Which two actions are the required steps to prevent: non-root ssh access to the system?
A.
Ensuring that /etc/pam.d/sshd includes:
account sufficient pam_nologin.so
B.
Create the /etc/nologin/login.deny file containing a single line +all
C.
Creating the /etc/nologin.allow file containing a single line root
D.
Creating the /etc/nologin file
E.
Ensuring that /etc/pam.d/sshd includes:
account requiredpam_nologin.so
Explanation:
D: If the file /etc/nologin exists, only root is allowed to log in; other users are turned away with an
error message.
Note:
* In some cases, the security policy may dictate additional mechanisms, such as TCP wrappers,
Pluggable Authentication Modules (PAM), or the implementation of Security-Enhanced Linux
(SELinux).
D,E
D,E is correct
more explanation in Q36