LPIC-2 Exam 202 v1.0
Question 1
In order to protect a directory on an Apache HTTPD web server with a password, this configuration was added to an .htaccess file in the respective directory:
Furthermore, a file /var/www/dir/ .htpasswd was created with the following content: usera:S3cr3t
Given that all these files were correctly processed by the web server processes, which of the following statements is true about requests to the directory?
- A. The user usera can access the site using the password s3cr3t
- B. Accessing the directory as usera raises HTTP error code 442 (User Not Existent)
- C. Requests are answered with HTTP error code 500 (Internal Server Error)
- D. The browser prompts the visitor for a username and password but logins for usera do not seem to work
- E. The web server delivers the content of the directory without requesting authentication
Answer : A
Question 2
Which Apache HTTPD directive enables HTTPS protocol support?
- A. HTTPSEngine on
- B. SSLEngine on
- C. SSLEnable on
- D. HTTPSEnable on
- E. StartTLS on
Answer : B
Question 3
FILL BLANK -
What configuration directive of the Apache HTTPD server defines where log files are stored? (Specify ONE of the directives without any other options.)
Answer : ErrorLog
Question 4
Which statements about the Alias and Redirect directives in Apache HTTPD"™s configuration file are true? (Choose two.)
- A. Alias can only reference files under DocumentRoot
- B. Redirect works with regular expressions
- C. Redirect is handled on the client side
- D. Alias is handled on the server side
- E. Alias is not a valid configuration directive
Answer : CD
Question 5
Which http_access directive for Squid allows users in the ACL named sales_net to only access the Internet at times specified in the time_acl named sales_time?
- A. http_access deny sales_time sales_net
- B. http_access allow sales_net sales_time
- C. http_access allow sales_net and sales-time
- D. allow http_access sales_net sales_time
- E. http_access sales_net sales_time
Answer : B
Question 6
Which global option in squid.conf sets the port number or numbers that Squid will use to listen for client requests?
- A. port
- B. client_port
- C. http_port
- D. server_port
- E. squid_port
Answer : C
Question 7
When using mod_authz_core, which of the following strings can be used as an argument to Require in an Apache HTTPD configuration file to specify the authentication provider? (Choose three.)
- A. method
- B. all
- C. regex
- D. header
- E. expr
Answer : ABE
Reference: https://httpd.apache.org/docs/2.4/mod/mod_authz_core.html
Question 8
Which tool creates a Certificate Signing Request (CSR) for serving HTTPS with Apache HTTPD?
- A. apachect1
- B. certgen
- C. cartool
- D. httpsgen
- E. openssl
Answer : E
Question 9
In response to a certificate signing request, a certification authority sent a web server certificate along with the certificate of an intermediate certification authority that signed the web server certificate.
What should be done with the intermediate certificate in order to use the web server certificate with Apache HTTPD?
- A. The intermediate certificate should be merged with the web server"™s certificate into one file that is specified in SSLCertificateFile
- B. The intermediate certificate should be used to verify the certificate before its deployment on the web server and can be deleted
- C. The intermediate certificate should be stored in its own file which is referenced in SSLCaCertificateFile
- D. The intermediate certificate should be improved into the certificate store of the web browser used to test the correct operation of the web server
- E. The intermediate certificate should be archived and resent to the certification authority in order to request a renewal of the certificate
Answer : A
Question 10
FILL BLANK -
Which directive in a Nginx server configuration block defines the TCP ports on which the virtual host will be available, and which protocols it will use? (Specify
ONLY the option name without any values.)
Answer : listen
Question 11
When trying to reverse proxy a web server through Nginx, what keyword is missing from the following configuration sample?
- A. remote_proxy
- B. reverse_proxy
- C. proxy_reverse
- D. proxy_pass
- E. forward_to
Answer : D
Question 12
If there is no access directive, what is the default setting for OpenLDAP?
A.
B.
C.
D.
Answer : B
Question 13
A host, called lpi, with the MAC address 08:00:2b:4c:59:23 should always be given the IP address of 192.168.1.2 by a DHCP server running ISC DHCPD.
Which of the following configurations will achieve this?
A.
B.
C. host lpi = 08:00:2b:4c:59:23 192.168.1.2
D.
E.
Answer : D
Question 14
How is the LDAP administrator account configured when the rootdn and rootpw directives are not present in the slapd.conf file?
- A. The default account admin with the password admin are used
- B. The account is defined by an ACL in slapd.conf
- C. The default account admin is used without a password
- D. The account is defined in the file /etc/ldap.secret
- E. The account is defined in the file /etc/ldap.root.conf
Answer : B
Question 15
Which of the following PAM modules allows the system administrator to use an arbitrary file containing a list of user and group names with restrictions on the system resources available to them?
- A. pam_filter
- B. pam_limits
- C. pam_listfile
- D. pam_unix
Answer : B