Monthly Archives: March 2014

  • Passed NOVELL 050-728 Exam with Pass4sure and Lead2pass PDF & VCE (31-40)

    QUESTION 31
    Which filter will display all events of severity 3 and 4 and operating system of windows?

    A.    Filter(e.severity = 3 or e.severity = 4 and e.rv31 = “windows”)
    B.    Filter(e.severity = 3 and e.severity = 4 and e.rv31 = “windows”)
    C.    Filter(e.rv31 = “windows” or (e.severity = 3 or severity = 4))
    D.    Filter(e.rv31 = “windows” and (e.severity = 3 or severity = 4))

    Answer: C

    QUESTION 32
    Which Sentinel component can only run on windows platform?

    A.    Collector Builder
    B.    Correlation engine
    C.    Sentinel Data Manager
    D.    Sentinel Control Center

    Answer: A

    QUESTION 33
    You want to create a correlation that refers to a dynamic list naming your administrative resources. Which option should you choose in the Correlation Wizard to complete the rule?

    A.    Sequence
    B.    Composite
    C.    Aggregate
    D.    Custom/Freeform

    Answer: B

    QUESTION 34
    What is one purpose of using Taxonomy?

    A.    Simplify filtering
    B.    Define user roles
    C.    Maintain active view data
    D.    Transform data between events

    Answer: A

    QUESTION 35
    Which statement about right-click actions is true? (Choose 2)

    A.    You can mail iTRAC incident response history
    B.    You can pass global filter settings to a script
    C.    You can pass a Source IP addresses to a script
    D.    You can dynamically create a correlation rule
    E.    You can pass a Destination User Name to a URL

    Answer: AD
    Explanation:
    A: To send an event message by e-mail:
    In a Real Time Event Table, select an event or a group of events, right-click and select Email.
    D: In a Real Time Event Table of the Navigator or a Snapshot Real Time Event Table, select an
    event or a group of events and right-click and select Create Incident.

    QUESTION 36
    When is Referential data added?

    A.    In active views
    B.    At the correlation engine
    C.    After it enters the database
    D.    Before it enters the message bus

    Answer: C

    QUESTION 37
    Which component is used to edit Collectors written in Novell’s proprietary collector language?

    A.    Collector Builder
    B.    Solution Manager
    C.    Collector Manager
    D.    Event Source Manager

    Answer: A

    QUESTION 38
    Which protocol or service does the Control Center user to access the reporting engine?

    A.    HTTP
    B.    ODBC
    C.    DAS_PROXY
    D.    DAS-QUERY
    E.    DAS-BINARY

    Answer: A

    QUESTION 39
    Which correlation rule execute when an IDS event sourceIP matches a sourceIP from a past Firewall event in the last 60 seconds?

    A.    Filter(e.RV32=”IDS”) flow window(e.sip = w.sip, filter(e.RV32=”FW), 60)
    B.    Filter(e.RV32=”IDS” or e.RV32=”FW”) flow trigger(60,2,discriminator(e.sip))
    C.    Sequence(filter(e.RV32=”IDS” and e.sip match Subnet (192.168.255.100)), filter (e.RV32=”FW” and e.sip match Subnet (192.168.255.90))
    D.    Filter(e.RV32 = “IDS” and e.sip match subnet(192.168.1.1)) union filter(e.RV = “FW” and e.Sip match subnet(192.168.255.90))

    Answer: A

    QUESTION 40
    How can correlation rules be added to sentinel? (Choose 3)

    A.    Collector Builder
    B.    Import from remedy
    C.    Subscription Service
    D.    Import Solution Pack
    E.    Event Source Manager

    Answer: ABE

    If you want to pass NOVELL 050-728 successfully, donot missing to read latest lead2pass NOVELL 050-728 practice tests.
    If you can master all lead2pass questions you will able to pass 100% guaranteed.

    http://www.lead2pass.com/050-728.html

  • Passed NOVELL 050-728 Exam with Pass4sure and Lead2pass PDF & VCE (21-30)

    QUESTION 21
    Which Sentinel objects can be imported into Sentinel Control Center interface? (Choose 2)

    A.    Users
    B.    Global filters
    C.    Active views
    D.    Solution packs
    E.    iTRAC Workflow
    F.    Correlation rules

    Answer: CF
    Explanation:
    C: After creating an Activity, you can modify, import or export it.
    To import an Activity:
    1 Click iTRAC tab.
    2 In the Navigator, click iTRAC Administration > Activity Manager.
    3 Click Import/Export Activity icon. Import/Export Wizard window displays.
    4 Select Import Activity and click Explore.
    5 Navigate to your import file. Click Import.
    6 Click Next. You will see a list of activities that are imported.
    7 Click Next and click Finish.
    F: To Import a Correlation Rule:
    1 Open the Correlation Rules Manager window and click Import/Export Correlation Rule icon.
    Etc.

