LPIC-2 · topic practice

DNS, Web and Mail Services practice questions

Practise Linux Professional Institute Certification Level 2 LPIC-2 DNS, Web and Mail Services practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: DNS, Web and Mail Services

What the exam tests

What to know about DNS, Web and Mail Services

DNS, Web and Mail Services questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Watch out for

Common DNS, Web and Mail Services exam traps

  • Answering from memory before reading the full scenario.
  • Missing a constraint such as cost, availability, security, scope or command context.
  • Choosing a broad answer when the question asks for the most specific fix.
  • Ignoring why the wrong options are tempting.

Practice set

DNS, Web and Mail Services questions

20 questions · select your answer, then reveal the explanation

Question 1mediummultiple choice
Read the full DNS explanation →

A company's mail server (Postfix) is rejecting incoming emails from a trusted partner with the error '550 5.7.1 Service unavailable; Client host [203.0.113.50] blocked using zen.spamhaus.org'. The partner's IP is not listed on any public DNSBL. What is the most likely cause?

Question 2hardmultiple choice
Read the full DNS explanation →

An administrator needs to configure a BIND DNS server to allow dynamic updates from a specific subnet (192.168.1.0/24) for the zone 'example.com'. The administrator must also ensure that the zone file is updated immediately after a dynamic update. Which configuration accomplishes this?

Question 3easymultiple choice
Read the full DNS explanation →

A web server running Apache httpd is experiencing high load. The administrator suspects that many requests are for non-existent virtual hosts. Which configuration change would reduce the load caused by these requests?

Question 4mediummultiple choice
Read the full DNS explanation →

A company runs a Postfix mail server that relays mail for internal clients. Users report that emails to a specific external domain 'example.org' are delayed by several hours. The administrator checks the mail logs and sees entries like: 'status=deferred (connect to mx.example.org[203.0.113.10]:25: Connection timed out)'. What is the most likely cause?

Question 5hardmulti select
Read the full DNS explanation →

Which TWO statements are true regarding BIND DNS server security? (Choose two.)

Question 6mediummultiple choice
Read the full DNS explanation →

You are the administrator of a medium-sized company that runs its own authoritative DNS servers for the domain 'company.com'. The primary DNS server is a BIND9 master, and there are two slaves. Recently, you updated the zone file on the master to add a new subdomain 'lab.company.com' with an A record pointing to 10.0.0.10. After the update, you increased the serial number and ran 'rndc reload'. However, after several hours, some external clients report that they cannot resolve 'lab.company.com'. You check the master server and find that the zone file contains the new record. You also check the slave servers and find that they still have the old zone data. The serial number on the master is 2025011501, while the slaves show 2025011400. The master's syslog shows no errors. The slaves' syslogs show 'zone company.com/IN: Transfer started.' but no completion messages. Firewall rules allow TCP and UDP port 53 between all DNS servers. What should you do to resolve the issue?

Question 7hardmulti select
Read the full DNS explanation →

An administrator is configuring a BIND 9 DNS server to support DNSSEC for the zone 'example.com'. The zone is signed using the NSEC3 algorithm. Which TWO statements are correct regarding the configuration and operation of NSEC3?

Question 8easymultiple choice
Read the full DNS explanation →

A small company runs a LAMP stack web server with Postfix mail server on a single Ubuntu 22.04 instance. The web server hosts a PHP application that sends password reset emails via the local mail server using PHP's mail() function. Recently, users report that password reset emails are not arriving. The administrator checks the mail log and finds that messages are being accepted by Postfix but are not being delivered. The mail queue shows messages with the status 'deferred'. There are no obvious errors in the mail log. The server has sufficient disk space and memory. The administrator suspects a DNS resolution issue. Which of the following is the most likely cause of the deferred mail?

Question 9mediumdrag order
Read the full DNS explanation →

Order the steps to configure a Linux system to use LDAP for authentication.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 10mediummatching
Read the full DNS explanation →

Match each kernel parameter to its effect.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Enables IP forwarding between interfaces

Sets the system's hostname

Controls tendency to swap memory pages

Maximum receive socket buffer size

Maximum number of open file descriptors

Question 11mediummultiple choice
Read the full DNS explanation →

A company uses BIND9 as the authoritative name server for its public zone example.com. External users report that they cannot resolve the MX record for the domain, but internal users can. What is the most likely cause?

Question 12hardmultiple choice
Read the full DNS explanation →

A mail server running Postfix is deferring messages for a local user. The mail log shows 'status=deferred (mailbox is locked)'. What is the most likely cause?

Question 13easymultiple choice
Read the full DNS explanation →

Which Apache module is used to rewrite URLs based on rules?

Question 14mediummulti select
Read the full DNS explanation →

A DNS administrator wants to implement DNSSEC on an authoritative zone. Which TWO resource records are essential for DNSSEC?

Question 15hardmulti select
Read the full DNS explanation →

A mail administrator is configuring Postfix to use SASL authentication for incoming connections. Which THREE parameters must be set in main.cf?

Question 16mediummultiple choice
Read the full DNS explanation →

Refer to the exhibit. A DNS query for 'ftp.example.com' returns NXDOMAIN. What configuration change would best resolve this?

Exhibit

$ORIGIN example.com.
@       IN      SOA     ns1.example.com. admin.example.com. (
                        2023100101      ; serial
                        3600            ; refresh
                        900             ; retry
                        604800          ; expire
                        86400 )         ; minimum
        IN      NS      ns1
        IN      MX      10 mail
ns1     IN      A       192.0.2.1
mail    IN      A       192.0.2.10
www     IN      A       192.0.2.20
Question 17hardmultiple choice
Read the full DNS explanation →

Refer to the exhibit. What is the most likely cause of this Apache error?

Exhibit

[crit] (28)No space left on device: mod_rewrite: could not create rewrite_log_lock
Question 18easymultiple choice
Read the full DNS explanation →

Refer to the exhibit. What is wrong with the reverse DNS resolution for 192.0.2.1?

Exhibit

; <<>> DiG 9.16.1 <<>> -x 192.0.2.1
;; QUESTION SECTION:
;1.2.0.192.in-addr.arpa.       IN      PTR

;; AUTHORITY SECTION:
2.0.192.in-addr.arpa.  3600    IN      SOA     ns1.example.com. admin.example.com. 2023100101 3600 900 604800 86400

;; Query time: 1 msec
;; SERVER: 192.0.2.1#53(192.0.2.1)
;; WHEN: Sat Oct 01 12:00:00 2023
;; MSG SIZE  rcvd: 80
Question 19easymultiple choice
Read the full DNS explanation →

Which Postfix configuration parameter specifies the domain that is appended to unqualified email addresses?

Question 20mediummultiple choice
Read the full DNS explanation →

A company wants to host multiple websites on a single Apache server with different domain names. Which approach is most appropriate?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused DNS, Web and Mail Services sessions

Start a DNS, Web and Mail Services only practice session

Every question in these sessions is drawn from the DNS, Web and Mail Services domain — nothing else.

Related practice questions

Related LPIC-2 topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the LPIC-2 exam test about DNS, Web and Mail Services?
DNS, Web and Mail Services questions test whether you can apply the concept in context, not just recognise a definition.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just DNS, Web and Mail Services questions in a focused session?
Yes — the session launcher on this page draws every question from the DNS, Web and Mail Services domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other LPIC-2 topics?
Use the topic links above to move to related areas, or go back to the LPIC-2 question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the LPIC-2 exam covers. They are not copied from any real exam or dump site.