Prepare 202-450 Question Answers - 202-450 Exam Dumps [Q40-Q61]

Prepare 202-450 Question Answers - 202-450 Exam Dumps

Real Lpi 202-450 Exam Questions [Updated 2021]

Topic 3: File Sharing

The applicants should be capable of setting up a Samba server for different clients. This section of the certification exam also includes setting up Samba as a standalone server & incorporating Samba as a member within Active Directory. Additionally, the candidates need to have the relevant skills in exporting filesystems with the help of NFS. This area also includes their expertise in mounting an NFS filesystem on a client, access restrictions, as well as securing NFS.

LPI 202-450: Key Details

If you are planning to take the LPI 202-450 exam, there are a couple of things that you need to know. The first detail is that this test is 90 minutes long, and within this time, the candidates will be required to answer up to 60 questions. All of them are based on the multiple-choice and fill-in-the-blank formats. The exam is available in many languages, including Brazilian Portuguese, Japanese, German, and English. It can be taken both at the designated testing center and as an online proctored option. Each applicant is required to pay the fee of $200. This is the price applicable to the individuals located in the United States. If you sit for this exam in another country, this cost may be different for you. To check the actual pricing for you location, visit the official website.

 

NEW QUESTION 40
How is the LDAP administrator account configured when the rootdnand rootpwdirectives are not present in the slapd.conffile?

• A. The account is defined in the file /etc/ldap.secret
• B. The account is defined in the file /etc/ldap.root.conf
• C. The default account admin with the password admin are used
• D. The account is defined by an ACL in slapd.conf
• E. The default account admin is used without a password

Answer: D

 

NEW QUESTION 41
The Samba configuration file contains the following lines:

A workstation is on the wired network with an IP address of 192.168.1.177 but is unable to access the Samba server. A wireless laptop with an IP address 192.168.2.93 can access the Samba server. Additional trouble shooting shows that almost every machine on the wired network is unable to access the Samba server.
Which alternate host allowdeclaration will permit wired workstations to connect to the Samba server without denying access to anyone else?

• A. host allow = 192.168.1.0/255.255.255.0 192.168.2.0/255.255.255.0 localhost
• B. host allow = 192.168.1.100 192.168.2.200 localhost
• C. host allow = 192.168.1.1-255
• D. host deny = 192.168.2.200/255.255.255.0 192.168.2.31 localhost
• E. host deny = 192.168.1.100/255.255.255.0 192.168.2.31 localhost

Answer: A,D

 

NEW QUESTION 42
Which Apache HTTPD configuration directive is used to specify the method of authentication, e.g. Noneor Basic?

• A. AllowedAuthUser
• B. AllowAuth
• C. AuthUser
• D. AuthType

Answer: D

Explanation:
Explanation
Explanation/Reference: https://httpd.apache.org/docs/2.4/howto/auth.html

 

NEW QUESTION 43
Which statements about the Alias and Redirect directives in Apache HTTPD's configuration file are true?
(Choose two.)

• A. Redirect works with regular expressions
• B. Alias is handled on the server side
• C. Alias can only reference files under DocumentRoot
• D. Redirect is handled on the client side
• E. Alias is not a valid configuration directive

Answer: B,D

 

NEW QUESTION 44
Which of the following actions synchronizes UNIX passwords with the Samba passwords when the encrypted Samba password is changed using smbpasswd?

• A. Add smb unix password = syncto smb.conf
• B. Run netvampregularly, to convert the passwords.
• C. Add unix password sync = yesto smb.conf
• D. Run winbind -sync, to synchronize the passwords.
• E. There are no actions to accomplish this since is not possible.

Answer: C

Explanation:
Explanation/Reference: https://www.oreilly.com/openbook/samba/book/ch06_04.html

 

NEW QUESTION 45
Performing a DNS lookup with digresults in this answer:

• A. There is no . after linuservin the PTR record in the forward lookup zone file
• B. There is no . after linuserv.example.netin the PTR record in the reverse lookup zone file
• C. The . in the NS definition in the reverse lookup zone has to be removed
• D. There is no . after linuserv.example.netin the PTR record in the forward lookup zone file

Answer: B

 

NEW QUESTION 46
A user requests a "hidden" Sambashare, named confidential, similar to the Windows Administration Share. How can this be configured?
A:

B:

C:

D:

E:

• A. Option B
• B. Option D
• C. Option C
• D. Option E
• E. Option A

Answer: D

 

NEW QUESTION 47
What does the samba-tool testparm command confirm regarding the Samba configuration?

• A. The Samba services are started automatically when the system boots.
• B. The configuration loads successfully.
• C. The netfilter configuration on the Samba server does not block any access to the services defined in the configuration.
• D. All running Samba processes use the most recent configuration version.
• E. The service operates as expected.