    QUESTION 22
    The Sentinel Correlation Engine Architecture is made up which components? (Choose 2)

    A.    DAS Query
    B.    Active views
    C.    Input manager
    D.    Action Manager
    E.    Solution Pack Controls

    Answer: AB
    Explanation:
    Note:
    * Sentinel Server Architecture

    image
    * A Sentinel Server is made up of the following components:
    / Communication Server
    / Correlation Engine
    / DAS
    / Collector Manager
    Any combination of the above components can be installed in a particular Sentinel Server.
    * DAS_Query Performs general Sentinel Service operations including Login and Historical Query.

    QUESTION 23
    Which actions are applicable as an iTRAC step? (Choose 4)

    A.    Mail Step
    B.    Logic Step
    C.    Manual Step
    D.    DropList Step
    E.    Decision step
    F.    Command step
    G.    UpdateList Step
    H.    Batch process Step

    Answer: ACEF
    Explanation:
    Steps are the basic components of a Template. Every Template must have a Start Step and an End
    Step. The Start Step exists by default. You can also add the following types of Steps to a Template:
    Mail Step
    Manual Step
    Decision Step
    Command Step
    Activity Step
    End Step

    QUESTION 24
    What operators can only be used when using the Custom/Freeform option in correlation wizard? (Choose 3)

    A.    Flow
    B.    Gate()
    C.    Filter()
    D.    IsNull()
    E.    InList()
    F.    Window()
    G.    Sequence()
    H.    Match subnet

    Answer: DEH
    Explanation:
    * Freeform rules are the only way to include certain functionality in a correlation rule. Freeform rules give you the ability to do the following:
    / Nest operations using parentheses (to specify order of operations) / (E) Use the inlist operator to refer to a dynamic list / (D)Use the isnull operator to refer to unpopulated fields / Use the w. prefix for a field name in the window operation to compare an incoming event’s value to a set of previous events
    * The match subnet operator can be used to build a condition where the value of a metatag maches a user-specified subnet specified in the rule in CIDR notation. This operator is used only for IP address fields.
    Example:
    filter(e.DestinationIP match subnet (10.0.0.1/22))
    Note:
    * The Sentinel Correlation Engine runs rules that are written in the Correlation RuleLg language.
    Rules are created in the Sentinel Control Center. Users can create rules using a wizard for the
    following rule types:
    / Simple Rule
    / Composite Rule
    / Aggregate Rule
    / (not G) Sequence Rule
    These rules are converted to the Correlation RuleLg language when the rules are saved. The same rule types, plus even more complex rules, can be created in the Sentinel Control Center using the Custom/Freeform option. To use the Custom/Freeform option, the user must have a good understanding of the Correlation RuleLg language.

    QUESTION 25
    What does a red line indicate in the tabular part of an active view?

    A.    A severe event occurred
    B.    A collector error occurred
    C.    Data was dropped by Sentinel
    D.    More events were received than could be displayed

    Answer: D

    QUESTION 26
    Which statement is true regarding roles used by ITRAC?

    A.    Users can be made a member of only one role
    B.    Users can be members of multiple roles at any one time
    C.    Users can be a member of one member role and many secondary roles
    D.    When a user is created, a new role is created for that user and the user may then be added to additional role

    Answer: B

    QUESTION 27
    You create and deploy a correlation rule with a Create incident action that also indicates an iTRAC workflow. After having the rule on for an hour, you find that the system has created several hundred workflow processes. What steps can you take to address this problem? (Choose 2)

    A.    Change the iTRAC settings in the configuration xml file
    B.    Configure the Data retention field in the Sentinel Data Manager
    C.    Set the maximum incidents setting to 10 in the correlation action definition
    D.    Adjust the definition of the rule so the threshold for triggering an event is higher
    E.    Change the Update Criteria to do not perform actionsevery time this rule fires for the next 1 hour

    Answer: AC

    QUESTION 28
    Which Incident field provides a GUI option to configure the items in the drop-down list?

    A.    State
    B.    Priority
    C.    Severity
    D.    Category
    E.    Originator

    Answer: B

    QUESTION 29
    When using the Correlation rule Wizard, which option would you select to create the RuleLG filter (e.rv32=*FW* and e.Severity = 3)

    A.    Simple
    B.    Sequence
    C.    Aggregate
    D.    Composite

    Answer: D

    QUESTION 30
    What happens when a user accepts a worklist item assigned to an iTRAC role?

