EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following statements are valid wireshark capture filters? (Choose TWO correct answers.)

Question2: Which of the following DNS record types can the command dnssec-signzone add to a zone? (Choose THREE correct answers.)

Question3: Which of the following methods can be used to deactivate a rule in Snort? (Choose TWO correct answers.)

Question4: Which of the following openssl commands generates a certificate signing request (CSR) using the already existing private key contained in the file private/keypair.pem?

Question5: Which of the following database names can be used within a Name Service Switch (NSS) configuration file? (Choose THREE correct answers).

Question6: What happens when the command getfattr afile is run while the file afile has no extended attributes set?

Question7: SIMULATION
What command is used to update NVTs from the OpenVAS NVT feed? (Specify ONLY the command without any path or parameters).

Question8: SIMULATION
Which directive is used in an OpenVPN server configuration in order to send network configuration information to the client? (Specify ONLY the option name without any values or parameters.)

Question9: When OpenVPN sends a control packet to its peer, it expects an acknowledgement in 2 seconds by default. Which of the following options changes the timeout period to 5 seconds?

Question10: What effect does the following command have on TCP packets?
iptables- A INPUT -d 10.142.232.1 -p tcp --dport 20:21 -j ACCEPT

Question11: Which of the following commands adds a new user usera to FreeIPA?

Question12: What is the purpose of the program snort-stat?

Question13: Which of the following commands makes the contents of the eCryptfs encrypted directory ~/Private available to the user?

Question14: Which of the following commands adds users using SSSD's local service?

Question15: Which of the following expressions are valid AIDE rules? (Choose TWO correct answers.)

Question16: Which of the following lines in an OpenSSL configuration adds an X 509v3 Subject Alternative Name extension for the host names example.org and www.example.org to a certificate?

Question17: Which of the following keywords are built-in chairs for the iptables nat table? (Choose THREE correct answers.)

Question18: SIMULATION
Which command is used to run a new shell for a user changing the SELinux context? (Specify ONLY the command without any path or parameters.)

Question19: Which of the following commands disables the automatic password expiry for the user usera?

Question20: What is the purpose of IP sets?

Question21: SIMULATION
Which command, included in BIND, generates DNSSEC keys? (Specify ONLY the command without any path or parameters.)

Question22: Which of the following statements is true about chroot environments?

Question23: Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?

Question24: Given a proper network and name resolution setup, which of the following commands establishes a trust between a FreeIPA domain and an Active Directory domain?

Question25: SIMULATION
Which option in an Apache HTTPD configuration file enables OCSP stapling? (Specify ONLY the option name without any values or parameters.)

Question26: An X509 certificate contains the following information:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
Which of the following statements are true regarding the certificate? (Choose THREE correct answers.)

Question27: Which of the following commands displays all ebtable rules contained in the table filter including their packet and byte counters?

Question28: Which of the following statements is used in a parameter file for setkey in order to create a new SPD entry?

Question29: Which of the following prefixes could be present in the output of getcifsacl? (Choose THREE correct answers.)

Question30: How are SELinux permissions related to standard Linux permissions? (Choose TWO correct answers.)

Question31: Which of the following statements are true regarding the certificate of a Root CA? (Choose TWO correct answers.)

Question32: Which of the following authentication methods was added to NFS in version 4?

Question33: Which of the following sections are allowed within the Kerberos configuration file krb5.conf? (Choose THREE correct answers.)

Question34: Which of the following statements is true regarding eCryptfs?

Question35: Which of the following commands defines an audit rule that monitors read and write operations to the file/ etc/firewall/rules and associates the rule with the name firewall?

Question36: Which of the following information, within a DNSSEC- signed zone, is signed by the key signing key?

Question37: Which of the following stanzas is a valid client configuration for FreeRADIUS?

Question38: Which of the following parameters to openssl s_client specifies the host name to use for TLS Server Name Indication?

Question39: Which of the following statements describes the purpose of ndpmon?

Question40: Which of the following resources of a shell and its child processes can be controlled by the Bash build-in command ulimit? (Choose THREE correct answers.)

Question41: Which of the following are differences between AppArmor and SELinux? (Choose TWO correct answers).

Question42: Which of the following configuration options makes Apache HTTPD require a client certificate for authentication?

Question43: A LUKS device was mapped using the command:
cryptsetup luksOpen/dev/sdal crypt-vol
Given that this device has three different keys, which of the following commands deletes only the first key?

Question44: SIMULATION
What option of mount.cifs specifies the user that appears as the local owner of the files of a mounted CIFS share when the server does not provide ownership information? (Specify ONLY the option name without any values or parameters.)

Question45: In which path is the data, which can be altered by the sysctl command, accessible?

Question46: SIMULATION
Which PAM module checks new passwords against dictionary words and enforces complexity? (Specially the module name only without any path.)

Question47: Which of the following types can be specified within the Linux Audit system? (Choose THREE correct answers.)

Question48: SIMULATION
Which command included in the Linux Audit system provides searching and filtering of the audit log?
(Specify ONLY the command without any path or parameters.)

Question49: Which of the following commands changes the source IP address to 192.0.2.11 for all IPv4 packets which go through the network interface eth0?

Question50: Which command revokes ACL-based write access for groups and named users on the file afile?

Question51: Which of the following command lines sets the administrator password for ntop to testing 123?

Question52: Which of the following components are part of FreeIPA? (Choose THREE correct answers.)

Question53: Linux Extended File Attributes are organized in namespaces. Which of the following names correspond to existing attribute namespaces? (Choose THREE correct answers.)

Question54: What effect does the configuration SSLStrictSNIVHostCheck on have on an Apache HTTPD virtual host?

Question55: How does TSIG authenticate name servers in order to perform secured zone transfers?

Question56: Which of the following practices are important for the security of private keys? (Choose TWO correct answers.)

Question57: Which DNS label points to the DANE information used to secure HTTPS connections to https:// www.example.com/?

Question58: Which of the following access control models is established by using SELinux?

Question59: Which of the following terms refer to existing scan techniques with nmap? (Choose TWO correct answers.)

Question60: SIMULATION
Which command installs and configures a new FreeIPA server, including all sub-components, and creates a new FreeIPA domain? (Specially ONLY the command without any path or parameters).