[Q17-Q42] Get New 2025 Lpi 303-300 Exam Dumps Bundle On flat Updated Dumps!

Get New 2025 Lpi exam 303-300 Dumps Bundle On flat Updated Dumps!

Full 303-300 Practice Test and 121 unique questions with explanations waiting just for you, get it now!

NEW QUESTION # 17
Which of the following statements is true regarding eCryptfs?

• A. For every file in an eCryptfs directory there exists a corresponding file that contains the encrypted content.
• B. eCryptfs cannot be used to encrypt only directories that are the home directory of a regular Linux user.
• C. After unmounting an eCryptfs directory, the directory hierarchy and the original file names are still visible, although, it is not possible to view the contents of the files.
• D. When a user changes his login password, the contents of his eCryptfs home directory has to be re- encrypted using his new login password.
• E. The content of all files in an eCryptfs directory is stored in an archive file similar to a tar file with an additional index to improve performance.

Answer: B

NEW QUESTION # 18
What is a buffer overflow?

• A. A type of denial-of-service attack
• B. A type of malware that disguises itself as legitimate software
• C. A type of virus
• D. A type of software vulnerability

Answer: D

NEW QUESTION # 19
Which of the following commands defines an audit rule that monitors read and write operations to the file/ etc/firewall/rules and associates the rule with the name firewall?

• A. auditctl --read /etc/firewall/rules --write /etc/firewall/rules --label firewall
• B. auditctl -A -f /etc/firewall/rules -o r -o w -l firewall
• C. auditctl -N firewall -r r: /etc/firewall/rules -r w: etc/firewall/rules
• D. auditctl -w /etc/firewall/rules -p rw -k firewall
• E. echo "n: firewall r:/etc/firewall/rules: w:/etc/firewall/rules:" | auditctl ~

Answer: D

NEW QUESTION # 20
A LUKS device was mapped using the command: cryptsetup luksOpen/dev/sda1 crypt-vol Given that this device has three different keys, which of the following commands deletes only the first key?

• A. cryptsetup luksDelKey / dev /mapper/crypt- vol 0
• B. cryptsetup luksDelKey /dev/sda 1 0
• C. cryptsetup luksDelkey /dev/sda 1 1
• D. cryptsetup luksDelKey / dev /mapper/crypt- vol 1

Answer: C

NEW QUESTION # 21
Which command, included in BIND, generates DNSSEC keys?
(Specify ONLY the command without any path or parameters.)
Solution: dnssec-keygen
Determine whether the given solution is correct?

• A. Correct
• B. Incorrect

Answer: A

NEW QUESTION # 22
Which of the following command lines sets the administrator password for ntop to testing 123?

• A. ntop --set-admin-password=testing123
• B. ntop --set-new-password=testing123
• C. ntop --set-password=testing123
• D. ntop --reset-password=testing123

Answer: A

NEW QUESTION # 23
What is an X.509 Certificate?

• A. A digital document that verifies the identity of a website
• B. A digital document that verifies the identity of a company
• C. A digital document that verifies the identity of a device
• D. A digital document that verifies the identity of a person

Answer: A

NEW QUESTION # 24
Which of the following statements are valid wireshark capture filters?
(Choose TWO correct answers.)

• A. portrange 10000/tcp-15000/tcp
• B. portrange 10000-15000 and tcp
• C. port-range tcp 10000-15000
• D. tcp portrange 10000-15000
• E. port range 10000:tcp-15000:tcp

Answer: B,D

NEW QUESTION # 25
An X509 certificate contains the following information:
X509v3 Basic Constraints: critical CA:TRUE, pathlen:0
Which of the following statements are true regarding the certificate?
(Choose THREE correct answers.)

• A. This certificate may be used to sign certificates that are not also a certification authority.
• B. This certificate will not be accepted by programs that do not understand the listed extension.
• C. This certificate may never be used to sign any other certificates.
• D. This certificate may be used to sign certificates of subordinate certification authorities.
• E. This certificate belongs to a certification authority.

Answer: A,D,E

NEW QUESTION # 26
Which of the following components are part of FreeIPA?
(Choose THREE correct answers.)

• A. Directory Server
• B. Public Key Infrastructure
• C. DHCP Server
• D. Kerberos KDC
• E. Intrusion Detection System

Answer: A,B,D

NEW QUESTION # 27
What is a DoS attack?

• A. An attack that targets a specific user or organization
• B. An attack that exploits a vulnerability in software
• C. An attack that floods a network or server with traffic to make it unavailable
• D. An attack that aims to steal sensitive information

Answer: C

NEW QUESTION # 28
What is a rogue access point?

