LPI 202-450 Exam - Topic 7 Question 35 Discussion

Actual exam question for LPI's 202-450 exam

Question #: 35
Topic #: 7

It has been discovered that the company mail server is configured as an open relay. Which of the following actions would help prevent the mail server from being used as an open relay while maintaining the possibility to receive company mails? (Choose two.)

ARestrict Postfix to only accept e-mail for domains hosted on this server

BConfigure Dovecot to support IMAP connectivity

CConfigure netfilter to not permit port 25 traffic on the public network

DRestrict Postfix to only relay outbound SMTP from the internal network

EUpgrade the mailbox format from mbox to maildir

Show Suggested Answer

Suggested Answer: C, D

by Simona at May 05, 2022, 04:38 AM

Limited Time Offer

25%

Off

Get Premium 202-450 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Jeannetta

4 months ago

Surprised that this is still a problem in 2023!

upvoted 0 times

...

William

4 months ago

B doesn't really address the open relay issue.

upvoted 0 times

...

Sherrell

4 months ago

Wait, isn't restricting port 25 a bit extreme?

upvoted 0 times

...

Thomasena

4 months ago

I think D is the better option here.

upvoted 0 times

...

Annelle

5 months ago

A is definitely a good move.

upvoted 0 times

...

Rory

5 months ago

I'm a bit confused about the Dovecot option. I don't see how configuring IMAP would really help with the open relay issue.

upvoted 0 times

...

Galen

5 months ago

I remember practicing a similar question where we had to secure a mail server. I feel like restricting outbound SMTP from the internal network could help too.

upvoted 0 times

...

Orville

5 months ago

I think restricting Postfix to only accept emails for domains hosted on the server might be a good choice, but I'm not entirely sure about the other options.

upvoted 0 times

...

Jacquelyne

5 months ago

I think blocking port 25 traffic on the public network could prevent unauthorized access, but it might also block legitimate emails. I'm not sure if that's the best approach.

upvoted 0 times

...

Tracey

5 months ago

I'm pretty confident about this one. The options related to user IP mappings, steering rules, and security group assignments seem like the most likely answers.

upvoted 0 times

...

Alyce

5 months ago

This looks like a straightforward question to me. The key requirements are secure login credentials and encrypted transport, so HTTPS is a clear choice. And since the question specifically mentions running CLI commands remotely on Cisco Nexus 9000 Series switches, NX-API seems like the logical second component. I'm confident those are the right two options to select.

upvoted 0 times

...

Tamala

5 months ago

The key here is understanding what "building components" refers to. I'm going to re-read the question and options.

upvoted 0 times

...