Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsLPIC-2TopicsDNS, Web and Mail Services
Free · No Signup RequiredLPI · LPIC-2

LPIC-2 DNS, Web and Mail Services Practice Questions

20+ practice questions focused on DNS, Web and Mail Services — one of the most tested topics on the Linux Professional Institute Certification Level 2 LPIC-2 exam. Each question includes a detailed explanation so you learn why the right answer is correct.

Start DNS, Web and Mail Services Practice

Exam Domains

Linux Kernel and System StartupBlock Devices, Filesystems and Advanced StorageAdvanced Networking ConfigurationDNS, Web and Mail ServicesFile Sharing and SambaSystem SecurityNetwork Client ManagementAll domains →

Study Tools

Practice TestMock ExamFlashcardsAll Topics

Sample DNS, Web and Mail Services Questions

Practice all 20+ →
1.

A company's mail server (Postfix) is rejecting incoming emails from a trusted partner with the error '550 5.7.1 Service unavailable; Client host [203.0.113.50] blocked using zen.spamhaus.org'. The partner's IP is not listed on any public DNSBL. What is the most likely cause?

A.The partner's SPF record is misconfigured, causing Postfix to reject the email.
B.The partner's IP is listed on a local DNSBL that is aggregated with zen.spamhaus.org.
C.The mail server is using greylisting and the partner's server has not retried.
D.The partner's SMTP server does not have a valid PTR record for its IP, and Postfix has reject_unknown_client_hostname enabled.

Explanation: The error message explicitly states the block is from zen.spamhaus.org, a public DNSBL. However, the partner's IP is not listed on any public DNSBL. This contradiction suggests the block is actually due to Postfix's reject_unknown_client_hostname restriction, which checks for a valid PTR record. When the PTR record is missing or does not match the connecting IP, Postfix may log a generic DNSBL-style error if the administrator has misconfigured the restriction to use a DNSBL-like check, or the error message is misleading. Option D is correct because a missing or invalid PTR record triggers this rejection, not a DNSBL listing.

2.

An administrator needs to configure a BIND DNS server to allow dynamic updates from a specific subnet (192.168.1.0/24) for the zone 'example.com'. The administrator must also ensure that the zone file is updated immediately after a dynamic update. Which configuration accomplishes this?

A.zone "example.com" { type master; file "db.example.com"; update-policy { grant 192.168.1.0/24 zonesub ANY; }; };
B.zone "example.com" { type master; file "db.example.com"; allow-transfer { 192.168.1.0/24; }; };
C.zone "example.com" { type master; file "db.example.com"; allow-update { 192.168.1.0/24; }; };
D.zone "example.com" { type master; file "db.example.com"; also-notify { 192.168.1.0/24; }; };

Explanation: Option C is correct because the `allow-update` statement in BIND explicitly permits dynamic DNS updates (RFC 2136) from specified sources, such as the subnet 192.168.1.0/24. Dynamic updates are written to the zone file immediately by default when using a master zone, ensuring the file is updated in real time.

3.

A web server running Apache httpd is experiencing high load. The administrator suspects that many requests are for non-existent virtual hosts. Which configuration change would reduce the load caused by these requests?

A.Define a default virtual host that returns a 444 status code.
B.Enable logging for all virtual hosts to identify the source of requests.
C.Increase the MaxClients directive to allow more concurrent connections.
D.Disable KeepAlive to reduce the number of requests per connection.

Explanation: Option A is correct because defining a default virtual host that returns a 444 status code (a non-standard Apache code meaning 'Connection closed without response') immediately terminates the connection for requests to non-existent virtual hosts. This prevents Apache from wasting resources on DNS lookups, logging, and content generation for invalid hostnames, directly reducing load from such requests.

4.

A company runs a Postfix mail server that relays mail for internal clients. Users report that emails to a specific external domain 'example.org' are delayed by several hours. The administrator checks the mail logs and sees entries like: 'status=deferred (connect to mx.example.org[203.0.113.10]:25: Connection timed out)'. What is the most likely cause?

A.The company's mail server is not authorized to relay mail for the internal clients, causing a deferral.
B.The DNS MX record for example.org is misconfigured, pointing to a non-existent host.
C.The remote mail server mx.example.org is blocking connections from the company's mail server IP.
D.The remote server is rate limiting connections from the company's mail server.

Explanation: The log entry 'Connection timed out' indicates that the company's Postfix server successfully resolved the MX record for example.org to the IP 203.0.113.10 but could not establish a TCP connection to port 25 on that host. This is consistent with the remote server explicitly blocking inbound connections from the company's IP, often via a firewall rule or access control list, rather than a DNS or rate-limiting issue.

5.

Which TWO statements are true regarding BIND DNS server security? (Choose two.)

A.The 'allow-transfer' ACL is used to restrict which clients can perform recursive queries.
B.The 'allow-recursion' ACL can be used to restrict which clients can use the server's recursive lookup feature.
C.The 'blackhole' ACL can be used to prevent cache poisoning attacks.
D.The 'forwarders' option can be used to disable recursion entirely.

Explanation: Option B is correct because the 'allow-recursion' ACL in BIND explicitly controls which clients are permitted to use the server's recursive query feature. By restricting recursion to trusted clients, the server avoids being used in amplification attacks and reduces exposure to cache poisoning. This ACL is defined in the options block or per-zone and can reference address match lists or named ACLs.

+15 more DNS, Web and Mail Services questions available

Practice all DNS, Web and Mail Services questions

How to master DNS, Web and Mail Services for LPIC-2

1. Baseline your knowledge

Start with 10 questions to gauge your current understanding of DNS, Web and Mail Services. This tells you whether you need a concept refresher or just practice.

2. Review every explanation

For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.

3. Focus on exam traps

DNS, Web and Mail Services questions on the LPIC-2 frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.

4. Reach 80% consistently

Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.

Frequently asked questions

How many LPIC-2 DNS, Web and Mail Services questions are on the real exam?

The exact number varies per candidate. DNS, Web and Mail Services is tested as part of the Linux Professional Institute Certification Level 2 LPIC-2 blueprint. Practicing with targeted DNS, Web and Mail Services questions ensures you can handle any format or difficulty that appears.

Are these LPIC-2 DNS, Web and Mail Services practice questions free?

Yes. Courseiva provides free LPIC-2 practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.

Is DNS, Web and Mail Services one of the harder LPIC-2 topics?

Difficulty is subjective, but DNS, Web and Mail Services is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.

Ready to practice?

Launch a full DNS, Web and Mail Services practice session with instant scoring and detailed explanations.

Start DNS, Web and Mail Services Practice →

Topic Info

Topic

DNS, Web and Mail Services

Exam

LPIC-2

Questions available

20+