Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

SAIR 3X0-104 Exam -

Free 3X0-104 Sample Questions:

1. Katheryn wants to maximize security on her system by replacing ftpd with a program that logs requests, denies unauthorized users, and runs the original ftpd daemon. What should Kathryn use?
A. TCP wrappers
C. Tripwire
D. Packet filters
Answer: A

2. John has just set up shadowing on his Linux machine. As root, he looks in the /etc/shadow file and finds the line below. Which of the following is TRUE about the line he found?
A. The user jsmith's account has been disabled for 100 minutes.
B. The user jsmith's password can only be changed after the current password has been active for 3 days.
C. The user jsmith will be warned for 60 days until his password expires.
D. The user jsmith's account will be disabled 3 days after his password expires.
Answer: D

3. John would like the finger daemon to be TCP wrapped. He finds the line below in the /etc/inetd.conf file. How should he change this line to enable wrapping of the finger daemon?
finger stream tcp nowait nobody /usr/sbin/in.fingerd
A. finger stream tcpd nowait /usr/sbin/in.fingerd
B. finger stream tcp nowait /usr/sbin/tcpd in.fingerd
C. finger stream tcpd nowait /usr/sbin/tcpd finger
D. finger stream tcp nowait /usr/sbin/in.fingerd in.fingerd
Answer: B

4. Which of the following can be used to watch logged-in users as they execute commands?
A. ttysnoop
B. mgetty
C. sniffdev
D. urlsniff
Answer: A

5. Which of the following best describes how the Crack program breaks passwords?
A. It gathers passwords by masquerading as a Kerberalized login program.
B. It encrypts a list of dictionary words and compares it to passwords already encrypted on the system.
C. It attempts to decrypt passwords that are already encrypted on the system.
D. It gathers plain-text information sent over the network and parses that information for passwords.
Answer: B

6. The following is a listing from the /etc/passwd file. Which users have a user identification (UID) of superuser?
A. johndoe and carla
B. tom and beth
C. johndoe and tom
D. beth and carla
Answer: B

7. Charles has been using PGP for file encryption for months and wants to expand its uses to other projects. Which of the following would NOT be an effective use of PGP?
A. Creating public keys for user authentication
B. Encrypting company e-mail
C. Creating digital signatures
D. Encrypting the signing of SSL certificates
E. Creating private keys for user authentication
Answer: D

8. Molly wants to encrypt and send an e-mail containing sensitive material to Sandy. To ensure that no one besides Sandy can read the e-mail, Molly wants to use PGP encryption. Which of the following methods will allow Molly to encrypt the e-mail and provide a way for Sandy to decrypt it? (Choose two.)
A. Molly gives a password at encryption time that Sandy can use to decrypt the e-mail.
B. Molly encrypts the e-mail using a private key. Sandy must then decrypt it using the public key.
C. Molly encrypts the e-mail using a public key. Sandy must then decrypt it using the private key.
D. Molly encrypts the e-mail using a series of private keys. Sandy then decrypts it using one of the private keys sent along with the e-mail.
Answer: AC

9. A cracker has obtained the /etc/passwd file from a large server. In an attempt to gain entry into the system, the cracker checks the encrypted passwords from /etc/passwd against a list of encrypted passwords created from a word list. This is an example of a ________ attack.
A. dictionary
B. buffer overflow
C. brute force
D. smurf
E. spoof
Answer: A

10. An assistant network administrator has just been assigned the task of enhancing network security. One of the options that he has to implement is password aging. Consider the excerpt below from the /etc/passwd file. Which two commands can the network administrator run to make jdoe's and msmith's passwords expire in 90 days? (Choose two.)
A. passwd -90 jdoe msmith
B. passwd -x 90 jdoe msmith
C. passwd --expire 90 jdoe msmith
D. crypt -m 90 jdoe msmith
E. chage -m 90 jdoe msmith
Answer: BE

11. An assistant network administrator has just been assigned the task of enhancing network security. One of the options to be implemented is password aging. Consider the excerpt from the /etc/passwd file below. Which of the following would implement password aging?
A. shadow -x 90 jdoe msmith
B. pwconv; passwd -x 90 jdoe msmith
C. crypt; passwd -age 90 jdoe msmith
D. pwage -t 90 jdoe msmith
Answer: B

12. Tom, a system administrator for ServerA, is interested in security and has written a script that scans the password file for unauthorized promotion to root status. Which of the following should the script check? (Choose two.)
A. A UID number that has been set to one
B. A UID number that has been set to zero
C. An account with the GID set to *
D. A user with a non-standard shell (i.e., "/bin/runasroot")
E. An account with the UID set to *
Answer: BD

13. The line below is from an /etc/passwd file. What information does the presence of a single character in the second field (an x in most cases) reveal about the password authentication procedure?
A. Encoded passwords are stored in "/etc/shadow."
B. The administrator has locked this user's account.
C. The user's encrypted password is x.
D. The user's password hasn't been assigned.
Answer: A

14. A team's project leader, Joe, needs read and write permissions to all files created in the directory /home/group1/shared, regardless of file ownership. Joe owns this directory. Which of the following commands will set these permissions? The pwd is /home/group1/shared. Assume Joe does not have root access.
A. setfacl -m d:u:joe:rwx *
B. chmod 777 *
C. umask 000 *
D. chown -D joe *
E. setuid -r joe *
Answer: A

15. Which file must be modified to set the default values for such items as password expiration and superuser PATH settings?
A. /etc/permissions
B. /etc/login.defs
C. /etc/smb.conf
D. /etc/defaults
Answer: B

