100+ Free LPIC-2 202-450 Practice Questions
Pass your LPIC-2 Linux Engineer — Exam 202 (202-450) exam on the first try — instant access, no signup required.
Which file is the main configuration for the BIND name server (named) on most distributions?
Key Facts: LPIC-2 202-450 Exam
60
Exam Questions
LPI
500/800
Passing Score (scaled)
LPI
90 min
Exam Duration
LPI
$200
Exam Fee (USD)
LPI Marketplace
LPIC-1
Prerequisite
Required for LPIC-2 award
5 years
Validity
Recertification required
LPIC-2 Exam 202-450 has 60 questions in 90 minutes with a 500-of-800 scaled passing score. Active LPIC-1 is required. Topic weights: Domain Name Server (8), HTTP Services (11), File Sharing (8), Network Client Management (11), E-Mail Services (8), and System Security (14 — the largest). Scenario-style items: writing a BIND zone file, configuring Apache vhosts and mod_ssl, exporting /etc/exports for NFS, joining a Samba domain, building an OpenLDAP slapd config, hardening Postfix, writing iptables/nftables rules, and configuring OpenVPN tunnels. Exam fee $200 USD. Combined with 201-450 to earn LPIC-2.
Sample LPIC-2 202-450 Practice Questions
Try these sample questions to test your LPIC-2 202-450 exam readiness. Each question includes a detailed explanation. Start the interactive quiz above for the full 100+ question experience with AI tutoring.
1Which file is the main configuration for the BIND name server (named) on most distributions?
2Which DNS record type maps a hostname to an IPv4 address?
3Which DNS record type maps an IP address back to a hostname for reverse lookups?
4Which BIND zone type configures a server as the authoritative primary for a domain?
5What is the proper SOA serial number convention for BIND zone files?
6Which DNS query type does dig use by default?
7Which BIND option restricts who may transfer a zone (AXFR/IXFR)?
8Which command checks the syntax of a BIND zone file?
9What is the role of DNSSEC's RRSIG, DNSKEY, and DS records?
10Which TSIG-related directive is used to authenticate zone transfers between BIND servers?
About the LPIC-2 202-450 Exam
Exam 202-450 is the second of two exams for the LPIC-2 Linux Engineer certification. Requires active LPIC-1. It validates the ability to install, configure, and maintain network services on Linux: BIND DNS, Apache and Nginx web servers, Samba and NFS file sharing, DHCP, OpenLDAP, Postfix mail, and host security with iptables/nftables, OpenVPN, and SSH.
Questions
60 scored questions
Time Limit
90 minutes
Passing Score
500 / 800 (scaled)
Exam Fee
$200 (Linux Professional Institute (Pearson VUE / OnVUE online proctored))
LPIC-2 202-450 Exam Content Outline
System Security (Topic 212)
Weight 14/60 — largest topic. Configuring a router (IP forwarding, sysctl net.ipv4.ip_forward, NAT/masquerading, /proc/sys/net); managing FTP servers (vsftpd, pure-ftpd basics, awareness only); secure shell (sshd_config, ~/.ssh/config, key-based auth, ssh-agent, port forwarding -L/-R/-D, X11 forwarding); security tasks (nmap, OpenSSL, /etc/hosts.allow/.deny, awareness of fail2ban, snort, rkhunter, OpenVAS); OpenVPN (server.conf, client.conf, ca.crt, easy-rsa); IPsec awareness; Linux firewall — iptables (filter/nat/mangle tables, INPUT/OUTPUT/FORWARD chains) and nftables (tables, chains, rules).
HTTP Services (Topic 208)
Weight 11/60. Apache configuration (httpd.conf, /etc/apache2/, VirtualHost, ServerName, DocumentRoot, Directory blocks, .htaccess, mod_rewrite RewriteRule/RewriteCond, mod_ssl with SSLCertificateFile/SSLCertificateKeyFile/SSLCACertificate, mod_dir, mod_alias, a2enmod/a2ensite); Apache HTTPS (Let's Encrypt awareness, certbot); implementing Squid as a caching proxy (squid.conf, ACLs, http_access, cache_dir); Nginx as a web server and reverse proxy (server blocks, proxy_pass, upstream blocks, listen 443 ssl).
Network Client Management (Topic 210)
Weight 11/60. DHCP configuration (dhcpd.conf, subnet, range, static reservations via host blocks, /var/lib/dhcp/dhcpd.leases, dhclient, /etc/dhcp/dhclient.conf); PAM authentication (/etc/pam.d/, auth/account/password/session, pam_unix, pam_cracklib/pam_pwquality, pam_ldap, pam_tally2/pam_faillock); LDAP client usage (ldapsearch, ldapadd, ldapmodify, ldappasswd, /etc/openldap/ldap.conf, /etc/nsswitch.conf with ldap, sssd); configuring an OpenLDAP server (slapd, slapd.conf or cn=config, LDIF format, ACLs, indexes, replication awareness).