    A.    The administrator receives an email notification
    B.    The user’s profile information is attached to the incident
    C.    An assignment is made in the USERS table of the database
    D.    The worklist item is removed from the worklist for the other users in that role

    Answer: D

    If you want to pass NOVELL 050-728 successfully, donot missing to read latest lead2pass NOVELL 050-728 exam questions.
    If you can master all lead2pass questions you will able to pass 100% guaranteed.

    http://www.lead2pass.com/050-728.html

  • Passed NOVELL 050-728 Exam with Pass4sure and Lead2pass PDF & VCE (11-20)

    QUESTION 11
    Which are standard methods in creating Incidents? (Choose 3)

    A.    Create an incident from a dynamic list
    B.    Start an iTrac process with an import events step.
    C.    Create an empty incident and populate it with events
    D.    Generate a Crystal Report and click the create Incident link.
    E.    Use custom filter scripts to configure collectors to create an incident
    F.    Select events from within an active view and add to an existing incident
    G.    Associate a preconfigured correlation action to create an incident when a rule fires

    Answer: CFG
    Explanation:
    C: To create an Incident:
    / Click Incidents > Create Incident, or click Create Incident button on the Tool Bar. The New Incident window displays.

    image
    Etc
    F: In a Real Time Event Table of the Navigator or a Snapshot Real Time Event Table, select an
    event or a group of events and right-click and select Create Incident.
    G: Create Incident
    Figure, Configure Action- Create Incident

    image
    This type of action can only be used in Correlation deployments

    QUESTION 12
    By which method do the Collector managers use to connect to the iScale Message Bus? (Choose 2)

    A.    FTP
    B.    SNMP
    C.    Proxy
    D.    Direct
    E.    Advanced script

    Answer: CD
    Explanation:
    There are two communication options available when installing the Collector Manager:
    * Connect directly to the message bus (default)
    * Connect to the message bus through the proxy:

    QUESTION 13
    You have modified your Collectors so they put Department in a custom variable (CV68) when you open an Active view, the column is still labeled CV66. Which menu options would you use to change the column label to Department?

    A.    Active view > properties
    B.    Admin > event Configuration
    C.    Active views > Event Management
    D.    Event Source management > Columns

    Answer: D

    QUESTION 14
    Which feature allows you to dynamically filter and drill down in a set of historical events?

    A.    Raw Data Tap
    B.    Active Browser
    C.    Historical Event Query
    D.    Crystal Reports on Analysis tab

    Answer: C

    QUESTION 15
    Which compatible variable types are used in iTRAC templates? (Choose 3)

    A.    Bye
    B.    Word
    C.    Class
    D.    Charo
    E.    String
    F.    Integer
    G.    Boolean

    Answer: EFG
    Explanation:
    Variables
    The user can also be asked to set one or more variables to appropriate values. Four variable types
    can be assigned to manual steps: (1) Integer, (2) Boolean, (3) String and (4) Float.

    QUESTION 16
    Which of the following RuleLG commands acts as an AND function?

    A.    Flow
    B.    Union()
    C.    Sequence()
    D.    Intersection()

    Answer: D

    QUESTION 17
    Active views can be viewed by which chart types? (Choose 2)

    A.    Ribbon
    B.    Public: All
    C.    Virtual mode
    D.    Severity Level
    E.    Stacked Bar 2D

    Answer: AE
    Explanation: Under the Chart Types tab, you can set your chart to Stacked Bar2D, Bar 3D, Line or Ribbon.

    image

    QUESTION 18
    Which statement is true regarding Transaction?

    A.    A transaction does not support timeouts.
    B.    A transaction connects two steps in workflow template
    C.    A transaction imports additional events into an iTRAC process
    D.    A transaction modifies the template at the beginning or end of the process

    Answer: AC

    QUESTION 19
    You have created a custom .csv file to match IP addresses in your network to Department name and point of Contact. Which tools do you need to use in order to include Department Name and point of Contact in your incoming event stream from the Collectors? (Choose 2)

    A.    Filter Manager
    B.    Correlation Engine
    C.    Event configuration
    D.    Mapping configuration
    E.    Event Source Management

    Answer: CD
    Explanation:
    C: Event Configuration include Event Mapping.
    D: Event Mapping is a mechanism that allows you to add data to an event by using data already in the event to reference and pull in data from an outside source.
    Note:
    * A map is a collection of values and keys defined in a CSV or text file. You can enrich your data by using maps. With the help of maps you can add additional information to the incoming events from your source device.
    * Sentinel injects business-relevant contextual data directly into the event stream. It includes up to 135 customizable fields where users can add in asset specific information such as business unit, owner, asset value, geography. After this information is added into the system, all other components can take advantage of the additional context.
    * The Collectors parse the data and deliver a richer event stream by injecting taxonomy, exploit
    detection and business relevance into the data stream before events are correlated and analyzed and sent to the database.
    Incorrect:
    Not B: The Correlation Engine (correlation_engine) process receives events from the Collector Manager
    and publishes correlated events based on user-defined correlation rules.

