -p tcp -dport 20:21 -j ACCEPT

• A. Forward all TCP traffic not on port 20 or 21 to the IP address 10.142 232.1
• B. Drop all TCP traffic coming from 10 142 232.1 destined for port 20 or 21.
• C. Accept only TCP traffic from 10.142 232.1 destined for port 20 or 21.
• D. Accept all TCP traffic on port 20 and 21 for the IP address 10.142.232.1

Question 5

Which of the following stanzas is a valid client configuration for FreeRADIUS?

• A. client pnvate-network-1 { ipaddr = 192 0 2.0/24 password = testing123-1 }
• B. client private-network-1 { ip= 192.0.2.0/24 password-testing123-1 }
• C. client private-network-1 { ip = 192 0 2.0/24 passwd = testing123-1 }
• D. client private-network-1 { ip = 192 0.2.0/24 secret = testingl23-1 }
• E. client private-network-1 { ipaddr = 192 0 2.0/24 secret = testing 123-1}

Question 6

Which option of the openvpn command should be used to ensure that ephemeral keys are not
written to the swap space?

• A. --mlock
• B. --no-swap
• C. --root-swap
• D. --keys-no-swap

Question 7

Which of the following statements are valid wireshark capture filters? {Choose TWO correct
answers.)

• A. port range 10000:tcp-15000:tcp
• B. port-range tcp 10000-15000
• C. tcp portrange 10000-15000
• D. portrange 10000/tcp-15000/tcp
• E. portrange 10000-15000 and tcp

Question 8

Which directive is used in an OpenVPN server configuration in order to send network configuration
information to the client? (Specify ONLY the option name without any values or parameters.)

Question 9

Which of the following terms refer to existing scan techniques with nmap? (Choose TWO correct
answers.)

• A. Xmas Scan
• B. Zero Scan
• C. FIN Scan
• D. IP Scan
• E. UDP SYN Scan

Question 10

Which of the following statements describes the purpose of ndpmon?

• A. it monitors the network for neighbor discovery messages from new IPv6 hosts and routers
• B. it monitors remote hosts by periodically sending echo requests to them.
• C. it monitors the availability of a network link by querying network interfaces.
• D. It monitors the network for IPv4 nodes that have not yet migrated to IPv6.
• E. It monitors log files for failed login attempts in order to block traffic from offending network nodes

Question 11

What is the purpose of IP sets?

• A. They group together IP addresses that are assigned to the same network interfaces.
• B. They group together IP addresses and networks that can be referenced by the network routing table.
• C. They group together IP addresses that can be referenced by netfilter rules.
• D. They group together IP and MAC addresses used by the neighbors on the local network.
• E. They group together IP addresses and user names that can be referenced from /etc/hosts allow and /etc/hosts deny

Question 12

Which of the following methods can be used to deactivate a rule in Snort? (Choose TWO correct
answers.)

• A. By placing a # in front of the rule and restarting Snort
• B. By placing a pass rule in local.rules and restarting Snort.
• C. By deleting the rule and waiting for Snort to reload its rules files automatically.
• D. By adding a pass rule to /etc/snort/rules.deactivated and waiting for Snort to reload its rules files automatically.

Question 13

Which of the following keywords are built-in chairs for the iptables nat table? (Choose THREE correct
answers)

• A. OUTPUT
• B. MASQUERADE
• C. PROCESSING
• D. POSTROUTING
• E. PREROUTING

Question 14

Which of the following commands displays all ebtable rules contained in the table filter including
their packet and byte counters?

• A. ebtables -t nat -L -v
• B. ebtables-L-t filter -Lv
• C. ebtables-t filter-L-Lc
• D. ebtables -t filter -Ln -L
• E. ebtables-L -Lc-t filter

Question 15

Which of the following command lines sets the administrator password for ntop to testing 123?

• A. ntop --set-admin-password=testing123
• B. ntop --set-password-testing123
• C. ntop --reset-password=testing 123
• D. ntop --set-new-password=testing123