Monday, October 8, 2012

lock user to his home directories using chroot


Create chroot directory.

# mkdir /chroot

Create user's home directory, which will be actually '/' directory after user login.

# mkdir -p /chroot/home/pinky

Copy all the files that the user needs including basic commands like 'ls', libraries and /dev files.

# mkdir /chroot/home/pinky/bin
# cp -a /bin/bash /chroot/home/pinky/bin/.
# cp -a /bin/ls /chroot/home/pinky/bin/.
# cp -a /lib64 /chroot/home/pinky/.

Edit /etc/ssh/sshd_config file

ChrootDirectory /chroot/%h

Restart sshd

# service sshd restart
# chkconfig sshd on

Now sshd works with chrooted environment. So when Pinky logins, the directory /chroot/home/pinky will be '/'.

Friday, September 7, 2012

Saturday, August 25, 2012

Apache Question & Answer for Interview L2/L3








QUESTION NO: 1

Jan wants her Apache server to be able to handle multiple requests over a single TCP connection. Which of the following would allow her to do this?

A. Expirations
B. BrowserMatch
C. KeepAlive
D. PersistentConnect
E. ChunkEncode

Answer: C

QUESTION NO: 2

Which of the following HTTP headers will direct a browser to www.site.com after waiting five seconds?

A. Rerwrite 5; URL = http://www.site.com/
B. Location 5; URL = http://www.site.com/
C. Refresh 5; URL = http://www.site.com/
D. Reload http://www.site.com/ -t 5
E. Direct -t 5 http://www.site.com/

Answer: C

QUESTION NO: 3

Cookies can be used by Apache to create a click stream log of user activity. However, for the cookies to work, Apache must be compiled with the _______ module, then the ______ directive must be

added to the httpd.conf file.

A. mod_usertrack; Cookie Tracking on
B. mod_cookies; Cookies on}
C. mod_cookietracking; cookie Tracking on
D. mod_cookielog; Cookielogging on
E. mod_userlog, cookielogging on

Answer: A

QUESTION NO: 4

Which of the following are TRUE regarding contains in httpd.com? (Choose two.)

A. Containers consist of a Paired set of delimiters.
B. If two containers contradict, the first is applied.
C. Containers may only be applied globally.
D. Containers allow individual virtual hosts to have their own settings.

Answer: A,D

QUESTION NO: 5

Which of the following best explains why Apache Web servers are able to handles multiple requests?

A. In addition to port 80, Apache opens ports 8080, 8000, and others to handle the additional requests.
B. Apache is able to spawn child processes that handle requests before they die.
C. Apache uses therenice service to load balance between different system daemons.
D. Upon reaching a set number of requests, Apache uses a raw socket to adjust a system's bandwidth to handle the additional requests.

Answer: B

QUESTION NO: 6

Consider the file "test.html". Which of the following best describes what code does?

<html>
<from>
<INPUT TYPE=" button" VALUE="set cookie"
onClick = "document. Cookie =`first_name=Fred`;">
<INPUT TYPE = "button" VALUE = "display cookie"
onClick = "alert (document.cokkie);">
</from>
</html>


A. When the user clicks on "set cookie," it prompts the user for value. Once the value is entered, it can be displayed using the "display cookie" button.
B. When the user clicks on "set cookie," thefirst_name cookie is set to "Fred." The first_name  cookie can be displayed by clicking the "display cookie" button.
C. When the user first loads "test.html,"first_name is automatically set to "Fred." The value of first_name can be seen with the "display cookie" button. The first_name cookie can be reset to " 3
empty ("") by clicking the "set cookie" button.
D. When the user clicks on the "set cookie" button, a new HTML page is loaded that displays the word "Fred". When the user clicks on the "display cookie" button, it alerts the user that it has been

deleted.

Answer: B

QUESTION NO: 7

Which of the following can be used send to used to send a cookie to the http client? (Choose two.)

A. XMLScript
B. Static HTM
C. Java Script
D. CGI scripts
E. GIFScript

Answer: C,D

QUESTION NO: 8

Ralf, a user, wishes to upgrade his existing version of Apache by including mod_ssl as a loadable module. Assuming that the shared object for mod_ssl is libssl. So, that mod_ssl is located in

"/prefix/modules/," which of the following must be present in his httpd, conf file?

A. LoadModule mod_ssl modules/libssl.so
B. Addmodule mod_ssl modules/libssl.so
C. LoadModule /prefix/modules/libssl.so mod_ssl
D. AddModule /prefix/modules/libssl.so mod_ssl

Answer: A

QUESTION NO: 9

Liz has completed an Apache installation on her computer. She did not encounter any errors. Which of the following can she use to see Apache's default index? (Choose two.)

A. http://localserver
B. http://localhost
C. http://index
D. http://192.268.0.0
E. http://127.0.0.1

Answer: B,E

QUESTION NO: 10

One security exploit with Apache is to include a command in a script that lets the scripts execute a command found in one of its variables. For example, a script might contain the who command and

display a list users logged into the server. Which of the following, if included in a CGI script, will run a command with the appropriate permissions?

A. declare
B. fork
C. export
D. eval
E. eacho

Answer: D

QUESTION NO: 11

Which of the following represents a security concern of programming CGI scripts using the C programming language?

A. C programs must be run withsetuid root.
B. If the program receives more data than the amount of memory it has allocated, a buffer overflow can cause the program to exit to a shell on the server.
C. Many early C compile lack the ability to dynamically alter file permissions, which results in many C program running with root permissions.
D. CGI script written in C compile at runtime on the client system, which makes the client vulnerable.
E. If the server and client do not have identical compilerversions, the lesser compiler is used, which may have known exploits.

Answer: B

QUESTION NO: 12

Which of the following best explains the function of the KeepAlive directive in Apache 1.1?

A. It defines the length of time Apache will wait before spawning additional processes.
B. It constantly checks on the Apache service and reports viasyslogd if there is a server problem.
C. It makes a backup by spawning clones ofitself in case the server goes down.
D. It defined how long a server process can keep a connection before shutting down.
E. It tells Apache how long to wait before going into the zombie process state.

Answer: D

QUESTION NO: 13

Which of the following scenarios most accurately describes the Apache initialization sequence?

A. Apache spawns one child process each second untilMaxSpareServer is satisfied or MaxClients is reached.
B. Apache spawns one child, then two, then four, and up to 32 processes per seconds untilMaxClients is reached or Minspare Servers is satisfied.
C. Apache spawns one process then continues to double the number of processes spawned each second indefinitely untilMaxClients is reached or MinSpareServers is satisfied.
D. Apache spawns the needed number of child processes dependent on the incoming requests untilMaxClients is reached or MinSpareServer is satisfied. For example, if three requests come in, Apache

would spawn three processes, and soon.

Answer: B

QUESTION NO: 14

How does Apache enable CGI scripts? (Choose two.)

A. It links source pages to the appropriate client compiler.
B. It implementssuid and makes the script excitable.
C. It defines content types based on the extension.
D. It references directories that contain the scripts.

Answer: C,D

QUESTION NO: 15

Jake has the text below in his httpd conf file. He does NOT have mod_mime_magic compiled as part of the Apache server configuration. Which of the following are TRUE concerning this information?

(Choose two.)

LoadModule vhost_alias_module modules/mod_vhost _alias.so
# LoadModule env_module modules/mod_env.so
# LoadModule agent_log_module modules/mod_log_agent.so
# LoadModule mime_magic_module modules/mod_mime_magic.so
# LoadModule mime_module modules/mod_mime_magic.s
<IFModeule mod_mime_magic.c>
MIOMEMagicFile share/magic
</ifModule>

A. The MIMEMagicFile directive will be processed.
B. The MIMEMagicFile directive will NOT be processed.
C. The server will NOT be able to use hints in share/magic to determine file types.
D. The server will be able to use hints in share/magic to determine file types.