    QUESTION 20
    You want to create a correlation action that executes a JavaScript action. Which option should you choose?

    A.    Create java
    B.    Create Incident
    C.    Execute a Script
    D.    Execute a command

    Answer: D

    If you want to pass NOVELL 050-728 successfully, donot missing to read latest lead2pass NOVELL 050-728 dumps.
    If you can master all lead2pass questions you will able to pass 100% guaranteed.

    http://www.lead2pass.com/050-728.html

  • Passed NOVELL 050-728 Exam with Pass4sure and Lead2pass PDF & VCE (1-10)

    QUESTION 1
    To achieve better system performance and scalability in regards to Event collection and processing, which Sentinel components can you install multiple instances of? (Choose 2)

    A.    Reporting server
    B.    Solution Designer
    C.    Collection Manager
    D.    Correlation engine
    E.    Sentinel Control centre

    Answer: CD
    Explanation:
    At most one Communication Server and DAS component can be installed across all
    Sentinel Servers in a distributed Sentinel installation. On the other hand, multiple instances of
    Correlation Engine and Collector Managers are allowed.

    QUESTION 2
    Which actions does the Right click option on events within an Active View allow an Administrator to perform? (Choose 3)

    A.    Email
    B.    Create Incident
    C.    Add to Incident
    D.    Connect to advisor
    E.    Display DAS statistics
    F.    Create iTRAC template

    Answer: ABC
    Explanation:
    A: To send an event message by e-mail:
    In a Real Time Event Table, select an event or a group of events, right-click and select Email.
    B: To create an incident:
    In a Real Time Event Table of the Navigator or a Snapshot Real Time Event Table, select an
    event or a group of events and right-click and select Create Incident.

    image
    C: To add events to an incident:
    In a Real Time Event Table or a Snapshot, select an event or a group of events and right- click.
    Click Add To Incident.

    QUESTION 3
    What compliance and regulatory Solution Pack is the first one offered for sale by Novell?

    A.    Sarbanes-Oxley
    B.    GLBA (Gramrn-Leach-Bliley Act)
    C.    PCI-DSS(Payment Card Industry)
    D.    HIPAA(Health insurance portability and accountability)

    Answer: D

    QUESTION 4
    Which RuleLG operation compares the current event to a set of past events that are stored in temporary memory?

    A.    Flow
    B.    Filter()
    C.    Trigger()
    D.    Window

    Answer: D

    QUESTION 5
    You want to configure a menu action to execute a script against an event on an Active View. Where do you need to store the script?

    A.    The exec directory of the Sentinel Communication Server
    B.    The config directory of Sentinel Communication Server
    C.    The exec directory of every Sentinel control centre machine
    D.    The script directory of every Sentinel control centre machine

    Answer: C

    QUESTION 6
    Which component is used to communicate with the Sentinel database?

    A.    iScale
    B.    DAS RT
    C.    DAS PROXY
    D.    DAS binary

    Answer: C

    QUESTION 7
    Which attributes influence when an element is removed from a Dynamic list? (Choose 3.)

    A.    Database capacity
    B.    Element life span
    C.    Maximum number of elements
    D.    Persistent/transient setting
    E.    Sentinel data manager scheduling
    F.    Amount of memory on iScale message Bus
    G.    Number of correlation rules that are deployed

    Answer: BCD
    Explanation:
    There are several ways an element can be removed from a Dynamic List.
    / A user can remove it manually
    / (The element can be removed by a correlation rule action / (BD) The Transient elements life span can expire / (C) If the maximum number of elements for a Dynamic List is reached, elements are removed from
    the list to keep the list at or below the maximum list size. The transient elements are removed
    (from oldest to newest) before any persistent elements are removed.

    QUESTION 8
    Which functions are performed using the Sentinel Data Manager? (Choose 2)

    A.    User creation
    B.    Manual achieving
    C.    Database creation
    D.    Raw Event Storage
    E.    Re-import partitions
    F.    Correlation rule Management

    Answer: BE
    Explanation:
    Sentinel Data Manager (SDM) allows you to manage the Sentinel Database. You can perform the following operations in the SDM:
    * Monitor Database Space Utilization
    * (E) View and Manage Database Partitions
    * (B) Manage Database Archives
    * Import Data into the Database

    QUESTION 9
    Which Sentinel objects can contain one or more events? (Choose 2)

    A.    Ticket
    B.    Incident
    C.    Collector
    D.    Integrator
    E.    Correlation event

    Answer: BC
    Explanation:
    B:
    * An incident is a set of events that require attention (for example, a possible attack).
    *
    C: The real-time attacks that are generated as events are loaded into the Sentinel database by using the intrusion detection systems or vulnerability type Collectors.

