Question 40: In order to protect a directory on an Apache HTTPD web server with a password, this configuration was added to an .htaccess file in the respective directory:
Furthermore, a file /var/www/dir/ .htpasswd was created with the following content: usera:S3cr3t
Given that all these files were correctly processed by the web server processes, which of the following statements is true about requests to the directory?
A. The user usera can access the site using the password s3cr3t
B. Accessing the directory as usera raises HTTP error code 442 (User Not Existent)
C. Requests are answered with HTTP error code 500 (Internal Server Error)
D. The browser prompts the visitor for a username and password but logins for usera do not seem to work E. The web server delivers the content of the directory without requesting authentication
Answer : E
Question 41: Which Apache HTTPD directive enables HTTPS protocol support?
A. HTTPSEngine on
B. SSLEngine on
C. SSLEnable on
D. HTTPSEnable on
E. StartTLS on
Answer : B
Question 42: Which statements about the Alias and Redirect directives in Apache HTTPD’s configuration file are true? (Choose two.)
A. Alias can only reference files under DocumentRoot
B. Redirect works with regular expressions
C. Redirect is handled on the client side
D. Alias is handled on the server side
E. Alias is not a valid configuration directive
Answer : C, D
Question 43: Which http_access directive for Squid allows users in the ACL named sales_net to only access the Internet at times specified in the time_acl named sales_time?
A. http_access deny sales_time sales_net
B. http_access allow sales_net sales_time
C. http_access allow sales_net and sales-time
D. allow http_access sales_net sales_time
E. http_access sales_net sales_time
Answer: B
Question 44: Which global option in squid.conf sets the port number or numbers that Squid will use to listen for client requests?
A. port
B. clien_port
C. http_port
D. server_port
E. squid_port
Answer: C
Question 45: When using mod_authz_core, which of the following strings can be used as an argument to Require in an Apache HTTPD configuration file to specify the authentication provider? (Choose three.) A. method
B. all
C. regex
D. header
E. expr
Answer : A, B ,E
Question 46: Which tool creates a Certificate Signing Request (CSR) for serving HTTPS with Apache HTTPD? A. apachect1
B. certgen
C. cartool
D. httpsgen
E. openssl
Answer: E
Question 47: In response to a certificate signing request, a certification authority sent a web server certificate along with the certificate of an intermediate certification authority that signed the web server certificate. What should be done with the intermediate certificate in order to use the web server certificate with Apache HTTPD?
A. The intermediate certificate should be merged with the web server’s certificate into one file that is specified in SSLCertificateFile
B. The intermediate certificate should be used to verify the certificate before its deployment on the web server and can be deleted
C. The intermediate certificate should be stored in its own file which is referenced in SSLCaCertificateFile
D. The intermediate certificate should be improved into the certificate store of the web browser used to test the correct operation of the web server
E. The intermediate certificate should be archived and resent to the certification authority in order to request a renewal of the certificate
Answer: A
Question 48: When trying to reverse proxy a web server through Nginx, what keyword is missing from the following configuration sample?
A. remote_proxy
B. reverse_proxy
C. proxy_reverse
D. proxy_pass
E. forward_to
Answer: D
Question 49: If there is no access directive, what is the default setting for OpenLDAP?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Question 50: A host, called lpi, with the MAC address 08:00:2b:4c:59:23 should always be given the IP address of 192.168.1.2 by a DHCP server running ISC DHCPD.
Which of the following configurations will achieve this?
A. Option A
B. Option B
C. Option C
D. Option D
E. Option E
Answer: D
Question 51 : How is the LDAP administrator account configured when the rootdn and rootpw directives are not present in the slapd.conf file?
A. The default account admin with the password admin are used
B. The account is defined by an ACL in slapd.conf
C. The default account admin is used without a password
D. The account is defined in the file /etc/ldap.secret
E. The account is defined in the file /etc/ldap.root.conf
Answer: B
Question 52: Which of the following PAM modules allows the system administrator to use an arbitrary file containing a list of user and group names with restrictions on the system resources available to them?
A. pam_filter
B. pam_limits
C. pam_listfile
D. pam_unix
Answer: B
Question 53: In a PAM configuration file, which of the following is true about the required control flag?
A. If the module returns success, no more modules of the same type will be invoked
B. The success of the module is needed for the module-type facility to succeed. If it returns a failure, control is returned to the calling application
C. The success of the module is needed for the module-type facility to succeed. However, all remaining modules of the same type will be invoked
D. The module is not critical and whether it returns success or failure is not important E. If the module returns failure, no more modules of the same type will be invoked
Answer: C
Question 54: How are PAM modules organized and stored?
A. As plain text files in /etc/security/
B. A statically linked binaries in /etc/pam.d/bin/
C. As Linux kernel modules within the respective sub directory of /lib/modules/
D. As shared object files within the /lib/ directory hierarchy
E. As dynamically linked binaries in /usr/lib/pam/sbin/
Answer : D
Question 55: Which of the following statements in the ISC DHCPD configuration is used to specify whether or not an address pool can be used by nodes which have a corresponding host section in the configuration?
A. identified-nodes
B. unconfigured-hosts C. missing-peers
D. unmatched-hwaddr
E. unknown-clients
Answer: E
Question 56: Which of the following authentication mechanisms are supported by Dovecot? (Choose three.)
A. ldap
B. digest-md5
C. cram-md5
D. plain
E. krb5
Answer: B, C ,D
Question 57: Which of the following services belongs to NFSv4 and does not exist in NFSv3? A. rpc.idmap
B. rpc.statd
C. nfsd
D. rpc.mountd
Answer: A
Bài hay quá