Answer: B,C

QUESTION NO: 16

An administrator needs to set the permissions an Apache Web server to maximize security, while still allowing for full functionality. Which of the following permissions are most appropriate for

Apache configuration files and Apache executables, respectively?

A. 755, 000
B. 755, 111
C. 511, 755
D. 777, 555
E. 755, 511

Answer: E

QUESTION NO: 17

The block of code below is found in the http conf file. Under what conditions would this block of code execute?

<If Module !PHP/4.0>
...
</If Module>

A. If PHP/4.0 is NOT compiled or loaded into Apache when the block of code is called
B. If PHP/4.0 is NOT compiled or loaded in the module's shared library when the block of code is called
C. If PHP/4.0 is compiled or loaded into Apache when the block of code is called
D. If PHP/4.0 is compiled or loaded in the module's shared library when the block of code is called

Answer: A

QUESTION NO: 18

Which of the following is a requirement for IP-based virtual hosting?

A. Separate network devices, each with its own I address.
B. Separate IP addresses for each virtual host
C. Separate configuration files for each virtual host.
D. SeparateIPAlias directives in the httpd.conf file for each virtual host.

Answer: B

QUESTION NO: 19

Tom would like to group all of his CGI scripts to /lib/cgi-bin/. In order to do this, he needs to use the ScriptAlias directive in the httpd.conf file of his Apache server. What modules need to be

compiled in order for this to work? (Choose two.)

A. mod_cgi.c or any module that supports the common gateway interface
B. mod_bin.c
C. mod_negotiation.c or any module that does protocol negotiation
D. mod_alias.c
E. mod_script.c or any module that does script parsing

Answer: A,D

QUESTION NO: 20

The system administrator has configured Apache to write its log files via the system logging daemon. When Apache write its log files to syslog, it will run with the permissions of which user?

A. Always as root
B. Always as nobody
C. Always aswebuser
D. Always as the owner of the http process
E. Always as the owner of thesyslogd process

Answer: B

QUESTION NO: 21

If a user has already defined a log format called "common, "which of the following directives will ALWAYS make Apache log requests to "/var/log/apache/access_log" using the " common" format?

A. TransferLog /var/log/apache/access_log format=common
B. TransferLog /var/log/apache/access_log common
C. CustomLog /var/log/apache/access_log format=common
D. CustomLog /var/log/apache/access_log common
Answer: D

QUESTION NO: 22

The system administrator wishes to make the Web server run with UID "web." Which of the following lines should be added to httpd.conf to allow this?

A. UID web
B. ServerAdmin web
C. Owner web
D. User web
E. RunAs web

Answer: D

QUESTION NO: 23

Which one of the following http conf entries will tell the server which access directive can be overridden by the. Htaccess file?

A. Order Allow. Deny
B. AllowOveride
C. Order Deny, Allow
D. Allow

Answer: B

QUESTION NO: 24

An administrator would like to set up Apache server with multiple IP addresses. Which httpd.conf directives are used to change the port and the IP address on which httpd listens? (Choose two.)

A. Listen
B. Address
C. Bind
D. Active
E. BindAddress

Answer: A,B

QUESTION NO: 25

Amanda is configuring an Internet Web server with server with two virtual host. One of the host server is a time clock, and the other is a Web mail server. Both hosts are configured to provide

service on port 8080. One host is using the IP address 192.168.1.10, and the order is using 192.168.1.20. Which of the following will occur when Amanda tries to run both hosts on the same port

number?

A. Requests to both virtual hosts will be denied.
B. The host listed last in thehttpd.conf configuration file will receive all f the requests on that port number.
C. The underlying IP layer willnondeteministically transfer network packets to either host.
D. Both virtual hosts will function normally.

Answer: D

QUESTION NO: 26

Which statement best describes the outcome of the following commands?

Root@example apache $ bin/htpasswd /etc/httpd/conf/users nobody
Root@example apache $ bin/apache 1restart

A. Create a new and set the password for the Web page
B. Create a new user for the http group file
C. Create a new group and password for the system
D. Create a new alias for all the http users

Answer: A

QUESTION NO: 27

A system administrator has entered the directive below into httpd.conf. Which of the following will she have to type into the browser to get to the aliased page? Assuming the file access

permissions are set correctly.

Alias/html/usr/local/my_dir/my_html/

A. http://localhost/
B. http://localhost/htm/
C. http://localhost/usr/local/html/
D. http://localhost/my_dir/html
Answer: B

QUESTION NO: 28

Joe, a system administrator, wants to allow visitors to sign one of two default usernames and a valid e-mail address. He decides the default names should be "janedoe" and "johndoe". In the.

htsccess file,which module should Joe edit to achieve the desired results, and what information should he enter?

A. anon_auth_module; Anonymous johndoe and johndoe
B. access_module; Anonymous johndoe and johndoe
C. anon_auth_module; Anonymous *doe
D. access_module; Anonymous *doe

Answer: A

QUESTION NO: 29

As a security measure, the system administrator has set the policy that all system logs must be written to a remote system. Which of the following directives should be used to make Apache log in

this fashion?

A. CustomerLog | /sbin/syslogd
B. CustomerLog remotesystem:/var/httpd/access_log
C. TransferLog remotesystem:/var/httpd/access_log
D. TransferLog | /sbin/syslogd

Answer: D

QUESTION NO: 30

The system administrator is setting up Apache to limit access to the directory "/ Linux/example/." Only visitors from linuxsite.org should be able to access the directory. What lines need to be
added to the following entery in the .htaccess file to make this restriction possible? Select the best pair for lines two and four.

1 <Directory "/Linux/example/">
3 Deny from All

5 </Directory>

A. Allow fromlinuxsite.org;End
B. Deny,Allow;Allow from linuxsite.org
C. OrderAllow,Deny; Allow from linuxsite.org
D. OrderDeny,Allow; Allow from linuxsite.org

Answer: D

QUESTION NO: 31

David wants to set up a virtual host that uses the IP address 192.168.2.2, but he wants the server to attain individual settings from the main server. He uses the http.conf file below. David then
restarts httpd and receives an error. What error did he make in the configuration file?

<VirtualHost 192.168.2.2>
ServerAdmin david@davidsvirualhost.com
ServerRoot /www/docs/davidhost2
ServerName davidsvirtualhost.com
TransferLog logs/ davidsvirtualhost.com-access_log
ErrorLog log/ davidsvirtualhost.com-error_log
</VirtuaulHost>

A. The TransferLog directive is improperly formatted.
B. The ServerRoot directive is invalid the VirtualHost container.
C. The VirtualHost containor is not terminated correctly.
D. The TypesConfig directive is missing inside the VirtualHost containe.
E. The MultiViews directive is missing inside the VirtualHost container.

Answer: B

QUESTION NO: 32

Which of the following fields is NOT a part of the CommonLog Format (CLF)?

A. Requesting host
B. Byte length of the request
C. Data of request
D. Time to serve request
E. HTTP status code

Answer: D

QUESTION NO: 33

Jerry has a directory dedicated to JPEG image but does not have the .jpg extension on each file. How can he get the server to inform the client of the content type of the files in the directory?

A. Within a Directory container, use theDefaultType directive to specify the file type.
B. Within a Directory container, use theAddType directive to specify the file type.
C. Within a Directory container, use theAddEncoding directive to specify the file type.
D. Within a Directory container, use theTypeConfig directive to specify the file type.

