117-202 Online Practice Questions and Answers
Select the TWO correct statements about the following excerpt from httpd.conf:
Order allow, deny
Deny from all
A. The configuration will deny access to /var/web/dir1/private.html, /var/web/dirl/subdir2/private.html, /var/web/dirl/subdir3/private.html and any other instance of private.html found under the /var/web/dir1/directory.
B. The configuration will deny access to /var/web/dir1/private.html, but it will allow access to /var/web/dirl/subdir2/private.htm1, for example.
C. The configuration will allow access to any file named private.html under /var/web/dir1, but it will deny access to any other files
D. The configuration will allow access just to the file named private.html under /var/web/dir1
E. The configuration will allow access to /var/web/private.html, if it exists
Which of the following lines in the Apache configuration file would allow only clients with a valid certificate to access the website?
A. SSLCA conf/ca.crt
B. AuthType ssl
C. IfModule libexec/ssl.c
D. SSLRequire
E. SSLVerifyClient require
The new file server is a member of the Windows domain "foo". Which TWO of the following configuration sections will allow members of the domain group "all" to read, write and execute files in "/srv/smb/data"?
A. [data] comment = data share path = /srv/smb/data write list = @foo+all force group = @foo+all create mask = 0550 directory mask = 0770
B. [data] comment = data share path = /srv/smb/data write list = @foo+all force group = @foo+all create mask = 0770 directory mask = 0770
C. [data] path = /srv/smb/data write list = @foo+all force group = @foo+all create mask = 0770 directory mask = 0770
D. [data] comment = data share path = /srv/smb/data write list = @foo+all force group = @foo+all directory mask = 0770
E. [data] comment = data share path = /srv/smb/data write list = @foo+all force group = all create mask = 0550 directory mask = 0770
During which stage of the boot process would this message be seen?
Ide0: BM-DMA at 0xff00-0xff07, BIOS settings: hda:DMA, hdb:DMA
A. Boot loader start and hand off to kernel
B. Kernel loading
C. Hardware initialization and setup
D. Daemon initialization and setup
Considering the following kernel IP routing table below, which of the following commands must be used to remove the route to the network 10.10.1.0/24?
A. route del 10.10.1.0
B. route del 10.10.1.0/24
C. route del - net 10.10.1.0/24
D. route del 10.10.1.0/24 gw 192.168.246.11
E. route del -net 10.10.1.0
A web server is expected to handle approximately 200 simultaneous requests during normal use with an occasional spike in activity and is performing slowly. Which directives in httpd.conf need to be adjusted?
A. MinSpareServers and MaxSpareServers.
B. MinSpareServers, MaxSpareServers, StartServers and MaxClients.
C. MinServers, MaxServers and MaxClients.
D. MinSpareServers, MaxSpareServers, StartServers, MaxClients and KeepAlive.
In the file /var/squid/url_blacklist is a list of URLs that users should not be allowed to access. What is the correct entry in Squid's configuration file to create an acl named blacklist based on this file?
A. acl blacklist urlpath_regex /var/squid/url_blacklist
B. acl blacklist file /var/squid/url_blacklist
C. acl blacklist "/var/squid/url_blacklist"
D. acl blacklist urlpath_regex "/var/squid/url_blacklist"
E. acl urlpath_regex blacklist /var/squid/url_blacklist
Why are different IP addresses recommended when hosting multiple HTTPS virtual hosts? (Choose TWO correct answers.)
A. Apache caches SSL keys based on IP address.
B. The SSL connection is made before the virtual host name is known by the server.
C. The SSL key is tied to a specific IP address when issued by the Certificate Authority.
D. This is only needed when dynamic content is being generated by more than one of the virtual hosts.
E. The Server Name Indication extension to TLS is not universally supported.
Which of the following is needed, to synchronise the UNIX password with the Samba password, when the encrypted Samba password in the smbpasswd file is changed?
A. Nothing, because this is not possible.
B. Run netvamp regularly, to convert the passwords.
C. Run winbind --sync, to synchronise the passwords.
D. Add unix password sync = yes to smb.conf.
E. Add smb unix password = sync to smb.conf.
When the default policy for the netfilter INPUT chain is set to DROP, why should a rule allowing traffic to localhost exist?
A. All traffic to localhost must always be allowed.
B. It doesn't matter; netfilter never affects packets addressed to localhost.
C. Some applications use the localhost interface to communicate with other applications.
D. syslogd receives messages on localhost.