2014 LPI 117-202 Dumps Free Download(41-50)

In a PAM configuration file, which of the following is true about the required control flag?

A.    If the module returns success, no more modules of the same type will be invoked
B.    The success of the module is needed for the module-type facility to succeed. If it returns a failure, control is returned to the calling application
C.    The success of the module is needed for the module-type facility to succeed However, all remaining modules of the same type will be invoked.
D.    The module is not critical and whether it returns success or failure is not important.
E.    If the module returns failure, no more modules of the same type will be invoked

Answer: C

In which directory are the PAM modules stored?
Answer: /lib/security

As of Linux kernel 2.4, which software is used to configure a VPN?

A.    IPSec
B.    SSH
C.    net – tools
D.    FreeS/WAN
E.    iproute2

Answer: D

A program, called vsftpd, running in a chroot jail, is giving the following error:
/bin/vsftpd: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory.
Which TWO of the following are possible solutions?

A.    Get the vsftp source code and compile it statically.
B.    The file /etc/ld.so.conf must contain the path to the appropriate lib directory in the chroot jail.
C.    Create a symbolic link that points to the required library outside the chroot jail.
D.    Copy the required library to the appropriate lib directory in the chroot jail.
E.    Run the program using the command chroot and the option -static_libs.

Answer: AD

Which of the following can the program tripwire NOT check?

A.    File size.
B.    File signature.
C.    Permissions.
D.    File existence.
E.    Boot sectors.

Answer: E

The following is an excerpt from the output of tcpdump -nli eth1 ‘udp’: 13:03:17.277327 IP > 43653+ A? lpi.org. (25) 13:03:17.598624 IP > 43653 1/0/0 A (41) Which network service or protocol was used?

A.    FTP
B.    HTTP
C.    SSH
D.    DNS
E.    DHCP

Answer: D

According to the tcpdump output below, what is the IP address of the client host?

Running tcpdump -nli eth1 ‘icmp’ shows the following output:
11:56:35.599063 IP > icmp 64: echo request seq 1
11:56:35.670910 IP > icmp 64: echo reply seq 1
What command was used on the host, to generate this output?
Answer: ping

A server is being used as a smurf amplifier, whereby it is responding to ICMP Echo-Request packets sent to its broadcast address. To disable this, which command needs to be run?

A.    ifconfig eth0 nobroadcast
B.    echo “0” > /proc/sys/net/ipv4/icmp_echo_accept_broadcasts
C.    iptables -A INPUT -p icmp -j REJECT
D.    echo “1” > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
E.    echo “1” > /proc/sys/net/ipv4/icmp_echo_nosmurf

Answer: D

When the default policy for the iptables INPUT chain is set to DROP, why should a rule allowing traffic to localhost exist?

A.    All traffic to localhost must always be allowed.
B.    It doesn’t matter; iptables never affects packets addressed to localhost
C.    Sendmail delivers emails to localhost
D.    Some applications use the localhost interface to communicate with other applications.
E.    syslogd receives messages on localhost

Answer: D

If you want to pass the LPI 117-202 Exam sucessfully, recommend to read latest LPI 117-202 Exam full version.


Lead2pass Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99-$49.99
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back