Answer: A

QUESTION NO: 34

Using a name-based virtual host, how does a client make a request to the desired host?

A. The client listens for a particular IP address that is in thehttpd.conf file.
B. The client requestare command to the server's /etc/hosts file.
C. The client browser provides the host header, the host header, which the server matches against the list of virtual hosts.
D. The client browser provides a virtual hostsctipt that includes the desired port number.

Answer: C

QUESTION NO: 35

Tom has entered the information below in his httpd.comf file. He has no .htaccess file that override these directives. Which of the following is TRUE concerning this files?

ExpiresActive on
Anywhere, .htaccess when Allow Override indexes
ExpiresByType image/gif A1000
Anywhere, .htaccess when Allow Override indexes

A. A GIF image on the server will be active for 1000 seconds after its last modification time.
B. If the file size a GIF image is over 1000Kb,then the GIF image will expire in the server's cache.
C. After the client accesses a GIF image on the server, it will NOT expire in the client's cache for 1000 seconds.
D. The server will hold no more than 1000 GIF image in its cache.

Answer: C

QUESTION NO: 36

Assume the following block of code is placed in the httpd.conf file. What task does it perform?

RewriteCond %{TIME_DAY} !Monday {OR}
RewriteCond %{TIME_HOUR} 10
RewriteCond ^index\.html /index\.html
RewriteCond %{TIME_DAY} Monday
RewriteCond ^index\.html /index\.mon\.html

A. It rewrites the URL http://someserver/index.html to http://somerver/index.mon.html if the day is NOT Monday and the hour is NOT 10.
B. It rewrites the URL http://someserver/index.html to http://somerver/index.mon.html if the day is Monday and the hour is 10.
C. It rewrites the URL http://someserver/index.html to http://somerver/index.mon.html if the day is NOT Monday and the hour is 10.
D. It rewrites the URL http://someserver/index.html to http://somerver/index.mon.html if the day is Monday and the hour is NOT 10.

Answer: C

QUESTION NO: 37

Which of the following MUST Apache 1.1 and higher have in order to run?

A. httpd.conf
B. httpd.conf and srm.conf
C. httpd.conf and access.conf
D. httpd.conf access.conf, srm.conf

Answer: A

QUESTION NO: 38

Paul has placed all images to offered by an Apache Web server in a single directory. The images are to be handled as GIF images, but he does not wants to individually label each of the images with

the ".gif" extension. Which of the following methods could Paul use to efficiently associate all files in the /images directory (and only the /images directory) with the ".gif" .extension?

A. If Paul crates an .htaccess file in /images and uses the Force Type directive in the file, all files classified as images can be given the ".gif" association despite their current association.
B. If Paul crates an .htaccess file in /images and uses the Force Type directive in the file, individual files can be processed and associated with any extension defined in the Add Type filed
located in httpd.conf.
C. Paul must use theRemoveHandler and Addhandler directives to remove current extensions then add new extensions. Both directives must be used in the global container of httpd.conf.
D. Paul must use theRemoveHandler and SetHandler directives to remove current extensions then add new extensions. The RemoveHandler directive must be placed in an. Htaccess file in
/images and the SetHandler directive must be defined in httpd.conf.

Answer: A

QUESTION NO: 39

Which of the following is the main problem with using.htaccess to override directives in httpd.conf?

A. .htaccess must have a per-loaded PAM module that requires extra configuraton.
B. .htaccess is insecure because it requires root permission to access subirectories.
C. .htaccess delays page access by recursively searching subdirectories.
D. .htaccess does not search every directory, possibly leaving subdirectories open.

Answer: C

QUESTION NO: 40

The Web document root directory can be changed by which line in httpd.conf?

A. Root
B. RootDir
C. DocumentRoot
D. WebRoot
E. BaseDir

Answer: C

QUESTION NO: 41

What is the function of the XbitHack directive in the httpd.conf file?

A. To active the X interface for Apache from a remote location
B. To prevent serving requests for executable files
C. To authenticate the requesting client based on user permissions
D. To parse Web files for includes based on their permissions

Answer: D

QUESTION NO: 42

Bad has placed a limit on the maximum requests per child process on his Apache server. To do this, he added the MaxRequestsPerChild directive to httpd.comnf and gave it a value of 800. Which of the

following are TRUE concerning this situation? (Choose two.)

A. It limits the amount of memory that processes can consume in the event of accidental memory leakage.
B. Limiting the number of child processes increases processing done by each child; this increases system load.
C. By giving process a finite lifetime, the number of processes will be reduced when requests decrease; this frees up system resources.
D. Limiting the number of child processes increases mean network packet length; this allows more data to be transferred at once.

Answer: A,B

QUESTION NO: 43

What is the IANA-recommended value for the Port directive?

A. 0
B. 80
C. 255
D. 8080

Answer: B

QUESTION NO: 44

Examine the following block of code. What should be added on line 3 so that the following events occur. If the value of "test" is equal to 100, the Web page will print, "you are our on hundredth

customer," and if the value of "test" is not equal to 100, the Web page will print, "Have a nice day"

1 <!--#if expr= "${test} != ${100]" à
2 Have a nice day
4 you are our one hundredth customer
5 <!--#else -- >
6 Have a nice day
7 <! -- #endif -- >

A. <!-- #elseif expr="${test} = ${100}" -- >
B. <!-- #elseif expr="${test} != ${100}" -- >
C. < !-- elif expr="${test} != ${100}" -- >
D. < !-- #elif expr="${test} = ${100}" -- >

Answer: D

QUESTION NO: 45

A Web site has a standard header that should be included on all Web pages. Which of the following lines would make the server include a eparate file, clled "header.html, " instead of write
the header code for every page on the site?
Assume that "header.html" is in same directory as all other HTML files, which is "/www/htdocs."

A. <!--#include "/www/htdocs/header.html"-- >
B. <!--#include "/www/htdocs/header.html"-- >
C. <!--#nclude file="/www/htdocs/header.html"-- >
D. <!--#virtual "/www/htdocs/header.html"-- >
E. <!--#file="/www/htdocs/header.html"-- >

Answer: B

QUESTION NO: 46

To crate dynamic HTML content, which of the following MUST be included with each CGI script?

A. each $cgi
B. #/bin/bash
C. #nclude cgi
D. #/bin/perl
E. each Content-type

Answer: E

QUESTION NO: 47

Suppose that a user wishes to dynamically include the contents of the file "message.txt" within a Web page. Which of the following lines within the HTML code will allow this to be done?

A. <!--#exec "cat message.txt" -- >
B. <!--#exec cmd "cat message.txt" -- >
C. <!--#exec cmd cat message.txt -- >
D. <!-- exec cmd "cat message.txt" -- >
E. <!-- cat message.txt" -- >

Answer: B

QUESTION NO: 48

Adam has decided to start maintaining status information on current connections by setting the ConnectionStatus directive to "on." Which of the following modules MUST be installed for this

directive to work?

A. mod_status
B. mod_info
C. mod_logging
D. mod_connect
E. mod_reports

Answer: A

QUESTION NO: 49

In order to make the Web server parver parse file with extension ".shtml" for server side includes, which of the following should be added to httpd.conf?

A. AddHandler server-persed .shtml
B. AddHandler Handler .shtml
C. NewHandler server-parsed .shtml
D. NewHandler .shtml

Answer: A

QUESTION NO: 50

John is running multiple virtual server from a single Apache Web server daemon. He has separate log files each virtual server. Some of the error logs start reporting the error "unable to fork."

John's system supports the setrlimit () call. Which of the following can john do to fix this error? (Choose two.)

