303-300試験無料問題集（121題）「Lpi LPIC Exam 303: Security, version 3.0 認定」

出題：1

What is the purpose of the program snort-stat?

A. It displays statistics from the running Snort process.

B. It returns the status of all configured network devices.

C. It reports whether the Snort process is still running and processing packets.

D. It reads syslog files containing Snort information and generates port scan statistics.

E. It displays the status of all Snort processes.

正解：D 解答を投票する

出題：2

An X509 certificate contains the following information:
X509v3 Basic Constraints: critical CA:TRUE, pathlen:0
Which of the following statements are true regarding the certificate?
(Choose THREE correct answers.)

A. This certificate will not be accepted by programs that do not understand the listed extension.

B. This certificate may be used to sign certificates of subordinate certification authorities.

C. This certificate may never be used to sign any other certificates.

D. This certificate belongs to a certification authority.

E. This certificate may be used to sign certificates that are not also a certification authority.

正解：B,D,E 解答を投票する

出題：3

Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate?

A. subjectAltName = DNS: www.example.org, DNS:example.org

B. commonName = subjectAltName= www.example.org, subjectAltName = example.org

C. extension= SAN: www.example.org, SAN:example.org

D. subjectAltName: www.example.org, subjectAltName: example.org

E. subject= CN= www.example.org, CN=example.org

正解：A 解答を投票する

出題：4

Which of the following access control models is established by using SELinux?

A. Group Access Control (GAC)

B. User Access Control (UAC)

C. Discretionary Access Control (DAC)

D. Security Access Control (SAC)

E. Mandatory Access Control (MAC)

正解：E 解答を投票する

出題：5

Which of the following is NOT a benefit of using HID?

A. Provides automatic removal of detected threats

B. Allows for quick response to security incidents

C. Helps prevent security incidents from occurring

D. Provides real-time detection of security incidents

正解：A 解答を投票する

出題：6

Which command revokes ACL-based write access for groups and named users on the file afile?

A. setfacl ~m mask: : rx afile

B. setfacl -x mask: : rx afile

C. setfacl -x group: * : rx, user:*: rx afile

D. setfacl ~m group: * : rx, user :*: rx afile

正解：A 解答を投票する

出題：7

How can host scans be automated on a Linux system?

A. Using OpenSCAP

B. Using Linux Audit system

C. Using chkrootkit

D. Using cron

正解：D 解答を投票する

出題：8

Which protocol is commonly used to transmit X.509 certificates?

A. FTPS

B. LDAP

C. HTTPS

D. SMTPS

正解：B 解答を投票する

出題：9

Given a proper network and name resolution setup, which of the following commands establishes a trust between a FreeIPA domain and an Active Directory domain?

A. ipa-ad -add-trust --account ADDOM\Administrator--query-password

B. ipa ad join addom -U Administrator -w

C. ipa trust-add --type ad addom --admin Administrator --password

D. net ad ipajoin addom -U Administrator -p

E. trustmanager add --domain ad: //addom --user Administrator -w

正解：C 解答を投票する

出題：10

Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?

A. SSLRequestClientCert always

B. SSLPolicy valid-client-cert

C. Limit valid-x509

D. Require valid-x509

E. SSLVerifyClient require

正解：E 解答を投票する

303-300試験無料問題集「Lpi LPIC Exam 303: Security, version 3.0 認定」