Spring Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. LPI
  3. LPIC Level 3
  4. 303-200
  5. 303-200: LPIC-3 Exam 303: Security, version 2.0 Questions and Answers

303-200 303-200: LPIC-3 Exam 303: Security, version 2.0 Questions and Answers

Questions 4

What effect does the following command have on TCP packets?

iptables- A INPUT -d 10 142 232.1 -p tcp -dport 20:21 -j ACCEPT

Options:

A.

Forward all TCP traffic not on port 20 or 21 to the IP address 10.142 232.1

B.

Drop all TCP traffic coming from 10 142 232.1 destined for port 20 or 21.

C.

Accept only TCP traffic from 10.142 232.1 destined for port 20 or 21.

D.

Accept all TCP traffic on port 20 and 21 for the IP address 10.142.232.1

Buy Now
Questions 5

Which of the following statements are valid wireshark capture filters? {Choose TWO correct answers.)

Options:

A.

port range 10000:tcp-15000:tcp

B.

port-range tcp 10000-15000

C.

tcp portrange 10000-15000

D.

portrange 10000/tcp-15000/tcp

E.

portrange 10000-15000 and tcp

Buy Now
Questions 6

in which path is the data, which can be altered by the sysctl command, accessible?

Options:

A.

/dev/sys/

B.

/sys/

C.

/proc/sys/

D.

/sysctl/

Buy Now
Questions 7

Which command is used to run a new shell for a user changing the SELinux context? (Specify ONLY the command without any path or parameters.)

Options:

Buy Now
Questions 8

Which of the following statements is used in a parameter file for setkey in order to create a new SPD entry?

Options:

A.

spd

B.

addspd

C.

newspd

D.

spdnew

E.

spdadd

Buy Now
Questions 9

Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate ' ?

Options:

A.

subjectAltName = DNS: www example.org, DNS:example.org

B.

extension= SAN: www.example.org , SAN:example.org

C.

subjectAltName: www.example.org , subjectAltName: example.org

D.

commonName = subjectAltName= www.example.org , subjectAltName = example.org

E.

subject= CN= www.example.org , CN=example.org

Buy Now
Questions 10

Which of the following types can be specified within the Linux Audit system? (Choose THREE correct answers)

Options:

A.

Control rules

B.

File system rules

C.

Network connection rules

D.

Console rules

E.

System call rules

Buy Now
Questions 11

Which of the following components are part of FreeIPA? (Choose THREE correct answers.)

Options:

A.

DHCP Server

B.

Kerberos KDC

C.

Intrusion Detection System

D.

Public Key Infrastructure

E.

Directory Server

Buy Now
Questions 12

Which of the following commands adds a new user usera to FreelPA?

Options:

A.

useradd usera --directory ipa --gecos *User A "

B.

idap- useradd --H ldaps://ipa-server CN=UserA --attribs " Firstname: User: Lastname: A "

C.

ipa-admin create user --account usera -_fname User --iname A

D.

ipa user-add usera --first User --last A

E.

ipa-user- add usera --name " User A "

Buy Now
Questions 13

Which of the following commands adds users using SSSD ' s local service?

Options:

A.

sss_adduser

B.

sss_useradd

C.

sss_add

D.

sss-addlocaluser

E.

sss_local_adduser

Buy Now
Questions 14

Which of the following commands displays all ebtable rules contained in the table filter including their packet and byte counters?

Options:

A.

ebtables -t nat -L -v

B.

ebtables-L-t filter -Lv

C.

ebtables-t filter-L-Lc

D.

ebtables -t filter -Ln -L

E.

ebtables-L -Lc-t filter

Buy Now
Questions 15

Which command revokes ACL-based write access for groups and named users on the file afile?

Options:

A.

setfacI -x group: * : rx, user:*: rx afile

B.

setfacl -x mask: : rx afile

C.

setfacl ~m mask: : rx afile

D.

setfacl ~m group: * : rx, user:*: rx afile

Buy Now
Questions 16

Which of the following DNS record types can the command dnssec-signzone add to a zone? (Choose THREE correct answers.)

Options:

A.

ASIG

B.

NSEC

C.

NSEC3

D.

NSSIG

E.

RRSIG

Buy Now
Questions 17

Which of the following commands changes the source IP address to 192.0.2.11 for all IPv4 packets which go through the network interface eth0?

Options:

A.

iptables ~t nat -A POSTROUTING ~o eth0 - j SNAT -to-source 192.0.2.11

B.

iptables ~t nat -A PREROUT1NG -\ eth0 -j SNAT -to-source 192.0.2.11

C.

iptables -t nat -A POSTROUTING H eth0 -j DNAT -to-source 192.0.2.11

D.

iptables -t mangle -A POSTROUTING -i eth0 -j SNAT -to-source 192.0.2.11

E.

iptables -t mangle -A POSTROUTING -0 eth0 -j SNAT -to-source 192.0.2.11

Buy Now
Questions 18

Which of the following are differences between AppArmor and SELinux? (Choose TWO correct answers).

Options:

A.

AppArmor is implemented in user space only. SELinux is a Linux Kernel Module.

B.

AppArmor is less complex and easier to configure than SELinux.

C.

AppArmor neither requires nor allows any specific configuration. SELinux must always be manually configured.

D.

SELinux stores information in extended file attributes. AppArmor does not maintain file specific information and states.

E.

The SELinux configuration is loaded at boot time and cannot be changed later on AppArmor provides user space tools to change its behavior.

Buy Now
Exam Code: 303-200
Exam Name: 303-200: LPIC-3 Exam 303: Security, version 2.0
Last Update: Apr 30, 2026
Questions: 60

PDF + Testing Engine

$63.52  $181.49
buy now 303-200 pdf + testing engine

Testing Engine

$50.57  $144.49
buy now 303-200 testing engine

PDF (Q&A)

$43.57  $124.49
buy now 303-200 pdf