Answer: B

 

NEW QUESTION 48
In order to protect a directory on an Apache HTTPD web server with a password, this configuration was added to an .htaccess file in the respective directory:

Furthermore, a file /var/www/dir/ .htpasswd was created with the following content:
usera:S3cr3t
Given that all these files were correctly processed by the web server processes, which of the following statements is true about requests to the directory?

• A. The user usera can access the site using the password s3cr3t
• B. Accessing the directory as usera raises HTTP error code 442 (User Not Existent)
• C. The browser prompts the visitor for a username and password but logins for usera do not seem to work
• D. Requests are answered with HTTP error code 500 (Internal Server Error)
• E. The web server delivers the content of the directory without requesting authentication

Answer: A

 

NEW QUESTION 49
FILL BLANK
According to this LDIF excerpt, which organizational unit is Robert Smith part of? (Specify only the organizational unit.)

Answer:

Explanation:
people

 

NEW QUESTION 50
In order to prevent all anonymous FTP users from listing uploaded file names, what security precaution can be taken when creating an upload directory?

• A. The directory must not have the read permission set.
• B. The directory must not contain other directories.
• C. The directory must not have the execute permission set.
• D. The directory must not have the write permission set.
• E. The directory must not have the read or execute permission set.

Answer: A

Explanation:
Explanation

 

NEW QUESTION 51
If there is no access directive, what is the default setting for OpenLDAP?

• A. Option B
• B. Option D
• C. Option C
• D. Option A

Answer: A

 

NEW QUESTION 52
Which of the following actions synchronizes UNIX passwords with the Samba passwords when the encrypted Samba password is changed using smbpasswd?

• A. Add unix password sync = yes to smb.conf
• B. Run netvamp regularly, to convert the passwords.
• C. Add smb unix password = sync to smb.conf
• D. Run winbind -sync, to synchronize the passwords.
• E. There are no actions to accomplish this since is not possible.

Answer: A

 

NEW QUESTION 53
Which of the following services belongs to NFSv4 and does not exist in NFSv3?

• A. rpc.idmapd
• B. nfsd
• C. rpc.statd
• D. rpc.mountd

Answer: A

Explanation:
Explanation/Reference: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/ deployment_guide/ch-nfs

 

NEW QUESTION 54
Which of these sets of entries does the following command return?

• A. Entries that don't have a cn of marie and don't have a telephoneNumber beginning with 9.
• B. Entries that have a cn of marie or don't have a telephoneNumber beginning with 9.
• C. Entries that have a cn of marie or have a telephoneNumber beginning with 9.
• D. Entries that have a cn of marie and a telephoneNumber that ending with 9.
• E. Entries that don't have a cn of marie or don't have a telephoneNumber that begins with 9.

Answer: D

 

NEW QUESTION 55
For what purpose is TCP/IP stack fingerprinting used by nmap?

• A. It is used to identify duplicate responses from the same remote server.
• B. It is used to filter out responses from specific servers.
• C. It is used to determine the remote operating system.
• D. It is used to uniquely identify servers on the network for forensics.
• E. It is used to masquerade the responses of remote servers.

Answer: C

Explanation:
Explanation/Reference: https://nmap.org/nmap-fingerprinting-old.html

 

NEW QUESTION 56
In response to a certificate signing request, a certification authority sent a web server certificate along with the certificate of an intermediate certification authority that signed the web server certificate. What should be done with the intermediate certificate in order to use the web server certificate with Apache HTTPD?

• A. The intermediate certificate should be used to verify the certificate before its deployment on the web server and can be deleted
• B. The intermediate certificate should be archived and resent to the certification authority in order to request a renewal of the certificate
• C. The intermediate certificate should be merged with the web server's certificate into one file that is specified in SSLCertificateFile
• D. The intermediate certificate should be improved into the certificate store of the web browser used to test the correct operation of the web server
• E. The intermediate certificate should be stored in its own file which is referenced in SSLCaCertificateFile

Answer: C

 

NEW QUESTION 57
Which of the following DNS record types is used for reverse DNS queries?

• A. IN
• B. REV
• C. CNAME
• D. RIN
• E. PTR

Answer: E

 

NEW QUESTION 58
Which FTP names are recognized as anonymous users in vsftp when the option anonymous_enableis set to yes in the configuration files? (Choose two.)

• A. ftp
• B. anonymous
• C. nobody
• D. guest
• E. In the described configuration, any username which neither belongs to an existing user nor has another special meaning is treated as anonymous user.

Answer: A,B

Explanation:
Explanation/Reference:
Reference: http://vsftpd.beasts.org/vsftpd_conf.html#lbAE

 

NEW QUESTION 59
When trying to reverse proxy a web server through Nginx, what keyword is missing from the following configuration sample?

