Top MCQs of Redhat Certified System Engineer (RHCE) EX300 Exam practice questions and answers with explanation for freshers and experienced candidates Page 15 -- Infibee

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Linux
RHCE

71.

Which of the following is not a common approach to prevent against brute-force attacks against SSH servers?

A.
Disable X11forwarding
B.
Have SSH listening on a nondefault port
C.
Disable password login
D.
Allow specific users only to log in

Answer & Explanation
Report

Answer : [A]
Explanation : Disabling X11 forwarding is a useful option to prevent remote users from using potentially vulnerable graphical applications remotely, but it does not help against brute-force attacks.

Report

Name

72.

Which of the following successfully limits SSH server access to users bob and lisa only?

A.
LimitUsers bob,lisa
B.
AllowedUsers bob lisa
C.
AllowUsers bob lisa
D.
AllowedUsers bob,lisa

Answer & Explanation
Report

Answer : [C]
Explanation :

The AllowUsers parameter is used to limit SSH server access to specific users only. The names of these users are provided as a space separated list.

Report

Name

73.

Which of the following commands must be used to provide nondefault port 2022 with the correct SELinux label?

A.
semanage ports -m -t ssh_port_t -p 2022
B.
semanage port -m -t ssh_port_t -p tcp 2022
C.
semanage ports -a -t sshd_port_t -p tcp 2022
D.
semanage port -a -t ssh_port_t -p tcp 2022

Answer & Explanation
Report

Answer : [D]
Explanation :

The semanage port command is used to change SELinux context labels on port. Use -a to add a new port, and use -t ssh_port_t to set the ssh_port_t type. The port itself is specified using -p tcp 2022 .

Report

Name

74.

Which of the following descriptions is correct for the MaxAuthTries option?

A.
After reaching the number of attempts specified here, the account will be locked.
B.
This option specifies the maximum number of login attempts. After reaching half the number specified here, additional failures are logged.
C.
After reaching the number of attempts specified here, the IP address where the login attempts come from is blocked.
D.
The number specified here indicates the maximum amount of login attempts per minute.

Answer & Explanation
Report

Answer : [B]
Explanation :

Blocking access to a user account in an SSH environment leads to a denial of service situation. This option starts logging failed attempts after reaching half of the number that is specified here.

Report

Name

75.

Which log file do you analyze to get information about failed SSH login attempts?

A.
/var/log/auth
B.
/var/log/authentication
C.
/var/log/messages
D.
/var/log/secure

Answer & Explanation
Report

Answer : [D]
Explanation :

SSH failed login attempts are logged to the syslog AUTHPRIV facility. This facility by default is configured to send information about failed attempts to the /var/log/secure file.

Report

Name

Pages
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Sitemap