A. Send each log file to the same partition and compress the partition periodically.
B. Compilemod_fork.c into the Apache source or dynamically load the mod_fork module in httpd.conf.
C. Consolidate all log files into one file.
D. In the Apache startup script, increase the number of available file descriptors with theulimit utility.
E. Edit thehttpd.conf file to include "forking=yes" in the globals section.

Answer: A,B

QUESTION NO: 51

Natalie, the Webmaster for a small company, wishes to log Web server access using a custom log file format. In order to do this, she decides to use the CustomLog directive. However, she neglected

to define the structure of the log entries. Which of the following directives did Natalie fail to place in httpd.conf?

A. LogStructure
B. TransferLog
C. CommonLog
D. LogFormat

Answer: D

QUESTION NO: 52

Given the following exerpt of code from httpd.conf, what function will be performed?

LogFormat"%h %1 %u %t \"%r\" %>s %b \"%{Referer} i\" \"%{User-Agent } i \""\ combined
LogFormat"%h %1 %u %t \"r\" %>a %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
TransferLog /var/log/httpd/access_log

A. The log file /var/log/httpd will be written with the format "agent".
B. The log file /var/log/httpd will be written with the format "combine".
C. The log file /var/log/httpd will be written in common log format.
D. The log file /var/log/httpd will be written, but will only log the IP address.

Answer: A

QUESTION NO: 53

An administrator needs to perform host name lookups on users accessing HTML and SWF files, but no other files. The administrator has added the following lines to the httpd.conf file but is not
getting the desired result. What is the result of the lines added by the administrator?

<Files ^^ "\. (html | svf) $">
HostnameLookups on
</Files>

A. The server performs lookups and all users accessing files other than HTML or SWF and ignores users accessing HTML or SWF files.
B. The server performs lookups for all users accessing all files.
C. The serverperform lookups for some users on the HTML and SWF files.
D. The serverperform lookups on users accessing HTML files, but not on users accessing SWF files.

Answer: D

QUESTION NO: 54

When installing Apache from source, the system administrator adds the line below to the "apacke_1.3.19/src/Configure" file. What does this accomplish?

AddModulemodules/standard/mod_so.o

A. mod_so.o will be loaded into the Apache binary after Apache has been restarted.
B. mod_so.0 will be combined with the Apache binary at run time.
C. mod_so.o will be added, provided it is already built into the binary.
D. mod_so.o will become part of the Apache binary at compile time.

Answer: D

QUESTION NO: 55

If the Web server and the browser use a persistent connection, then multiple requests can occur over the same _________ connection.

A. IP
B. ftpd
C. CGI
D. TCP

Answer: D

QUESTION NO: 56

Which of the following are TRUE concerning directives and Apache? (Choose two)

A. Directives are commands issued throughapachetl.
B. Directives are used to control Apache's runtime configuration.
C. Directives can be used to alter Apache's configuration during runtime.
D. Directives can be used in configuration files other thanhttpd.conf.

Answer: B,D

QUESTION NO: 57

Which of the following is TRUE concerning chunked encoding?

A. It allows the server to grab small bits of dynamically produced data (chunks), determine the content, and sent it to the client.
B. It helps identify a client by dropping chunks of information onto the client's computer and then reading it from the computer later.
C. It divides RAM into chunks so that Apache can better utilize itsRequestsHeader info.
D. It forces a TCP connection into two chunks-one for the client and one for the server.

Answer: A

QUESTION NO: 58

When using persistent connections with HTTP1.1, a server must know the Content-Length of the response it sends back to a client. If a Web page is dynamically created, there is no way for the
server to know the exact size of the content. Which of the following helps to solve this problem?

A. Parsing header protocol
B. Cookies
C. Chunked encoding
D. UDP packet encryption

Answer: C

QUESTION NO: 59

Maynard has recently been places in charge of a large Apache server that may be a target for Denial of Service (DOS) attacks. To increase security, Maynard has decides to modify httpd.conf
and strengthen the server's resistance to attacks. Of the following httpd.conf directives, which can be used as a protection against DOS attacks? (Choose two)

A. LimitRequestFields
B. LimitRequestFieldSize
C. AuthTypeMax
D. AuthBufferLimit
E. AuthOverflow

Answer: A,B

QUESTION NO: 60

The text below is found in your Apache server's error_log file. Which of the following could have caused this error?

/var/run/httpd.pid overwritten - Unclean shutdown of previous Apache run?

A. The Apache server as shut down by an unauthorized user.
B. The graceful shutdown of Apache was overwritten byinetd.
C. Apache was terminated by an unexpected system failure.
D. Another instance ofhttpd was started, which caused the original httpd to shut down.

Answer: C

QUESTION NO: 61

Which of the following can increase Web sever performance? (Choose three)

A. Move all swap space to the same partition as the Web server data.
B. Turn off logging.
C. Place Apache logs on the fastest drive.
D. Add additional RAM to the system.
E. Place Apache logs on the slower drive and the Web data on the faster drive.

Answer: A,B,C

QUESTION NO: 62

Which of the following statements concerning Apache and Secure Socket Layer (SSL) is TRUE?

A. Apache and SSL can only be used if the proper security certificate has been purchased.
B. Themod_ssl module gives SSL functionality to Apache.
C. Apache +SSLis a commercial version of Apache distributed as closed source.
D. Apache +SSLprovides maximum 256 bit encryption.
E. Themod_https module is equivalent to the mod_ssl module.

Answer: B

QUESTION NO: 63

Which of the following will occur if the MaxSpare Servers Apache directive is set to 15?

A. No more than 15 child processes will be left running and unused.
B. No more than 15 requests to the server will be allowed.
C. It will provide for 15 fail-over servers in a cluster.
D. It will provide 15 spare servers for each virtual host request.

Answer: A

QUESTION NO: 64

Recently LinuxCorp upgraded its Web server. In the process, several directories containing Web content were moved. The Webmaster wishes to modify Apache so that when clients access the original

URL, they will be automatically sent to a new directory. Which module will allow Apache to perform this task?

A. mod_url
B. mod_redirect
C. mod_link
D. mod_rewrite
E. mod:urlmanip

Answer: D

QUESTION NO: 65

John has a Web server running Apache, and his Web site has information that is updated periodically. John wants to make sure clients who access his Web site are viewing the most up-todate

information. Which of the following should John use to accomplish this?

A. BrowserMatch 10
B. ExpiresDefault 10
C. ReloadTime 10
D. CacheDocument 10
E. MaxKeepAlive 10

Answer: B

QUESTION NO: 66

George has taken over Web server administration for a colleague. He has located the httpd.conf file, the document root, and the files that Apache servers, but he cannot find the error log files.

They are not in their default location. Which command can he use to find the log files?

A. grep -i errorlog httpd.conf
B. locate -uerrorlog
C. locate -i uvET httpd.conf | grep errorlog
D. find /etc -nameerrorlog

Answer: A

QUESTION NO: 67

George does not want to use the default HTML error page; he wants to customize his version of Apache to handle problems or errors. He creates an HTML page named error.html, with his customized

error message, and saves it in the /cgi-bin/ directory. How can George get Apache to display his customized error message when a page is not found?

A. Use theErrorDocument directive in the following manner: ErrorDocument 404 /cgibin/error.html.
B. Use theErrorLog directives in the following manner: ErrorLog 404 /cgi-bin/error.html.
C. Use theErrorDocument directives in the following manner: ErrorDocument 401 error.html.
D. Use theErrorLog directives in the following manner: ErrorLog 401 error.html.