    QUESTION 10
    Which source can Sentinel 8 user for incorporating referential data?

    A.    Local csv file
    B.    Persistent lists
    C.    Correlation engine
    D.    Events table in the database

    Answer: D

    If you want to pass NOVELL 050-728 successfully, donot missing to read latest lead2pass NOVELL 050-728 practice tests.
    If you can master all lead2pass questions you will able to pass 100% guaranteed.

    http://www.lead2pass.com/050-728.html

  • 2014 Latest LPI Exam 117-201 Stimulators Free Download(91-100)

    QUESTION 91
    Which single parameter, when passed to nmap, will instruct nmap to perform a fast scan? (Provide only the option)
    Answer: -F

    QUESTION 92
    Which directory contains the PCMCIA configuration files?
    Answer: /etc/pcmcia

    QUESTION 93
    After configuring a new 2.4 series kernel, all dependencies, such as include files, need to be created. How can this be achieved? Please enter the complete command.
    Answer: make dep

    QUESTION 94
    You have installed some new libraries, but these are not available to programs and are not listed by ldconfig -p. What file should the path to the libraries be added to, before running ldconfig?
    Answer: /etc/ld.so.conf

    QUESTION 95
    You are not sure whether the kernel has detected a piece of hardware in your machine. What command, without options or parameters, should be run to present the contents of the kernel ring- buffer?
    Answer: /bin/dmesg

    QUESTION 96
    According to the tcpdump output below, what is the IP address of the client host?
    14:17:19.225220 IP 192.168.1.106.33239 > 192.168.1.127.22: S 4158312222, win 5840, options [mss 1460,sackOK,TS val 806043 ecr 0,nop,wscale 6]
    14:17:19.242943 IP 192.168.1.127.22 > 192.168.1.106.33239: S. 4013568495 ack 4158312223, win 5792, options [mss 1460,sackOK,TS val 565852 ecr 806043,nop, wscale 6]
    14:17:19.243111 IP 192.168.1.106.33239 > 192.168.1.127.22: . ack 1, win 92, options [nop,nop,TS val 806045 ecr 565852] 14:17:19.264654 IP 192.168.1.127.22 > 192.168.1.106.33239: P. seq 1:40, ack 1, win 91, options [nop,nop,TS val 565856 ecr 806045]
    Answer: 192.168.1.106

    QUESTION 97
    Which chkconfig command will display whether or not the service ldap is configured to start in each runlevel? (Provide the command and any options or parameters)
    Answer: chkconfig –list ldap

    QUESTION 98
    On a server running the 2.6.27-11 Linux kernel, which file in the/boot directory contains the kernel configuration parameters?
    Answer: config-2.6.27-11

    QUESTION 99
    Which program lists information about files opened by processes and produces output that can be parsed by other programs?
    Answer: lsof

    QUESTION 100
    Please enter the complete path to the main configuration file for syslogd, which logs system messages on Linux systems?
    Answer: /etc/syslog.conf

    If you want to pass the LPI 117-201 sucessfully, recommend to read latest Exam 117-201 full version.

    http://www.lead2pass.com/117-201.html

  • 2014 Latest LPI Exam 117-201 Stimulators Free Download(81-90)

    QUESTION 81
    When compiling kernel modules, which make target will remove most generated files but keep the config file and enough build support to build external modules? (Please enter only the make target and no other words)
    Answer: clean

    QUESTION 82
    You need to recover some data from a magnetic tape and it is the second file on the media. The following command is being attempted:
    mt -f /dev/nst0 _______
    What is the mt operation that will position the tape on the first block of the second file? (Please specify the operation with no other parameters)
    Answer: asf 2

    QUESTION 83
    The users of the local network complain that name resolution is not fast enough. Enter the command, without the path or any options, that shows the time taken to resolve a DNS query.
    Answer: dig

    QUESTION 84
    Which option, when passed to the hostname command, will return the name of the DNS domain? (Provide only the option)
    Answer: -d

    QUESTION 85
    What tool can be used to send kernel boot messages to a remote server?
    Answer: netconsole

    QUESTION 86
    Which directory in /dev/disk/ can be used to determine the UUID of a connected hard disk?
    Answer: by-uuid

    QUESTION 87
    What command will search for physical defects on a hard drive and will mark these defects so that they are no longer used? (Please specify the command with no path information)
    Answer: badblocks

    QUESTION 88
    Which command will prevent the service ldap from starting on a Debian system in all runlevels,
    forcing the removal of all symlinks in /etc/rcX.d? (Provide the command without any options or parameters)
    Answer: update-rc.d

    QUESTION 89
    What command will remove the physical volume /dev/sda4 from the volume group /dev/vg0?
    (Provide the command with options and parameters)
    Answer: vgreduce /dev/vg0 /dev/sda4

