2014 LPI 117-202 Dumps Free Download(41-50)

QUESTION 41
In a PAM configuration file, which of the following is true about the required control flag?

A.    If the module returns success, no more modules of the same type will be invoked
B.    The success of the module is needed for the module-type facility to succeed. If it returns a failure, control is returned to the calling application
C.    The success of the module is needed for the module-type facility to succeed However, all remaining modules of the same type will be invoked.
D.    The module is not critical and whether it returns success or failure is not important.
E.    If the module returns failure, no more modules of the same type will be invoked

Answer: C

QUESTION 42
In which directory are the PAM modules stored?
Answer: /lib/security

QUESTION 43
As of Linux kernel 2.4, which software is used to configure a VPN?

A.    IPSec
B.    SSH
C.    net – tools
D.    FreeS/WAN
E.    iproute2

Answer: D

QUESTION 44
A program, called vsftpd, running in a chroot jail, is giving the following error:
/bin/vsftpd: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory.
Which TWO of the following are possible solutions?

A.    Get the vsftp source code and compile it statically.
B.    The file /etc/ld.so.conf must contain the path to the appropriate lib directory in the chroot jail.
C.    Create a symbolic link that points to the required library outside the chroot jail.
D.    Copy the required library to the appropriate lib directory in the chroot jail.
E.    Run the program using the command chroot and the option -static_libs.

Answer: AD

QUESTION 45
Which of the following can the program tripwire NOT check?

A.    File size.
B.    File signature.
C.    Permissions.
D.    File existence.
E.    Boot sectors.

Answer: E

QUESTION 46
The following is an excerpt from the output of tcpdump -nli eth1 ‘udp’: 13:03:17.277327 IP 192.168.123.5.1065 > 192.168.5.112.53: 43653+ A? lpi.org. (25) 13:03:17.598624 IP 192.168.5.112.53 > 192.168.123.5.1065: 43653 1/0/0 A 24.215.7.109 (41) Which network service or protocol was used?

A.    FTP
B.    HTTP
C.    SSH
D.    DNS
E.    DHCP

Answer: D

QUESTION 47
According to the tcpdump output below, what is the IP address of the client host?
Answer: 192.168.246.11

QUESTION 48
Running tcpdump -nli eth1 ‘icmp’ shows the following output:
11:56:35.599063 IP 192.168.123.5 > 194.25.2.129: icmp 64: echo request seq 1
11:56:35.670910 IP 194.25.2.129 > 192.168.123.5: icmp 64: echo reply seq 1
What command was used on the host 192.168.123.5, to generate this output?
Answer: ping

QUESTION 49
A server is being used as a smurf amplifier, whereby it is responding to ICMP Echo-Request packets sent to its broadcast address. To disable this, which command needs to be run?

A.    ifconfig eth0 nobroadcast
B.    echo “0” > /proc/sys/net/ipv4/icmp_echo_accept_broadcasts
C.    iptables -A INPUT -p icmp -j REJECT
D.    echo “1” > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
E.    echo “1” > /proc/sys/net/ipv4/icmp_echo_nosmurf

Answer: D

QUESTION 50
When the default policy for the iptables INPUT chain is set to DROP, why should a rule allowing traffic to localhost exist?

A.    All traffic to localhost must always be allowed.
B.    It doesn’t matter; iptables never affects packets addressed to localhost
C.    Sendmail delivers emails to localhost
D.    Some applications use the localhost interface to communicate with other applications.
E.    syslogd receives messages on localhost

Answer: D

If you want to pass the LPI 117-202 Exam sucessfully, recommend to read latest LPI 117-202 Exam full version.

http://www.lead2pass.com/117-202.html