Answer: A

QUESTION NO: 68

Which of the following are valid options for the ServerType directive? (Choose two)

A. intranet
B. internet
C. inetd
D. httpd
E. stand-alone

Answer: A,B

QUESTION NO: 69

John wants to apply several directives to the following directories: /gardening, /garden_tools, /fertilizers, and /herbs. How can John configure Apache to do this without affecting any of his other
directories, considering the list of his directories below?

/woodshed_tools /fertilizers /decks
/garden_tools /herbs /boat_accessories
/gardening /charcoal_grills /misc

A. Use the <Directory> directive in the following manner:
<Directory ~ [f-h]?.*>... </Directory>
B. Use the <Directory> directive in the following manner:
<Directory> ~ /[f-h]*> ... </Directory>
C. Use the <File> directive in the following manner:
<File ~ [f-h]*> ... </File>
D. Use the <File> directive in the following manner:
<File> ~ /[f-h]?.*> ... </File>

Answer: B

QUESTION NO: 70

Julie has three files in the same directory named index.html, index.htm, and index.shtml, respectively. She wants index.htm to be sent to the client when this directory is accessed. Which
of the following httpd.conf entries will allow her to do this? (Choose two)

A. DirectoryIndex index.htm index.html index.shtml index.cgi
B. DirectoryIndex index-html index.cgi index.shtml index.htm
C. DirectoryIndex index.html index.shtml index.cgi index.htm
D. DirectoryIndex index.htm index.cgi index.shtml index.html

Answer: A,B

QUESTION NO: 71

John is creating multiple virtual Web servers with separate document root directories. John's boss says to keep duplication to a minimum by using the same executable scripts. In which section if
the httpd.conf file would John have to define the path of the executable scripts in order to accomplish this task?

A. Directory environment
B. Virtual host environment
C. Global environment
D. Default environment
E. Local environment

Answer: C

QUESTION NO: 72

Which of the following best describes the relationship between modules and directives in Apache?

A. Modules are the dynamic counterparts of directives.
B. Directives are used to direct the client to load the appropriate modules.
C. Modules contain code to carry out directives specifies inhttpd.conf.
D. Directives contain code to execute static modules.

Answer: C

QUESTION NO: 73

When the httpd.conf file is altered, Apache must re-read the file by stopping and restarting the server. There are two methods of restarting the server when using the apachectl tool. Which command

lies will perform the restart? (Choose two)

A. apachectl reload
B. apachectl reboot
C. apachectl restart
D. apachectl HUP
E. apachectl graceful

Answer: C,E

QUESTION NO: 74

A system administrator wishes to define several separate log file formats to handle different log files within Apache. After defining a block of format definitions, the directive below is

specifies. Which of the following definitions will be used? TransferLog/var/httpd/access_log

A. Common Log Format
B. The first specifiesLogFormat directive line
C. The last specifiedLogFormat directive line.
D. The server will report an error parsing the configuration file.

Answer: C

QUESTION NO: 75

Jamie is running Apache 1.3. He wants different pages with similar content on his Web site to be served to best accommodate each browser that views them. He alters the httpd.conf file and makes the

changes below. Which line still needs to be altered to enable the desired effect?

<Directory /usr/local/httpd/htdocs>
Options All
AllowOverride Authconfig
Order allow.deny
Allow from all

A. He needs to add "MultiViews On" to the "Options All" line.
B. He needs to change "AllowOverride Authconfig" to "AllowOverride None".
C. He needs to change "Orderallow,deny" to "Order deny,allow".
D. He needs to add "localhost" to the "Allow from all" line.

Answer: A

QUESTION NO: 76

You find a Segmentation fault error in one of your Apache error_log files. Which of the following
tools will help you determine what caused this fault?

A. segfind
B. gdb
C. apachectl
D. top

Answer: B

QUESTION NO: 77

Dharma, a system administrator, wants to allow server side includes on the Web server. Which of the following directives would be the most secure way for her to do this?

A. Options +Includes --NOEXEC
B. Options -Include
C. Options +IncludesNOEXEC
D. Options +NOEXEC

Answer: C

QUESTION NO: 78

The following is an example of what type of CGI script?


#1/bin/bash
#Hello, World! Script
echoContent-type: text/html
echo
echo'<html>
<head><title>Hello, World!</title></head>
echo'<body bgcolor=#FFFFFFF">
<h1>Hello, World!</body></html>'

A. PHP script
B. HTMLscipt
C. Shell script
D. JavaScript
E. Perl script

Answer: C

QUESTION NO: 79

Joni, a system administrator, would like to test a Web server to see how it will withstand a load of 100 simultaneous hits. Which command would she most likely use?

A. ab -<100 http://127.0.0.1:80/htdocs
B. ab -L100 http://127.0.0.1:80/htdocs
C. ab 100 http://127.0.0.1:80/htdocs
D. ab http://127.0.0.1:80/htdocs 100
E. ab -n100 http://127.0.0.1:80/htdocs

Answer: E

QUESTION NO: 80

Justin has entered the following lines into httpd.conf, but he is not sure what exactly these new lines will do. Which of the following will be caused by the lines Justin entered? (Choose two)

ExpiresActive on
ExpiresByType text/html M604800
ExpiresByType image/jpg A2592000

A. JPG images will expire after a month in the client's cache.
B. JPG images will expire after a week of non-use.
C. JPG images will expire a month from the time they were changed.
D. HTML documents will remain active for a week from the time they were changed.
E. HTML documents will remain active for a month from the time they were changed.
F. HTML documents will remain active for a week in the client's cache.

Answer: A,B

QUESTION NO: 81

Which of the following will occur if the StartServer Apache directive is set to five?

A. Five instances ofmod_quickstart.o will be started.
B. Five child processes will be started for every request.
C. Five child processes will be started when Apache starts.
D. Five virtual hosts will be started for every request.
Answer: C

QUESTION NO: 82

Which of the following is NOT an option that is supported by the Linux apachectl script?

A. start
B. restart
C. stop
D. graceful
E. kill

Answer: E

QUESTION NO: 83

An administrator wishes to install a new Apache module without recompiling Apache. He wants the modules automatically placed in the proper locations and the appropriate directive added in the

httpd.conf file. Which of the following utilities will allow the administrator to accomplish this task?

A. apmodprobe
B. apxs
C. apachectl
D. apconfig
E. apbuild

Answer: B

QUESTION NO: 84

Using a name-based virtual host, how does a client make a request to the desired host?

A. The client listens for a particular IP address that is set in thehttpd.conf file.
B. The client requests are compared to the server's /etc/hosts file.
C. The client browser provides the host header, which the server matches against the list of virtual hosts.
D. The client browser provides a virtual script that includes the desired port number.

Answer: C

QUESTION NO: 85

Eddy is maintaining a large Apache server used for holding and transferring files via the Web. He has accumulated many archive files with the tar.gz extension and would like to prevent them from

being shown when directories are listed. Which line could he add to either httpd.conf or .htaccess to accomplish this?

A. IndexHide "tar.gz
B. IndexHide "-tar.gz"
C. IndexIgnore *.tar.gz
D. IndexIgnore!.tar.gz
E. IndexList no .tar.gz
F. IndexList !tar.gz off

Answer: C

QUESTION NO: 86

Which of the following modules MUST be compiled into the Apache server?

A. http_core.c
B. apache_so.c
C. charset_so.c
D. tcpip_core.c

Answer: A

QUESTION NO: 87

A system administrator has entered the directive below into httpd.conf. Which of the following will she have to type into the browser to get the aliased page? Assume the file access permissions are
set correctly.

Alias /html/ /user/local/my_dir/my_html/

A. http://localhost/
B. http://localhost/html/
C. http://localhost/usr/local/html
D. http://localhost/my_dir/html

Answer: B

QUESTION NO: 88

Apache servers a document according to certain characteristics provided by the requesting browser.These characteristics of the document are called the document's dimensions. What dimension is used

when Apache serves a request from a browser that has a preference for gzip compressed document?