16. Which of the following protocols transmit encrypted ASCII text by default?
D. Telnet
E. https
Answer: E

17. Tom is a developer in a Linux system. Due to the carelessness of the system administrator, he obtains the superuser password. Tom decides to write a setuid program that would make him the superuser even without the password, but he means no harm to the company. He places the program in the /sbin directory. He also makes sure to touch the program so that it has the same date as various other programs in that directory. Which of the following are the most appropriate methods for the system administrator to detect the program? (Choose two.)
A. Execute the find command to display program names with the setuid bit set.
B. Use a software package such as tripwire to detect changes in the directory structure.
C. Run a script that performs a "chmod -s" on all binaries in order to turn off setuid.
D. Check the /var/sulog file, as it contains entries that describe programs with the setuid bit set.
E. Execute the locate command with the subexecution of the stat command to determine the true creation date of each file
Answer: AB

18. A large company has a network of computers in New York and a separate network in London. The company president needs the two networks to act as one, but he does not want to lease an expensive line between the two. Which of the following can the company use to provide secure traffic between the two networks using the Internet?
C. TCP wrappers
E. Dual-homed host
Answer: A

19. William, a network administrator for a small marketing firm, wants to provide maximum security for sensitive information on his network. To do this, he has decided to set up a closed path for data transmission between two points on the network. Which of the following network concepts is this an example of?
A. Ethernet bridge
B. TCP wrappers
C. Proxy server
D. Tunneling
E. Encrypted sticky packets
Answer: D

20. Jim, who has recently been promoted to network administrator, wants to specify rules for routing. However, he is unsure about how router packet filters parse and apply rules. Which of the following are TRUE regarding router packet filtering? (Choose two.)
A. Rules are checked against packets by parsing the body of the packet for information in a way similar to the method the grep program uses to parse text files.
B. The packet headers are parsed and tested against the routing rules.
C. Packet filtering rules can be applied to inbound and outbound network interfaces.
D. Router packet filters remove headers from packets and apply rules based on the content of the packet.
Answer: BC

21. An administrator has implemented a chain of router packet filtering rules on a major system server. A user has sent a packet to the network protected by the packet filter. The packet originated from and is destined for Considering the chain of packet filtering rules below, what will happen to the packet and why?
rule source destination action
A deny
B deny
C permit
D deny
A. The packet will be permitted because no rules apply.
B. The packet will be permitted because it matches rule C.
C. The packet will be denied because all sources and destinations are blocked by rule D.
D. The packet will be denied because the packet matches rule A.
Answer: B

22. The system administrator wants to log all of the kernel messages (e.g. kernel panics) to a file instead of having the messages go to the console (e.g. /dev/console). Which file should she edit, and what line in the file should she add, to perform this duty?
A. /etc/klog.conf; kern.* /var/log/kernel.log
B. /etc/logd; kernel.* /var/log/kernel.log
C. /etc/syslog.conf; *.notice /var/log/kernel.log
D. /etc/syslog.conf; kern.* /var/log/kernel.log
E. /etc/klog.conf; *.notice /var/log/kernel.log
Answer: D

23. An administrator believes that an unauthorized user has been attempting to connect to a system server. Where could the administrator look to find logs of connection attempts and the origins of those connections?
A. /var/log/secure
B. /var/adm/sulog
C. /var/log/logins
D. /var/adm/connect
Answer: B

24. A large server has many services running, including FTP, NFS, and NIS. It is hard for the administrator to find security holes in the services' configuration files, and this leads to possible security risks. Which of the following tools could the administrator use to check these services for security holes?
B. LogCheck
D. Tripwire
Answer: C

25. On Monday, a system administrator for a Linux software company noticed more than 100 failed Telnet login attempts to the same user from the IP address on the same day. Which action could he take to protect the user account and the system? (Choose two.)
A. Restart the computer to reset the TCP wrapper daemon.
B. Disable the account to prevent password guessing.
C. Reconfigure the /etc/hosts.deny file to block all access from this IP address.
D. Start a log of all failed passwords that are being used to review the type of passwords that are being guessed.
Answer: BC

26. Which file contains configuration information for the logging daemon, specifies a pattern of facilities to be logged, a logging priority, and where the logs are stored?
A. /etc/inittab
B. /etc/inetd.conf
C. /etc/syslog.conf
D. /etc/sysconfig/log.conf
E. /etc/modules.conf
Answer: C

27. Which of the following describes the contents of the /var/log/btmp log file?
A. It stores only the users' real names and their login times.
B. It contains a list of failed login attempts in a format similar to the wtmp log file.
C. It contains all successful superuser login attempts.
D. It contains a list of all users currently logged in to the system, along with their IP addresses.
Answer: B

28. An assistant network administrator has just been assigned the task of enhancing network security. Some of his ideas had involved a daily check of the system. A script that has been created will be executed daily as a cron job. Which of the following "find" commands might be included in this script? (Choose two.)
A. find / -perm +4000 >> /var/log/daily
B. find / -mtime 1 >> /var/log/daily
C. find / -exec md5sum -c {} \; >> /var/log/daily
D. find / -name * >> /var/log/daily
E. find / -type s >> /var/log/daily
Answer: AB

29. An administrator finds a program on a network server that modifies several system service records when a certain user logs in and out. The program masks the intruder's actions. This is most likely an example of what type of a _________.
A. Trojan horse
B. Worm
C. Back door
D. Logic bomb
Answer: D

30. An administrator finds that the Telnet daemon is listening on two ports. Any user who connects to the non-standard port will be granted immediate access. This is an example of a __________.
A. Trojan horse
B. Worm
C. Back door
D. Logic bomb
Answer: C

© 2014, All Rights Reserved