116. To be able to access the server with the IP address 10.12.34.56 using HTTPS, a rule for iptables has to be written.
Given that the client host’s IP address is 192.168.43.12, which of the following commands is correct?
A. iptables -A FORWARD -p tcp -s 0/0 -d 10.12.34.56 -dport 80 -j ACCEPT
B. iptables -A FORWARD -p [...]
111. Which TWO of the following statements about xinetd and inetd are correct?
A. xinetd supports access control by time.
B. inetd only supports TCP connections.
C. inetd is faster than xinetd and should be preferred for this reason.
D. xinetd includes support for X connections.
E. xinetd and inetd are used to reduce the number of listening daemons.
Answer: AE
112. [...]
106. On a newly-installed mail server with the IP address 10.10.10.1, ONLY local networks should be able to send email.
How can the configuration be tested, using telnet, from outside the local network?
A. telnet 10.10.10.1 25
MAIL FROM:<admin@example.com>
RECEIPT TO:<someone@example.org>
B. telnet 10.10.10.1 25
RCPT FROM:<admin@example.com>
MAIL TO:<someone@example.org>
C. telnet 10.10.10.1 25
HELLO bogus.example.com
MAIL FROM:<anyone@example.org>
RCPT TO:<someone@example.net>
D. telnet 10.10.10.1 25
HELO bogus.example.com
MAIL FROM:<anyone@example.org>
RCPT TO:<someone@example.net>
E. telnet [...]
101. What must be done on a host to allow a user to log in to that host using an SSH key?
A. Add their private key to ~/.ssh/authorized_keys.
B. Reference their public key in ~/.ssh/config.
C. Run ssh-agent on that host.
D. Add their public key to ~/.ssh/authorized_keys.
E. Reference their private key in ~/.ssh/config.
Answer: D
102. route shows the [...]
96. Which of these ways can be used to only allow access to a DNS server from specified networks/hosts?
A. Using the limit { …; }; statement in the named configuration file.
B. Using the allow-query { …; }; statement in the named configuration file.
C. Using the answer-only { …; }; statement in the named configuration file.
D. [...]
91. Some users are unable to connect to specific local hosts by name, while accesing hosts in other zones works as
expected. Given that the hosts are reachable by their IP addresses, which is the default log file that could provide hints
about the problem?
A. /var/named/log
B. /var/lib/named/dev/log
C. /var/log/bind_errors
D. /var/log/bind/errors
E. /var/log/messages
Answer: E
92. Which of these tools can provide [...]
86. What command must be used to print the kernel’s routing table?
A. route print
B. route enumerate
C. route show
D. route list
E. route
Answer: E
87. A server with 2 network interfaces, eth0 and eth1, should act as a router. eth0 has the IP address 192.168.0.1 in the
subnet 192.168.0.1/24 and eth1 has the IP address 10.0.0.1 in the subnet [...]
81. If the command arp -f is run, which file will be read by default?
A. /etc/hosts
B. /etc/ethers
C. /etc/arp.conf
D. /etc/networks
E. /var/cache/arp
Answer: B
82. A DNS server has the IP address 192.168.0.1. Which TWO of the following need to be done on a client machine to
use this DNS server?
A. Add nameserver 192.168.0.1 to /etc/resolv.conf.
B. Run route add nameserver [...]
76. What command is used to add a route to the 192.168.4.0/24 network via 192.168.0.2?
A. route add -network 192.168.4.0 netmask 255.255.255.0 gw 192.168.0.2
B. route add -net 192.168.4.0/24 gw 192.168.0.2
C. route add -network 192.168.4.0/24 192.168.0.2
D. route add -net 192.168.4.0 netmask 255.255.255.0 192.168.0.2
E. route add -net 192.168.4.0 netmask 255.255.255.0 gw 192.168.0.2
Answer: E
77. The following is an excerpt [...]
71. In a PAM configuration file, which of the following is true about the required control flag?
A. If the module returns success, no more modules of the same type will be invoked.
B. The success of the module is needed for the module-type facility to succeed. If it returns a failure, control is
returned to the calling [...]