    QUESTION 90
    In order to provide notices and information to users when they log in to a server, what file must be modified to give these notices? (Please provide the file with full path information)
    Answer: /etc/motd

    If you want to pass the LPI 117-201 sucessfully, recommend to read latest Exam 117-201 full version.

    http://www.lead2pass.com/117-201.html

  • 2014 Latest LPI Exam 117-201 Stimulators Free Download(71-80)

    QUESTION 71
    Consider the following /etc/fstab file:
    /dev/hda1 swap swap defaults 0 0
    /dev/hda2 / ext2 defaults 1 1
    /dev/hda3 /home ext2 defaults 1 2
    none /proc proc defaults 0 0
    /dev/fd0 /media/floppy vfat user,noauto 0 0
    What command can an ordinary (non-root) user use to mount a floppy disk in this system? (Please enter the command with all parameters and/or options)
    Answer: mount /dev/fd0

    QUESTION 72
    How can the label root be added to the ext2 file-system on /dev/sda1? Please enter the command with all parameter(s) and/or option(s):
    Answer: tune2fs -L root /dev/sda1

    QUESTION 73
    How can a journal added, non-destructively, to the ext2 file-system on /dev/dg/lv05?
    Please enter the command with all parameter(s):
    Answer: tune2fs -j /dev/dg/lv05

    QUESTION 74
    You want to change the file that contains the message which is used at the login prompt when users log in locally. Please enter the file including the path.
    Answer: /etc/issue

    QUESTION 75
    Which environment variable you have to setup to use shared libraries that are not in the standard search path?
    Answer: LD_LIBRARY_PATH

    QUESTION 76
    You wish to notify all users that you have to take down a service on which they rely. What command will allow you to send a message to all currently logged on users? Enter only the command, not the path.
    Answer: wall

    QUESTION 77
    According to the configuration below, what is the e-mail address of the administrator for this domain?
    $TTL 86400
    $ORIGIN lpi.org
    @ IN SOA test.lpi.org hostmaster.lpi.org (
    2005010101
    10800
    604800
    86400 )
    Answer: [email protected]

    QUESTION 78
    When configuring a new kernel, what file under /usr/src/linux/ contains the configuration?
    Answer: .config

    QUESTION 79
    What is the command that will extract information, such as module parameters, from the Linux Kernel modules and print this information to the command line? (Please specify only the command with no path information)
    Answer: modinfo

    QUESTION 80
    In which directory is the Linux kernel documentation be found?
    Answer: /usr/src/linux/Documentation

    If you want to pass the LPI 117-201 sucessfully, recommend to read latest Exam 117-201 full version.

    http://www.lead2pass.com/117-201.html

  • 2014 Latest LPI Exam 117-201 Stimulators Free Download(61-70)

    QUESTION 61
    In order to generate a pair of asymmetric keys to use during an SSH connection, please choose the correct command to use?

    A.    ssh-keygen -t dsa
    B.    ssh-agent
    C.    sshd
    D.    ssh-agent -t dsa
    E.    ssh-keyscan -t dsa

    Answer: A

    QUESTION 62
    Consider the following output from df -i:
    Filesystem Inodes IUsed IFree IUse% Mounted on
    /dev/md0 1966080 45044 1921036 3% /
    none 125731 712 125019 1% /dev
    none 127729 1 127728 1% /dev/shm
    none 127729 17 127712 1% /var/run
    none 127729 2 127727 1% /var/lock
    none 1966080 45044 1921036 3% /var/lib/ureadahead/debugfs
    /dev/sde1 0 0 0 – /mnt
    What filesystem does /dev/sde1 most likely use?

    A.    ext2
    B.    ext3
    C.    reiserfs
    D.    xfs

    Answer: C

    QUESTION 63
    Why shouldn’t you use the options -z and -j when using tar with a magnetic tape backup?

    A.    In case of damaged tape uncompressed tar archives may allow partial recovery of the backup
    B.    Standard Linux compression software and hardware compresion in the tape drive will cause bigger files on the tapes.
    C.    Standard Linux compression software won’t be able to write to sequential tape media.
    D.    Backup and restore performance will be better if we don’t introduce the compression delay into the process
    E.    The tape drive hardware-based compression achieves higher compression rates than either gzip or bzip2 software based compression.