A. type
B. encoding
C. compression
D. format

Answer: B

QUESTION NO: 89

You are the system administrator of an Apache server that houses the Web site linuxsite.org. This site allows users with normal accounts to have home pages, and it houses several other mission
critical Web sites. A user, Joe, has a home page that requires a change in one of the Apache configuration directives. Joe wants to allow or deny access to his home page based on a

username/password combination. Which of the following is the best way to implement this change?

A. Allow Joe to configure the appropriate .htaccess file.
B. Install themod_runtime_auth module and allow Joe to make the appropriate changes to httpd.conf.
C. Make the appropriate changes tohttpd.conf file and restart httpd.
D. Make the appropriate changes to the global .htaccess file and restart httpd.

Answer: A

QUESTION NO: 90

Which of the following represents a security concern of programming CGI scripts using the C programming language?

A. C programs must run withsetuid root.
B. If the program receives more data then the amount of memory it has allocated, a buffer overflow can cause the program to exit to a shell on the server.
C. Many early C compilers lack the ability to dynamically alter file permissions, which result in many C programs running with root permissions.
D. CGI scripts written in C compile at runtime on the client system, which makes the client vulnerable.
E. If the server and client do not have identical compilerversions, the lesser compiler is used, which may known exploits.

Answer: B

Samba Question & Answer


QUESTION NO: 1

Which of the following best describes the function of smbd?

A. It provides NetBIOS name resolution services to clients.
B. It provides LDAP services to clients.
C. It provides Active Directory services to clients.
D. It provides file sharing and print services to clients.

Answer: D

QUESTION NO: 2

You have a Linux machine running Samba with the configuration below. Your machine's IP address is 192.168.1.20, and it is on a LAN with other Linux clients and Windows 9x clients. Which of the

following is this machine's primary function?

[global]
netbios name = SAMBA
security = user
local master=yes
preferred master=yes
domain master=yes
workgroup=AUTH
wins server = 192.168.1.99
encrypt passwords=yes
logon script- /usr/local/samba/bin/%u.bat
domain admin group = @bigusers
os level=65
logon home =\\%L\%U\.profiles
logon path = \\%L\profile\%U

A. A domain controller
B. A WINS server
C. A Security Account Manager (SAM) host
D. A Master Samba Share Server (MSSS)

Answer: A

QUESTION NO: 3

Which of the following best describes the function of the global max xmit parameter in smb.conf?

A. It defines the maximum number of TCP ACKs the server can transmit to the clients.
B. It defines the maximum packet size that Samba exchanges with a client.
C. It defines the maximum number of packets that are stored in RAM before they are written to disk.
D. It defines the maximum NetBIOS queries a server can accept.

Answer: B

QUESTION NO: 4

Diego, an administrator, has set up a Samba server to provide Windows users access to their Linux home directories. In the [homes] share, which of the following should he use to define the path of

the home directories as "/home/samba/<user name>"?

A. path = /home/samba/%n
B. path = /home/samba/%u
C. path = /home/samba/%l
D. path = /home/samba/%h

Answer: B

QUESTION NO: 5

What is the function of the smbclient command?

A. It allows a Windows share to be mounted from a computer running Linux.
B. It provides access to shared resources on a Windows computer.
C. It provides access to Linux shares from a Windows computer.
D. It provides access to a Samba-enabled computer from a Windows machine.

Answer: B

QUESTION NO: 6

Ron, a Windows user on his local network, asked his co-worker Ned to save a fle on the file server (a Linux machine). Ned saves the file in the specified directory and sends Ron a message to tell

him it is there. Ron looks in the file server share, but he cannot find the file until he checks it 20 minutes later. Why is Ron having this problem?

A. The "change notify timeout" parameter of the smb.conf file is set to 1200.
B. The "browseable" parameter of the smb.conf file is set to 1200.
C. The "browse list" parameter of thesmb.conf file is set to 1200.
D. The "deadtime" parameter of the smb.conf file is set to 1200.

Answer: A

QUESTION NO: 7

In order for encrypted passwords to be available to Samba, which of the following lines should appear in smb.conf? (Choose two.)

A. encryptpasswd = yes
B. encrypt = /etc/shadow
C. smb passwd file = /usr/local/etc/smbpasswd
D. encryptpass = /usr/local/etc/smbpasswd
E. encrypt passwords = yes

Answer: C,E

QUESTION NO: 8

Molly, an administrator, would like to poll the network to ensure that Samba is working properly. Which of the following commands would allow her to do this?

A. nmblookup --all
B. testparm --poll "*"
C. smbclient -L "*"
D. nmblookup -d 2 "*"

Answer: D

QUESTION NO: 9

Which of the following best describes the number of smbd processes that should be running at one time on a properly configured Samba server?

A. One for each client connected to Samba
B. Only one
C. At least one, and an additional one for each printer being used by Samba
D. At least one, and an additional process for each client connected to Samba

Answer: D

QUESTION NO: 10

The Samba server (luke.linuxsite.org) using the smb.conf file below is experiencing problems. What is most likely wrong with the smb.conf file?

[global]
netbios name = luke
workgroup = network1
security = share
load printers = yes
log file = /home/admin/
max log size = 10000
wins support = yes
wins server = samba.linuxsite.org
bind interfaces only = yes

A. The wins support parameter is set to "yes" , and the wins server parameter is set.
B. The max log size is set too high.
C. The log file path is not in the same directory as the Samba executables.
D. The log file is defined before the wins server.
E. The wins support parameter and the bind interfaceparameter are both set to "yes".

Answer: A

QUESTION NO: 11

Which of the following commands will be executed first by Samba?

A. preexec = rm -r /home/samba/tmp/*
B. root execute =rmdir -R /home/temp
C. rootpostexec = mkisofs -log-file %H/log-%d.txt
D. rootpreexec = mkdir /home/temp
E. prescript = /home/samba/scripts

Answer: D

QUESTION NO: 12

Maynard is optimizing his Samba services to provide ease of use as well as security. He has added the line below to /etc/auto.misc. Which of the following best describes the purpose of this

addition? docs -fstype=smb, username=bob, password=2ghtex9s ://servermain/docs

A. This prevents users listed ("bob") from accessing the "docs" share.
B. This line is required for Samba to export the "docs" share.
C. This allows automatic logins and logouts to the "docs" share.
D. This prevents users other than "bob" from accessing the "docs" share.
E. This allows the "docs" share to beautomounted by "bob" on login.

Answer: E

QUESTION NO: 13

Instead of linking all Samba commands to paths already defined in his environment, Fred wants to include /usr/local/samba/bin in his path. Which of the following will allow Fred to do this?

A. Edit the /etc/samba/smb.conf file to change Fred's environment to look in /usr/local/samba/bin for commands.
B. Edit thesmb.conf file to include the parameter "include=/usr/local/samba/bin".
C. Add Fred's paths to the /path directory.
D. Edit the /etc/profile file to change Fred's environment to look in /usr/local/samba/bin for commands.

Answer: D

QUESTION NO: 14

Annie is using Windows 95. In order for her to connect to the Samba server, she needs to run the regedit program and add an entry to the Windows registry. What type of registry entry should Annie

add, and what should its value be?

A. Enter a new DWORD Value named "EnablePlainTextPassword" with a value of one.
B. Enter a new String Value named "EnablePlainTextPassword" with a value of zero.
C. Enter a new Binary Value named "EnablePlainTextPassword" with a value of one.
D. Enter a new Host Value named "EnablePlainTextPassword" with a value of zero.
Answer: A

QUESTION NO: 15

Which of the following is FALSE regarding NetBIOS?

