LPIC-3 Security Exam Questions

Questions and Answers

What option of mount.cifs specifies the user that appears as the local owner of the files of a mounted CIFS share when the server does not provide ownership information? (Specify ONLY the option name without any values or parameters.)

uid

Which of the following practices are important for the security of private keys? (Choose TWO correct answers.)

• Private keys should be uploaded to public key servers.
• Private keys should always be stored as plain text files without any encryption.
• Private keys should be included in X509 certificates. (correct)
• Private keys should have a sufficient length for the algorithm used for key generation. (correct)
• Private keys should be created on the systems where they will be used and should never leave them.

What is the purpose of NSEC3 in DNSSEC?

• To prevent zone enumeration (correct)
• To sign a DNS zone
• To authenticate a DNS server
• To provide information about DNSSEC key signing keys

Which command is used to run a new shell for a user changing the SELinux context? (Specify ONLY the command without any path or parameters.)

newrole

Which file is used to configure AIDE?

/etc/aide/aide.conf (B)

Which of the following statements describes the purpose of ndpmon?

It monitors the network for neighbor discovery messages from new IPv6 hosts and routers. (E)

What is an asymmetric key?

A key used for both encryption and decryption that is generated in a pair (B)

Which of the following is an example of a behavioral-based HID technique?

Anomaly-based detection (B)

Which command revokes ACL-based write access for groups and named users on the file afile? (Specify ONLY the command without any path or parameters.)

setfacl ~m mask: : rx afile

Which command is used to set an extended attribute on a file in Linux?

setfattr (B)

What is the purpose of a Certificate Authority (CA)?

To issue and sign X.509 certificates (C)

Which of the following DNS records are used in DNSSEC?

RRSIG (C)

Which command adds users using SSSD’s local service?

sss_useradd (C)

What is the purpose of the Linux Audit system?

To monitor and control access to system resources (A)

Which directive is used in an OpenVPN server configuration to send network configuration information to the client?

push (B)

Which of the following sections are allowed within the Kerberos configuration file krb5.conf?

[domain_realm] (A), [realms] (C), [plugins] (D)

What is the main purpose of Linux Malware Detect?

To detect malware on a Linux system (B)

Which method can be used to deactivate a rule in Snort?

By placing a # in front of the rule and restarting Snort (B), By deleting the rule and waiting for Snort to reload its rules files automatically (D)

What type of threat is a Trojan?

A type of malware that disguises itself as legitimate software (B)

What is the purpose of the command iptables -t mangle -A POSTROUTING -o eth0 -j SNAT --to-source 192.0.2.11?

To perform source NAT on outgoing traffic on eth0 (C)

What type of access point is set up to look like a legitimate one?

An unauthorized access point that is set up to look like a legitimate one (B)

What is the purpose of the dnssec-keygen command?

To generate DNSSEC keys (C)

What is the purpose of file ownership in Linux systems?

To restrict access to files only to their owner (A)

What type of DNS record can the command dnssec-signzone add to a zone?

NSEC (B)

What is the purpose of a client configuration in FreeRADIUS?

To authenticate and authorize clients (C)

What is the purpose of dnssec-signzone command?

To sign a DNS zone with DNSSEC (C)

What is the function of ndpmon?

To monitor remote hosts by periodically sending echo requests (B)

What is the type of key used for encryption and decryption that is the same?

Symmetric key (D)

Which type of detection is an example of a behavioral-based HID technique?

Anomaly-based detection (B)

What is the command to set an extended attribute on a file in Linux?

setfattr (C)

What is the name of the configuration file for OCSP stapling?

httpd-ssl.conf (B)

Which of the following database names can be used within a Name Service Switch (NSS) configuration file?

all of the above (D)

What is the purpose of an asymmetric key?

Encryption and decryption with a pair of keys (C)

What is the purpose of a trust anchor?

A root certificate that is trusted by a particular CA (C)

What is the command to revoke ACL-based write access for groups and named users on a file?

setfacl ~m mask: : rx (B)

What type of attack floods a network or server with traffic to make it unavailable?

An attack that floods a network or server with traffic to make it unavailable (B)

What is the purpose of a TLSA record in DANE?

To sign a TLS server's public key (B)

Which command is used to set the permissions of a file in Linux?

chmod (D)

Which DNS record is used to publish X.509 certificate and certificate authority information in DNS?

CAA (B)

What type of rules can be specified within the Linux Audit system?

All of the above (D)

Which built-in chain for the iptables nat table is used for Source Network Address Translation (SNAT)?

POSTROUTING (A)

What resources of a shell and its child processes can be controlled by the Bash built-in command ulimit?

All of the above (D)

What type of access control model is established by using SELinux?

Mandatory Access Control (MAC) (B)

Which option of the openvpn command is used to ensure that ephemeral keys are not written to the swap space?

--mlock (D)

Which of the following is an existing attribute namespace in Linux?

system (B), trusted (C)

What type of scan technique is used by nmap to identify open ports?