• A. forward_to
• B. proxy_reverse
• C. remote_proxy
• D. proxy_pass
• E. reverse_proxy

Answer: D

 

NEW QUESTION 60
Which of the following commands can be used to connect and interact with remote TCP network services?
(Choose two.)

• A. nc
• B. nettalk
• C. cat
• D. telnet
• E. netmap

Answer: A,D

 

NEW QUESTION 61
......

LPI 202-450 Exam Syllabus Topics:

Topic	Details
Domain Name Server
Basic DNS server configuration	Weight: 3 Description:Candidates should be able to configure BIND to function as a caching-only DNS server. This objective includes the ability to manage a running server and configuring logging. Key Knowledge Areas: -BIND 9.x configuration files, terms and utilities -Defining the location of the BIND zone files in BIND configuration files -Reloading modified configuration and zone files -Awareness of dnsmasq, djbdns and PowerDNS as alternate name servers The following is a partial list of the used files, terms and utilities: -/etc/named.conf -/var/named/ -/usr/sbin/rndc -kill -host -dig
Create and maintain DNS zones	Weight: 3 Description: Candidates should be able to create a zone file for a forward or reverse zone and hints for root level servers. This objective includes setting appropriate values for records, adding hosts in zones and adding zones to the DNS. A candidate should also be able to delegate zones to another DNS server. Key Knowledge Areas: -BIND 9 configuration files, terms and utilities -Utilities to request information from the DNS server -Layout, content and file location of the BIND zone files -Various methods to add a new host in the zone files, including reverse zones Terms and Utilities: -/var/named/ -zone file syntax -resource record formats -named-checkzone -named-compilezone -masterfile-format -dig -nslookup -host
Securing a DNS server	Weight: 2 Description: Candidates should be able to configure a DNS server to run as a non-root user and run in a chroot jail. This objective includes secure exchange of data between DNS servers. Key Knowledge Areas: -BIND 9 configuration files -Configuring BIND to run in a chroot jail -Split configuration of BIND using the forwarders statement -Configuring and using transaction signatures (TSIG) -Awareness of DNSSEC and basic tools -Awareness of DANE and related records Terms and Utilities: -/etc/named.conf -/etc/passwd -DNSSEC -dnssec-keygen -dnssec-signzone
Web Services
Implementing a web server	Weight: 4 Description: Candidates should be able to install and configure a web server. This objective includes monitoring the server’s load and performance, restricting client user access, configuring support for scripting languages as modules and setting up client user authentication. Also included is configuring server options to restrict usage of resources. Candidates should be able to configure a web server to use virtual hosts and customize file access. Key Knowledge Areas: -Apache 2.4 configuration files, terms and utilities -Apache log files configuration and content -Access restriction methods and files -mod_perl and PHP configuration -Client user authentication files and utilities -Configuration of maximum requests, minimum and maximum servers and clients -Apache 2.4 virtual host implementation (with and without dedicated IP addresses) -Using redirect statements in Apache’s configuration files to customize file access Terms and Utilities: - access logs and error logs -.htaccess -httpd.conf -mod_auth_basic, mod_authz_host and mod_access_compat -htpasswd -AuthUserFile, AuthGroupFile -apachectl, apache2ctl -httpd, apache2
Apache configuration for HTTPS	Weight: 3 Description: Candidates should be able to configure a web server to provide HTTPS. Key Knowledge Areas: -SSL configuration files, tools and utilities -Generate a server private key and CSR for a commercial CA -Generate a self-signed Certificate -Install the key and certificate, including intermediate CAs -Configure Virtual Hosting using SNI -Awareness of the issues with Virtual Hosting and use of SSL -Security issues in SSL use, disable insecure protocols and ciphers Terms and Utilities: -Apache2 configuration files -/etc/ssl/, /etc/pki/ -openssl, CA.pl -SSLEngine, SSLCertificateKeyFile, SSLCertificateFile -SSLCACertificateFile, SSLCACertificatePath -SSLProtocol, SSLCipherSuite, ServerTokens, ServerSignature, TraceEnable
Implementing a proxy server	Weight: 2 Description: Candidates should be able to install and configure a proxy server, including access policies, authentication and resource usage. Key Knowledge Areas: -Squid 3.x configuration files, terms and utilities -Access restriction methods -Client user authentication methods -Layout and content of ACL in the Squid configuration files Terms and Utilities: -squid.conf -acl -http_access
Implementing Nginx as a web server and a reverse proxy	Weight: 2 Description: Candidates should be able to install and configure a reverse proxy server, Nginx. Basic configuration of Nginx as a HTTP server is included. Key Knowledge Areas: -Nginx -Reverse Proxy -Basic Web Server Terms and Utilities: -/etc/nginx/ -nginx
