LPIC-3 Exam 303 (Security) — Question 17

Which option of the openvpn command should be used to ensure that ephemeral keys are not written to the swap space?

Answer options

• A. --mlock
• B. --no-swap
• C. --root-swap
• D. --keys-no-swap

Correct answer: A

Explanation

The correct answer, --mlock, is used to lock memory to prevent sensitive information, like ephemeral keys, from being written to swap space. The other options do not exist in the OpenVPN command context or do not serve the purpose of securing ephemeral keys.