A. NetBIOS names are limited to 16 characters.
B. NetBIOS characters are always converted to uppercase.
C. The first character of a NetBIOS name is known as a NetBIOS prefix.
D. The last character in a NetBIOS name indicates the type.

Answer: C

QUESTION NO: 16

Which of the following is a function of a WINS server?

A. Map IP addresses to IPX names
B. Map IP addresses to subnet addresses
C. Map IP addresses to domain names
D. Map IP addresses to logical addresses
E. Map IP addresses to NetBIOS names

Answer: E

QUESTION NO: 17

Which of the following Samba programs will listen for NetBIOS over IP name service requests?

A. nmbd
B. swat
C. named
D. smbd

Answer: A

QUESTION NO: 18

Which of the following best describes the function of nmbd?

A. It provides NetBIOS name resolution services to clients.
B. It provides file sharing and print services to clients.
C. It provides Active Directory services to clients.
D. It provides LDAP services to clients.

Answer: A

QUESTION NO: 19

Liz wants to grant administrative access to the users sam, bob, and erica. How should she edit the smb.conf file?

A. users =sam, bob, erica
B. root users =sam, bob, erica
C. admin users =sam, bob, erica
D. superusers = sam, bob, erica

Answer: C

QUESTION NO: 20

Which of the following methods should be used to make changes to the smbpasswd file?

A. Editing the /etc/shadow file
B. smbpasswd
C. adduser
D. useradd
E. Editing the /etc/passwd file
Answer: B

QUESTION NO: 21

Pete wants to configure Samba to be a WINS server. Which of the following must he do in the smb.conf file for Samba to do this?

A. Make sure the wins proxy parameter is set to "wins proxy = yes" and change the wins support parameter to "wins support = yes".
B. Make sure the wins support parameter is set to "wins support = yes" and change the wins proxy parameter to the appropriate IP address.
C. Make sure the wins server parameter is set to the appropriate IP address and change the wins support parameter to "wins support = yes".
D. Make sure the wins server parameter is set to "wins server = none" and change the wins support parameter to "wins support = yes." Configure the Windows 95/98 and NT clients.

Answer: D

QUESTION NO: 22

A system administrator has Samba running on a machine that has direct access to the Internet, as well as access to the local area network through two different network interfaces. As part of the

configuration, the administrator adds the lines below to smb.conf. Which of the following describes the function of these two lines?

interfaces = 192.168.1.0/255.255.255.0
bind interfaces only = yes

A. Samba will not accept connection requests from the 192.168.1 subnet.
B. Hosts outside the local area network will not be allowed to connect to the Samba shares.
C. Samba will only serve requests to the IP address 192.168.1.0.
D. Samba will use the IP address 192.168.1.0 when making DNS requests.

Answer: B

QUESTION NO: 23

An administrator has modified his smb.conf file with regards to the server's behavior during elections for preferred master browser. The two modified lines listed below cause which of the following

to take place?

preferred master = true
domain master = yes

A. nmbd will not hold elections for domain master.
B. smbd will hold elections for preferred master but not for domain master.
C. smbd will bypass the election process and become preferred master.
D. nmbd will hold elections with a guarantee of winning.

Answer: D

QUESTION NO: 24

Hans wants to change his SMB password on the local system. Which of the following should he type to do this?

A. smbpasswd -U <username>
B. smbpasswd -f /etc/passwd <username>
C. smbpasswd <username>
D. smbpasswd -U -F <username>

Answer: C

QUESTION NO: 25

An administrator has recently discovered many malicious attacks on a Samba server. The attacks originate from two rogue hosts (badhost1 and badhost2) in the NIS netgroup called "nisnet".
Which of the following smb.conf entries will allow any host from nisnet to access the Samba server except badhost1 and badhost2?

A. hosts allow = *.nisnet hosts deny = !badhost1, !badhost2
B. hosts allow =nisnet EXCEPT badhost1, badhost2 hosts deny = ALL
C. hosts allow = @nisnet hosts deny = ALL EXCEPT badhost1, badhost2
D. hosts allow = @nisnet hosts deny = badhost1, badhost2

Answer: D

QUESTION NO: 26

Phillipe, an administrator, would like to configure Samba as a domain client and has added the following lines to smb.conf. The domain client is not functioning properly. What is wrong with this
section of his smb.conf file?

security = domain
netbios name = bigsamba
domain name = mydomain
machine password timeout = 100

A. Line 2 should be "netbios name = true"
B. Line 3 should be "workgroup =mydomain"
C. Line 1 should be "domain = security"
D. Line 4 should be "machine password timeout = true"

Answer: B

QUESTION NO: 27

An administrator needs to define how files written to the server by users are handled. He has added the following lines to his smb.conf file in order to do this. Considering these lines, what will
be the permissions on a file that a user sets to 555?

security mask = 0777
force security mode = 0
directory security mask = 0777
force directory security mode = 0

A. 700
B. 000
C. 777
D. 555

Answer: D

QUESTION NO: 28

Palmer, an administrator working on a Linux/Windows NT network, has issued the command below. What is he doing?
rpcclient -S '\\NTmachine' -U administrator -W NTDOM

A. He is resetting the password and login on "NTmachine" to "NTDOM" and "administrator," respectively.
B. He is connecting to a Windows NT machine called "NTmachine" as administrator.
C. He is adding a Windows NT machine called "NTmachine" to Samba's list of secure systems.
D. He is defining the method by which RPCs connect to and communicate with the Samba server; in this case using a login and password combination.

Answer: B

QUESTION NO: 29

A system administrator is preparing to take down the system for routine maintenance. The network is primarily used for Samba services. Before upgrading to the latest Linux kernel, the administrator
wants to make sure there are no remaining connections. Which of the following programs can the administrator use to see the open connections?

A. traceroute
B. smbd
C. smbrowser
D. ping
E. smbstatus

Answer: E

QUESTION NO: 30

The system administrator is trying to set up a smbpasswd file from the /etc/passwd file. The system is not using NIS. Which of the following is the proper command line to produce the smbpasswd file

in the "/usr/local/samba/private/" directory?

A. mksmbpasswd.sh /usr/local/samba/private/smbpasswd
B. cat /etc/passwd | mksmbpasswd.sh > /usr/local/samba/private/smbpasswd
C. cat /etc/passwd > /usr/local/samba/private/smbpasswd
D. mksmbpasswd.sh | /etc/passwd > /usr/local/samba/private/smbpasswd

Answer: B

QUESTION NO: 31

Jacques, an administrator, has changed a smbpasswd file entry to the line below. What will happen when the user "steve" attempts to log in to the Samba server?

steve:1005:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX: \
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U ]:
\ LCT-00000000:steve smith:/home/ssmith:/usr/bin/ksh

A. He will be prompted to enter his current password.
B. He will be denied login.
C. He will be prompted for usual login with "NO PASSWORD" for a password.
D. He will be prompted to set a new password.

Answer: D

QUESTION NO: 32

Many smb.conf parameters take list arguments such as the hide files parameter. From the following, select the "hide files" parameter with the proper syntax that would prevent users from accessing

files with .mbx extensions and files beginning with samba.