Domain Name Server (Topic 207)
Weight 8/60. Basic DNS server configuration (BIND named.conf, options block, listen-on, allow-query, forwarders, /var/named/ or /etc/bind/zones); creating and maintaining DNS zones (zone files — SOA, NS, A, AAAA, MX, CNAME, PTR, TXT records; $TTL, $ORIGIN, serial increment for slave updates); securing a DNS server (chroot jail awareness, ACLs in named.conf, DNSSEC awareness — dnssec-keygen, dnssec-signzone, RRSIG/DNSKEY/DS records, TSIG keys for zone transfers).
File Sharing (Topic 209)
Weight 8/60. Samba server configuration (smb.conf, [global], [homes], [printers], custom shares, security = user, workgroup, server role, smbpasswd, pdbedit, testparm, smbclient, smbstatus, mount.cifs); NFS server configuration (/etc/exports, options rw/ro/sync/async/no_root_squash/all_squash, exportfs -ar, showmount -e, mount -t nfs, NFSv3 vs NFSv4, /etc/idmapd.conf, rpcbind, statd/lockd for v3); awareness of file-locking, ACLs, and Kerberized NFS (sec=krb5).
E-Mail Services (Topic 211)
Weight 8/60. Using e-mail servers (Postfix as primary — main.cf, master.cf, postconf, postqueue, postsuper, /etc/aliases, newaliases, virtual_alias_domains, awareness of Sendmail/Exim configuration parallels); managing local e-mail delivery (procmail, ~/.procmailrc, sieve awareness); managing remote e-mail delivery (Dovecot for IMAP/POP3 — dovecot.conf, mail_location, auth mechanisms; mailing list manager awareness — Mailman/Sympa).
How to Pass the LPIC-2 202-450 Exam
What You Need to Know
- Passing score: 500 / 800 (scaled)
- Exam length: 60 questions
- Time limit: 90 minutes
- Exam fee: $200
Keys to Passing
- Complete 500+ practice questions
- Score 80%+ consistently before scheduling
- Focus on highest-weighted sections
- Use our AI tutor for tough concepts
LPIC-2 202-450 Study Tips from Top Performers
Frequently Asked Questions
What is the LPIC-2 202-450 exam?
Exam 202-450 is Part 2 of 2 for LPIC-2 Linux Engineer. It validates the ability to install, configure, and secure common Linux network services: BIND DNS, Apache/Nginx, Samba/NFS, DHCP, PAM/LDAP, Postfix/Dovecot, and host security including iptables/nftables, OpenVPN, and OpenSSH.
What is the largest topic on Exam 202-450?
System Security at weight 14 — by far the largest single topic. It covers iptables/nftables firewalling, OpenSSH hardening, OpenVPN, IPsec awareness, FTP servers, and security audit tools. HTTP Services and Network Client Management tie for second at weight 11 each.
Do I need LPIC-1 to be awarded LPIC-2?
Yes. You may sit Exam 202-450 without active LPIC-1, but the LPIC-2 credential is only awarded once you hold active LPIC-1 and have passed both 201-450 and 202-450. LPI publishes the linkage on the LPIC-2 overview page.
How is Exam 202-450 structured?
60 questions in 90 minutes — multiple-choice and fill-in-the-blank. Scaled scoring 200-800 with 500 to pass. Fill-in-the-blank items demand exact configuration directive names, paths, and option flags (e.g., 'allow-query', '/etc/exports', '-A INPUT').
How much does Exam 202-450 cost?
$200 USD per attempt at standard pricing. Reduced regional pricing of $165 or $132 is available. Each attempt requires its own voucher purchased through LPI Marketplace or Pearson VUE.
Where can I take the LPIC-2 202-450 exam?
Pearson VUE testing centers worldwide, or remotely via LPI OnVUE online proctored. OnVUE requires a webcam, microphone, government-issued photo ID, and a clean uninterrupted room. Schedule via lpi.org or pearsonvue.com/lpi.
How does LPIC-2 prepare me for LPIC-3?
Active LPIC-2 is a prerequisite for any LPIC-3 specialization (300 Mixed Environment, 303 Security, 305 Virtualization and Containerization, 306 High Availability and Storage Clusters). Each LPIC-3 exam is a single 90-minute exam — no second part.