    Answer: A

    QUESTION 64
    Using only commands included with named, what is the command, with options or parameters, to make named re-read its zone files?
    Answer: rndc reload

    QUESTION 65
    Which file contains configuration data for automount? Please enter the complete path.
    Answer: /etc/auto.master

    QUESTION 66
    On a system with separate partitions for /, /usr, /var & /tmp, which filesystem can safely be mounted read-only?
    Answer: /usr

    QUESTION 67
    Which mount option must be used in the example /etc/fstab entry below, to ensure that a specific filesystem is not mounted when the system is booted?
    /dev/hdd /media/cdrom iso9660 _____________________,ro 0 0
    Answer: noauto

    QUESTION 68
    With which command can the reserved blocks on /dev/hda1 be displayed? (Enter the command with all parameters and/or options)
    Answer: tune2fs -l /dev/hda1

    QUESTION 69
    After a lot of write operations, the changes should be written to the disk.
    Please enter the appropriate command, without the path or any options or parameters, that would achieve this.
    Answer: sync

    QUESTION 70
    What is the correct parameter to pass to the kernel at boot time to force it to use only one of the available processors?
    Answer: nosmp

    If you want to pass the LPI 117-201 sucessfully, recommend to read latest Exam 117-201 full version.

    http://www.lead2pass.com/117-201.html

  • 2014 Latest LPI Exam 117-201 Stimulators Free Download(51-60)

    QUESTION 51
    Which THREE statements concerning automounter are true?

    A.    The autofs service does not need to be restarted after changing automounter map files
    B.    Only one entry in master map can refer to each map file
    C.    The automounter service does not rely on the kernel configuration
    D.    For each entry in auto.master, a separate automounter daemon is started
    E.    Changes to auto.master require automounter to reload its configuration

    Answer: ADE

    QUESTION 52
    What are typical targets in a makefile?

    A.    CFLAGS, CPPFLAGS, LIBS, LDFLAGS
    B.    clean, install, uninstall
    C.    PATHS, DESTDIR, LIBS, LDFLAGS
    D.    prefix, exec_prefix, bindir, mandir

    Answer: B

    QUESTION 53
    Which single command will extract data from the file abc.tar.bz2

    A.    bunzip2
    B.    tar
    C.    gzip
    D.    gunzip

    Answer: B

    QUESTION 54
    How would you run named inside a chroot jail as user nobody and group nogroup?

    A.    Add “user nobody; group nogroup; chroot /var/named/root” to named.conf
    B.    named runs as nobody/nogroup by default, so just invoke it as “name –chroot /var/named/root”
    C.    Use /usr/bin/chroot after running “chown nobody.nogroup named”
    D.    Invoke named as “named -t /var/named/root -u nobody”

    Answer: D

    QUESTION 55
    Where should the LILO code reside, on a system with only one installation of Linux and no other operating systems?

    A.    In the master boot record
    B.    In the boot sector
    C.    In the /boot directory
    D.    At the start of the kernel

    Answer: A

    QUESTION 56
    The Human Interface Device (HID) is being used, which of the following represents a USB mouse connected to the PC?

    A.    /dev/psaux
    B.    /dev/ttyS0
    C.    /dev/input/mice
    D.    /dev/usb/mouse0
    E.    /dev/ttyUSB0

    Answer: C

    QUESTION 57
    Select the TWO correct alternatives regarding the kill -9 command:

    A.    Its use should be avoided and other alternatives should be tried before it.
    B.    Its use can occasionally cause the data loss.
    C.    It is possible that zombie processes can be created as a consequence of its use.
    D.    It can always be used with no restrictions.
    E.    Its frequent use can increase the RAM utilization.

    Answer: AB

    QUESTION 58
    The server has two network cards. The driver for the first card is the module 8139too and the driver for the second card is the module ne2k-pci. How is it possible to ensure that the card using the 8139too driver is detected before the card using the ne2k-pci driver?

    A.    modprobe 8139too dev=eth0; modprobe ne2k-pci dev=eth1
    B.    install mod 8139too; install mod ne2k-pci
    C.    modprobe eth0=8139too, eth1=ne2k-pci
    D.    ifconfig modadd eth0=8139too, eth1=ne2k-pci
    E.    modprobe 8139too; modprobe ne2k-pci

    Answer: A

    QUESTION 59
    Which of these would be the simplest way to configure BIND to return a different version number to queries?

    A.    Compile BIND with the option -blur-version=my version.
    B.    Set version-string “my version” in BIND’s configuration file.
    C.    Set version “my version” in BIND’s configuration file.
    D.    Set version=my version in BIND’s configuration file.
    E.    Set version-bind “my version” in BIND’s configuration file.

    Answer: C

    QUESTION 60
    An administrator has placed an executable in the directory /etc/init.d, however it is not being executed when the system boots into runlevel 2. What is the most likely cause of this?

    A.    The script has not been declared in /etc/services
    B.    runlevel 2 is not declared in /etc/inittab
    C.    The script has the permissions 700 and is owned by root
    D.    A corresponding link was not created in /etc/rc2.d

    Answer: D

    If you want to pass the LPI 117-201 sucessfully, recommend to read latest Exam 117-201 full version.

    http://www.lead2pass.com/117-201.html

  • 2014 Latest LPI Exam 117-201 Stimulators Free Download(41-50)

    QUESTION 41
    What is a significant difference between host and zone keys generated by dnssec-keygen?