A. hide files = .mbx, samba.
B. hide files = .mbx / samba.
C. hide files = "*.mbx","samba.*"
D. hide files = *.mbx / samba.*
E. hide files = *.mbx, samba.*

Answer: D

QUESTION NO: 33

You have two machines that run Linux on your LAN. host1 is running Samba while host2 is just a standard Linux machine. You run the command "smbclient -L host1" from host2 and receive the error

below. Which of the following is the most probable reason for this error?

added interface ip=192.168.1.48 bcast=192.168.1.255 nmask=255.255.255.0
session request to HOST1 failed (Not listening for calling name)
session request to *SMBSERVER failed (Not listening for calling name)

A. Thesmbd program is not running.
B. Thenetbios-ssn port is not in the appropriate state.
C. The "/etc/hosts.deny" file on host1 contains the IP address for host2.
D. The "valid users" parameter in host1'ssmb.conf file does not reference the guest account.
E. The "hosts deny" field insmb.conf contains host1's IP address.

Answer: E

QUESTION NO: 34

Dora, an administrator, would like to temporarily disable a share so she can change its contents. Which of the following should she add to smb.conf in the share's section to do this?

A. comment = off
B. fstype = no
C. available = no
D. public = no
E. browseable = false

Answer: C

QUESTION NO: 35

Pauline is the system administrator of a Local Area Network (LAN) that contains Linux and Windows clients. The LAN uses a file server that runs on a Windows NT server. In order to have fewer

servers on the network, Pauline wants to place all Linux users' home directories on the Windows server. Can the Linux machines be configured so that this is possible Why or why not?

A. Yes, by mounting the remote file system using NTFS instead ofsmb.
B. No, only localsmb file systems may be mounted on Linux systems.
C. Yes, an entry can be placed in /etc/fstab to mount smb file systems.
D. No,smb file systems cannot be mounted on Linux systems.

Answer: C

QUESTION NO: 36

Two daemons, smbd and nmbd, provide communication between Windows and Linux machines. Each daemon controls a portion of the work. Which of the following statements correctly match these daemons

with the jobs they perform? (Choose two.)

A. smbd performs file and print sharing.
B. smbd performs NetBIOS lookups.
C. nmbd performs NetBIOS lookups.
D. nmbd performs file and print sharing.

Answer: A,C

QUESTION NO: 37

Which of the following does the "create mask" parameter allow Samba to do?

A. It allows authentication for MS-DOS withUnix.
B. It allows Samba to overrideUnix and MS-DOS permissions.
C. It allows authentication forUnix with MS-DOS.
D. It allows Samba to map MS-DOS modes toUnix permissions.
E. It allows Samba to mapUnix permissions to MS-DOS modes.

Answer: D

QUESTION NO: 38

A Samba server is experiencing packet loss and data corruption when multiple users access a file simultaneously. Which of the following, if added to smb.conf, would most likely fix the problem?

A. fakeoplocks = no
B. lock files = yes
C. wins support = yes
D. file sharing = no
E. interfaces only = yes

Answer: A

QUESTION NO: 39

Which of the following does SWAT provide for administrators maintaining a Samba server?

A. An alternative to Samba
B. A simple command-line sharing monitor
C. A powerful security system
D. An easy-to-use, Web-based tool

Answer: D

QUESTION NO: 40

Isabella has recently enabled SSL support on a large Samba server and has issued the command below. What did Isabella accomplish with this command?

ssleay ca -days 100 -infiles client1-csr > client1.pem

A. She has removed the client (client1) certificate from the system.
B. She has "signed" the client (client1) certificate and authorized it to use the server.
C. She has created a temporary file (client1.pem) that generates a public certificate for the client (client1).
D. She has generated a public key (client1.pem) for the client.

Answer: B

QUESTION NO: 41

Nicolas, an administrator, needs to create a new log file for each client computer connecting to the Samba server. In the past, Nicolas entered each client computer name into smb.conf, but now he

is looking for a faster method to direct Samba to the correct log file for each computer. Which log path can Nicolas use so he does not have to manually enter each individual NetBIOS name?

A. /var/logs/samba.%g
B. /var/logs/samba.%m
C. /var/logs/samba.%h
D. /var/logs/samba.%n

Answer: B

QUESTION NO: 42

Michael is experiencing major security problems with his Samba server, and he would like to make all of the shares unbrowsable until he can resolve these problems. Which of the following parameters

should Michael change to accomplish his goal?

A. No share = yes
B. Browse list = no
C. Blocking = yes
D. Browse = no

Answer: B

QUESTION NO: 43

Which of the following are ways Samba resolves NetBIOS names? (Choose three.)

A. Reverse DNS lookups
B. LAN Manager Hosts table
C. Network broadcasts
D. Local name resolution through /etc/smbhosts
E. NetBIOS Name Server

Answer: B,C,E

QUESTION NO: 44

Bruce needs Samba to act as a Primary Domain Controller. The smbpasswd file is in "/usr/local/etc/smbpasswd." What should Bruce do in the smb.conf file to accomplish this?

A. Add the following line to the [global] section: encrypt passwords = yesusr/local/etc/smbpasswd
B. Add the following lines to the [global] section: encrypt passwords = nosmb passwd file = /usr/local/etc/
C. Add the following lines to the [global] section: encrypt passwords = yessmb passwd file = /usr/local/etc/smbpasswd
D. Add the following lines to the [homes] section: encrypt passwords = yessmb passwd file = /usr/local/etc/smbpasswd

Answer: C

QUESTION NO: 45

Matthew recently noticed problems in his Samba service when he was running the netstat program. It appears that TCP packets are progressing fine, but UDP packets are not. Which function of Samba

depends directly on UDP?

A. Mounting/unmounting of Samba shares
B. Translating NetBIOS names
C. Print sharing
D. File sharing

Answer: B

QUESTION NO: 46

Sharon has the share modes parameter in her smb.conf file set to "no." Given this information, which of the following is TRUE?

A. No remote Windows clients can access her Samba shares.
B. No remote Linux clients can access her Samba shares.
C. No remote guest accounts can access her Samba shares.
D. No network clients can access her Samba shares.

Answer: A

QUESTION NO: 47

Caroline, an administrator working with a hybrid cross-subnet, wants to force Samba to send server announcements between subnets. Which of the following should Caroline add to smb.conf to implement

this?

A. subnet announce = force
B. remote browse sync = <remote LMB IP address>
C. remote announce = <IP subnet list>
D. announce = force <IP subnet list>
E. lm announce = auto

Answer: C

QUESTION NO: 48

The system administrator needs to back up the contents of a smb share (docs) on a Windows client (winhost) onto the Linux network server. The administrator wants to back up to a tape drive. Which

of the following commands will allow this?

A. smbtar -s winhost -x /docs -u administrator -p abc123 -t /dev/nst0
B. smbmnt /mnt/winhost -u administrator -p abc123 /dev/nst0
C. smbtar //winhost/docs -u administrator%abc123 /dev/nst0
D. smbclient //winhost -u administrator%abc123 cat docs> /dev/nst0
E. smbclient //winhost/docs -u administrator%abc123 | tar -cf /dev/nst0

Answer: A

QUESTION NO: 49

Melissa needs to reconfigure a Samba server to include an additional share. How can she do this?

A. Edit thesmb.conf file or use SWAT.
B. Edit thesmbaccess.conf file or use BigBrother.
C. Edit thesmbpasswd.conf file or use SMBAdmin.
D. Edit thesmbshare.conf file or use WebSMB.

Answer: A

QUESTION NO: 50

An administrator would like to add a Samba server to an implemented Windows NT Domain (NTDOM). Which of the following smb.conf global entry excerpts contains the correct parameters to accomplish

this?

A. encrypt passwords = no security = share workgroup = NTDOM password server = *
B. encrypt passwords = yes security = domain workgroup = NTDOM password server = *
C. encrypt passwords = yes security = user workgroup = NTDOM password server = *
D. encrypt passwords = yes security = share workgroup = NTDOM password server = *

Answer: B