• A. A type of virus
• B. A type of phishing scam
• C. An unauthorized access point that is set up to look like a legitimate one
• D. A legitimate access point that is incorrectly configured

Answer: C

NEW QUESTION # 29
What is Linux Malware Detect?

• A. A configuration management tool
• B. A tool to detect malware on a Linux system
• C. A package management tool
• D. A tool to automate host scans

Answer: B

NEW QUESTION # 30
What happens when the command getfattr afile is run while the file afile has no extended attributes set?

• A. getfattr prints a warning and exits with a values of 0.
• B. getfattr prints a warning and exits with a value of 1.
• C. No outputs is produced and getfattr exits with a value of 1.
• D. No output is produced and getfattr exits with a value of 0.

Answer: D

NEW QUESTION # 31
What is a Trojan?

• A. A type of denial-of-service attack
• B. A type of virus
• C. A type of malware that disguises itself as legitimate software
• D. A type of phishing scam

Answer: C

NEW QUESTION # 32
Which of the following statements describes the purpose of ndpmon?

• A. It monitors the network for IPv4 nodes that have not yet migrated to IPv6.
• B. It monitors the network for neighbor discovery messages from new IPv6 hosts and routers.
• C. It monitors the availability of a network link by querying network interfaces.
• D. It monitors remote hosts by periodically sending echo requests to them.
• E. It monitors log files for failed login attempts in order to block traffic from offending network nodes.

Answer: B

NEW QUESTION # 33
Which of the following is an example of an HID tool?

• A. Firewall
• B. Intrusion prevention system (IPS)
• C. Security information and event management (SIEM) system
• D. Antivirus software

Answer: C

NEW QUESTION # 34
Which of the following statements are true regarding the certificate of a Root CA?
(Choose THREE correct answers.)

• A. It must contain an X509v3 Authority extension.
• B. It has an infinite lifetime and never expires.
• C. It does not include the private key of the CA.
• D. It must contain a host name as the common name.
• E. It is a self-signed certificate.

Answer: A,C,E

NEW QUESTION # 35
Which file is used to configure rkhunter?

• A. /etc/audit/auditd.conf
• B. /etc/rkhunter.conf
• C. /etc/aide/aide.conf
• D. /etc/maldet.conf

Answer: B

NEW QUESTION # 36
What is Cryptography?

• A. The art of decoding messages
• B. The art of sending secret messages
• C. The art of sending public messages
• D. The art of sending anonymous messages

Answer: B

NEW QUESTION # 37
What is an asymmetric key?

• A. A key used for encryption and decryption that is the same
• B. A key used for both encryption and decryption that is generated in a pair
• C. A key used for encryption that is different from the key used for decryption
• D. A key used for decryption that is different from the key used for encryption

Answer: B

NEW QUESTION # 38
What effect does the configuration SSLStrictSNIVHostCheck on have on an Apache HTTPD virtual host?

• A. Despite its configuration, the virtual host is served only on the common name and Subject Alternative
• B. The virtual host is used as a fallback default for all clients that do not support SNI.
• C. The clients connecting to the virtual host must provide a client certificate that was issued by the same CA that issued the server's certificate.
• D. All of the names of the virtual host must be within the same DNS zone.
• E. The virtual host is served only to clients that support SNI.

Answer: E

NEW QUESTION # 39
What is a symmetric key?

• A. A key used for encryption and decryption that is the same
• B. A key used for both encryption and decryption that is generated randomly
• C. A key used for encryption that is different from the key used for decryption
• D. A key used for decryption that is different from the key used for encryption

Answer: A

NEW QUESTION # 40
What is the difference between a SetUID and SetGID bit?

• A. SetUID allows a user to change the owner of a file, while SetGID allows a user to change the group owner of a file
• B. SetUID applies to files, while SetGID applies to directories
• C. SetUID allows a file to be executed with the permissions of the file owner, while SetGID allows a file to be executed with the permissions of the group owner
• D. There is no difference between SetUID and SetGID

Answer: C

NEW QUESTION # 41
What is OCSP stapling?

• A. A mechanism that allows a server to provide proof of the revocation status of its own SSL/TLS certificate
• B. A mechanism that allows a server to provide proof of the revocation status of all certificates issued by a particular Certificate Authority
• C. A mechanism that allows a server to provide proof of a client's identity to other servers
• D. A mechanism that allows a server to provide proof of its own identity to clients

Answer: A

NEW QUESTION # 42
......

Reduce Your Chance of Failure in 303-300 Exam: https://dumpstorrent.exam4pdf.com/303-300-dumps-torrent.html