    A.    There is no difference.
    B.    Zone key files contain a public and private key.
    C.    Host keys files contain a public and private key.
    D.    Host keys must always be generated if DNSSEC is used; zone keys are optional
    E.    Zone keys must always be generated if DNSSEC is used; host keys are optional

    Answer: B

    QUESTION 42
    A system is running out of swap space. To initialise 5GB of additional swap space, which combination of commands should be used?

    A.    dd if=/dev/zero of=/tmp/swapfile bs=1024 count=5120000;
    mkswap /tmp/swapfile;
    swapon /tmp/swapfile
    B.    dd if=/dev/zero of=/tmp/swapfile bs=1024 count=5120000;
    swap on /tmp/swapfile
    C.    dd if=/dev/zero of=/tmp/swapfile bs=1024 count=5120000;
    mkswap /tmp/swapfile;
    mount /tmp/swapfile
    D.    touch -5G /tmp/swapfile;
    swapon /tmp/swapfile
    E.    mkswap /tmp/swapfile 512000;
    swapon /tmp/swapfile

    Answer: A

    QUESTION 43
    Hundreds of people log in to a server from remote locations per day. Which of the following commands show remote SSH, FTP & telnet sessions for a particular day?

    A.    cat /var/log/messages | grep “‘date “+%b %e”‘” | egrep ‘(telnet|ssh|ftp)’
    B.    cat /var/log/messages | egrep ‘(telnet|ssh|ftp)’
    C.    cat /var/log/messages | grep “`date “+%b %e”`” | grep -E ‘(telnet|ssh|ftp)’
    D.    cat /var/log/messages | date | egrep ‘(telnet|ssh|ftp)’
    E.    cat /var/log/messages > grep “‘date “+%b %e”‘” > egrep ‘(telnet\ssh\ftp)’

    Answer: AC

    QUESTION 44
    What command is used to mount a floppy disk image under /mnt/floppy?

    A.    mount -1 root.img /mnt/floppy
    B.    mount –loop root.img /mnt/floppy
    C.    mount root.img /mnt/floppy
    D.    mount root.img
    E.    mount -o loop root.img /mnt/floppy

    Answer: E

    QUESTION 45
    What information can be found in the log file specified by the status parameter in OpenVPN’s server.conf? (Select TWO correct answers)

    A.    Errors and warnings generated by the openvpn daemon
    B.    Routing information
    C.    Statistical information regarding the currently running openvpn daemon
    D.    A list of currently connected clients
    E.    A history of all clients who have connected at some point

    Answer: BD

    QUESTION 46
    After changing the default runlevel in the init configuration file, the system boots in a different than the intended runlevel. Where else could be this different runlevel be defined?

    A.    Nowhere. The init configuration file wasn’t properly modified
    B.    In the boot loader configuration file
    C.    In /etc/ runlevel under default
    D.    In the initrd image file
    E.    In the /etc/rc.d/rc.local file

    Answer: B

    QUESTION 47
    A BIND server should never answer queries from certain networks or hosts. Which configuration directive could be used for this purpose?

    A.    deny-query { …; };
    B.    no-answer { …; };
    C.    deny-answer { …; };
    D.    deny-access { …; };
    E.    blackhole { …; };

    Answer: E

    QUESTION 48
    What is the purpose of a PTR record?

    A.    To provide name to IP resolution.
    B.    To provide IP to name resolution.
    C.    To direct email to a specific host.
    D.    To provide additional host information.
    E.    To direct clients to another nameserver.

    Answer: B

    QUESTION 49
    What directive can be used in named.conf to restrict zone transfers to the 192.168.1.0/24 network?

    A.    allow-transfer { 192.168.1.0/24; };
    B.    allow-transfer { 192.168.1.0-192.168.1.0.255; };
    C.    allow-axfr { 192.168.1.0/24; };
    D.    allow-xfer { 192.168.1.0/24; };

    Answer: A

    QUESTION 50
    To securely use dynamic DNS updates, the use of TSIG is recommended. Which TWO statements about TSIG are true?

    A.    TSIG is used for zone data encryption
    B.    TSIG is a signal to start a zone update
    C.    TSIG is used in zone files
    D.    TSIG is used only in server configuration
    E.    Servers using TSIG must be in sync (time zone!)

    Answer: DE

    If you want to pass the LPI 117-201 sucessfully, recommend to read latest Exam 117-201 full version.

    http://www.lead2pass.com/117-201.html

  • Pages: 1 2 3
Posts navigation