File Sharing
SAMBA Server Configuration	Weight: 5 Description: Candidates should be able to set up a Samba server for various clients. This objective includes setting up Samba as a standalone server as well as integrating Samba as a member in an Active Directory. Furthermore, the configuration of simple CIFS and printer shares is covered. Also covered is a configuring a Linux client to use a Samba server. Troubleshooting installations is also tested. Key Knowledge Areas: -Samba 4 documentation -Samba 4 configuration files -Samba 4 tools and utilities and daemons -Mounting CIFS shares on Linux -Mapping Windows user names to Linux user names -User-Level, Share-Level and AD security Terms and Utilities: -smbd, nmbd, winbindd -smbcontrol, smbstatus, testparm, smbpasswd, nmblookup -samba-tool -net -smbclient -mount.cifs -/etc/samba/ -/var/log/samba/
NFS Server Configuration	Weight: 3 Description: Candidates should be able to export filesystems using NFS. This objective includes access restrictions, mounting an NFS filesystem on a client and securing NFS. Key Knowledge Areas: -NFS version 3 configuration files -NFS tools and utilities -Access restrictions to certain hosts and/or subnets -Mount options on server and client -TCP Wrappers -Awareness of NFSv4 Terms and Utilities: -/etc/exports -exportfs -showmount -nfsstat -/proc/mounts -/etc/fstab ​-rpcinfo -mountd -portmapper
Network Client Management
DHCP configuration	Weight: 2 Description: Candidates should be able to configure a DHCP server. This objective includes setting default and per client options, adding static hosts and BOOTP hosts. Also included is configuring a DHCP relay agent and maintaining the DHCP server. Key Knowledge Areas: -DHCP configuration files, terms and utilities -Subnet and dynamically-allocated range setup -Awareness of DHCPv6 and IPv6 Router Advertisements Terms and Utilities: -dhcpd.conf -dhcpd.leases -DHCP Log messages in syslog or systemd journal -arp -dhcpd -radvd -radvd.conf
PAM authentication	Weight: 3 Description: The candidate should be able to configure PAM to support authentication using various available methods. This includes basic SSSD functionality. Key Knowledge Areas: -PAM configuration files, terms and utilities -passwd and shadow passwords -Use sssd for LDAP authentication Terms and Utilities: -/etc/pam.d/ -pam.conf -nsswitch.conf -pam_unix, pam_cracklib, pam_limits, pam_listfile, pam_sss -sssd.conf
LDAP client usage	Weight: 2 Description: Candidates should be able to perform queries and updates to an LDAP server. Also included is importing and adding items, as well as adding and managing users. Key Knowledge Areas: -LDAP utilities for data management and queries -Change user passwords -Querying the LDAP directory Terms and Utilities: -ldapsearch -ldappasswd -ldapadd -ldapdelete
Configuring an OpenLDAP server	Weight: 4 Description: Candidates should be able to configure a basic OpenLDAP server including knowledge of LDIF format and essential access controls. Key Knowledge Areas: -OpenLDAP -Directory based configuration -Access Control -Distinguished Names -Changetype Operations -Schemas and Whitepages -Directories -Object IDs, Attributes and Classes Terms and Utilities: -slapd -slapd-config -LDIF -slapadd -slapcat -slapindex -/var/lib/ldap/ -loglevel
E-Mail Services
Using e-mail servers	Weight: 4 Description: Candidates should be able to manage an e-mail server, including the configuration of e-mail aliases, e-mail quotas and virtual e-mail domains. This objective includes configuring internal e-mail relays and monitoring e-mail servers. Key Knowledge Areas: -Configuration files for postfix -Basic TLS configuration for postfix -Basic knowledge of the SMTP protocol -Awareness of sendmail and exim Terms and Utilities: -Configuration files and commands for postfix -/etc/postfix/ -/var/spool/postfix/ -sendmail emulation layer commands -/etc/aliases -mail-related logs in /var/log/
Managing E-Mail Delivery	Weight: 2 Description: Candidates should be able to implement client e-mail management software to filter, sort and monitor incoming user e-mail. Key Knowledge Areas: -Understanding of Sieve functionality, syntax and operators -Use Sieve to filter and sort mail with respect to sender, recipient(s), headers and size -Awareness of procmail Terms and Utilities: -Conditions and comparison operators -keep, fileinto, redirect, reject, discard, stop -Dovecot vacation extension
Managing Remote E-Mail Delivery	Weight: 2 Description: Candidates should be able to install and configure POP and IMAP daemons. Key Knowledge Areas: -Dovecot IMAP and POP3 configuration and administration -Basic TLS configuration for Dovecot -Awareness of Courier Terms and Utilities: -/etc/dovecot/ -dovecot.conf -doveconf -doveadm
System Security

 

202-450 Exam Dumps Pass with Updated 2021: https://easypass.examsreviews.com/202-450-pass4sure-exam-review.html