FIN Scan (B), Xmas Scan (C)

Which command is used to view the access control list of a file?

getfacl (D)

What is the purpose of a man-in-the-middle attack?

To intercept communications between two parties (C)

Which command is used to add a new user to FreeIPA?

ipa user-add usera --first User --last A (B)

Which type of traffic is accepted from 10.142.232.1?

TCP traffic on port 20 and 21 (B)

What is the purpose of rkhunter?

To detect rootkits and other security threats (A)

What is a certificate chain?

A sequence of certificates used to verify the authenticity of a digital certificate (C)

What is the purpose of file ownership in Linux systems?

To restrict access to files only to their owner (C)

What is a trust anchor?

A root certificate that is trusted by a particular CA (B)

What is a Trojan?

A type of malware that disguises itself as legitimate software (C)

What is a rogue access point?

An unauthorized access point that is set up to look like a legitimate one (C)

What is a TLSA record in DANE used for?

To sign a TLS server's public key (C)

What is the purpose of an access control list in Linux?

To specify fine-grained permissions for users and groups (B)

What authentication method was added to NFS in version 4?

Kerberos authentication (C)

Study Notes

Network Monitoring

• Ping is used to monitor remote hosts by periodically sending echo requests to them.
• It monitors the availability of a network link by querying network interfaces.

Asymmetric Keys

• An asymmetric key is a key used for both encryption and decryption that is generated in a pair.

HID Techniques

• Anomaly-based detection is an example of a behavioral-based HID technique.

File Access Control

• The setfacl command is used to set access control lists (ACLs) on files.
• The setfacl –x command revokes ACL-based write access for groups and named users on a file.
• The setfattr command is used to set extended attributes on a file in Linux.

Apache HTTPD Configuration

• The OCSP stapling option in an Apache HTTPD configuration file enables OCSP stapling.

Database Names

• The following database names can be used within a Name Service Switch (NSS) configuration file: passwd, host, and shadow.

Access Control Models

• SELinux establishes Mandatory Access Control (MAC).

OpenVPN

• The --mlock option of the openvpn command ensures that ephemeral keys are not written to the swap space.

Linux Extended File Attributes

• Linux Extended File Attributes are organized in namespaces: system, trusted, and user.

Nmap Scan Techniques

• Xmas Scan and FIN Scan are existing scan techniques with nmap.

File Access Control List

• The getfacl command is used to view the access control list of a file.

FreeIPA

• The ipa user-add command adds a new user to FreeIPA.

Man-in-the-Middle Attack

• A man-in-the-middle attack intercepts communications between two parties to steal information.

Setkey

• The spdadd option is used in a parameter file for setkey to create a new SPD entry.

Snort

• Placing a # in front of a rule and restarting Snort, or placing a pass rule in local.rules and restarting Snort, can be used to deactivate a rule in Snort.

SSSD

• The sss_useradd command adds users using SSSD's local service.

DNSSEC

• RRSIG records are used in DNSSEC.

Certificate Authority

• A Certificate Authority (CA) issues and signs X.509 certificates.

OpenVPN Server Configuration

• The push directive is used in an OpenVPN server configuration to send network configuration information to the client.

Kerberos Configuration

• The following sections are allowed within the Kerberos configuration file krb5.conf: [plugins], [domain], [capaths], and [realms].

Linux Audit System

• The Linux Audit system detects intrusions and system changes.

Linux Malware Detect

• Linux Malware Detect is a tool to detect malware on a Linux system.

Trojan

• A Trojan is a type of malware that disguises itself as legitimate software.

Rogue Access Point

• A rogue access point is an unauthorized access point that is set up to look like a legitimate one.

DNSSEC Key Generation

• The dnssec-keygen command generates DNSSEC keys.

FreeRADIUS Client Configuration

• The client private-network-1 stanza is a valid client configuration for FreeRADIUS.

DNS Record Types

• The dnssec-signzone command can add ASIG, NSEC, NSEC3, and RRSIG records to a zone.

File Ownership

• File ownership in Linux systems restricts access to files only to their owner.

DoS Attack

• A DoS attack floods a network or server with traffic to make it unavailable.

Trust Anchor

• A trust anchor is a root certificate that is trusted by a particular CA.

Linux Audit System Rules

• The following types can be specified within the Linux Audit system: control rules, file system rules, and system call rules.

Iptables NAT Table

• The following keywords can be specified within the iptables nat table: OUTPUT, POSTROUTING, and PREROUTING.

File Permissions

• The chmod command is used to set the permissions of a file in Linux.

DNS Records

• The CAA record is used to publish X.509 certificate and certificate authority information in DNS.

DANE

• The TLSA record is used to authenticate a TLS server's public key in DANE.

Description

Practice questions for LPIC-3 Security exam, covering topics such as file system management and security. Prepare for your IT certification exam with these questions.