01. Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?
a) --mlock
b) --no-swap
c) --root-swap
d) --keys-no-swap
02. A LUKS device was mapped using the command: cryptsetup luksOpen/dev/sda1 crypt-vol
Given that this device has three different keys, which of the following commands deletes only the first key?
a) cryptsetup luksDelKey /dev/sda 1 0
b) cryptsetup luksDelkey /dev/sda 1 1
c) cryptsetup luksDelKey / dev /mapper/crypt- vol 1
d) cryptsetup luksDelKey / dev /mapper/crypt- vol 0
03. In which path is the data, which can be altered by the sysctl command, accessible?
a) /dev/sys/
b) /sys/
c) /proc/sys/
d) /sysctl/
04. What is the purpose of the program snort-stat?
a) It displays statistics from the running Snort process.
b) It returns the status of all configured network devices.
c) It reports whether the Snort process is still running and processing packets.
d) It displays the status of all Snort processes.
e) It reads syslog files containing Snort information and generates port scan statistics.
05. Linux Extended File Attributes are organized in namespaces. Which of the following names correspond to existing attribute namespaces?
(Choose THREE correct answers.)
a) default
b) system
c) owner
d) trusted
e) user
06. When OpenVPN sends a control packet to its peer, it expects an acknowledgement in 2 seconds by default. Which of the following options changes the timeout period to 5 seconds?
a) -- tls-timeout 5
b) -- tls- timeout 500
c) -- tls- timer 5
d) -- tls- timer 500
07. How are SELinux permissions related to standard Linux permissions?
(Choose TWO correct answers.)
a) SELinux permissions override standard Linux permissions.
b) Standard Linux permissions override SELinux permissions.
c) SELinux permissions are verified before standard Linux permissions.
d) SELinux permissions are verified after standard Linux permissions.
08. Which of the following commands makes the contents of the eCryptfs encrypted directory ~/Private available to the user?
a) ecryptfsclient
b) ecryptfs.mount
c) ecryptfs-mount-private
d) decryptfs
e) ecryptfs-manage-directory
09. What effect does the following command have on TCP packets?
iptables- A INPUT d 10.142.232.1 p tcp --dport 20:21 j ACCEPT
a) Forward all TCP traffic not on port 20 or 21 to the IP address 10.142.232.1
b) Drop all TCP traffic coming from 10.142.232.1 destined for port 20 or 21.
c) Accept only TCP traffic from 10.142.232.1 destined for port 20 or 21.
d) Accept all TCP traffic on port 20 and 21 for the IP address 10.142.232.1
10. Which of the following resources of a shell and its child processes can be controlled by the Bash build-in command ulimit?
(Choose THREE correct answers.)
a) The maximum size of written files
b) The maximum number of open file descriptors
c) The maximum number of newly created files
d) The maximum number of environment variables
e) The maximum number of user processes
The purpose of this Sample Question Set is to provide you with information about the LPI Security - 303 exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the 303-300 certification test. To get familiar with real exam environment, we suggest you try our Sample LPI LPIC-3 Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual LPIC-3 Security certification exam.