Mobile ITnT Solutions



Linux Questions I create to test the students:Section: Understanding the Kernel:Question: The linux kernel is at the heart of every Linux system. Which command would I use to display the system's node name (or network host name)Answer: uname -nQuestion: You can find the kernel version with this command:Answer: uname -vQuestion: This command and option will display the kernel nameAnswer: uname -sQuestion: This command and option returns information about your machine.Answer: uname -rQuestion: This command and option returns the Hardware platform informationAnswer: uname -iQuestion: What will this command display on the screen: uname -oAnswer: The OS NameSection: Linux Directory/File Tree:Question: Every single file and directory is under this directory?Answer: Root directoryQuestion: which root sub-directory contains device files; these include terminal devices, usb, or any device attached to the systemAnswer: /dev - Device filesQuestion: which root sub-directory contains binary executables; commands used by all the users of the system are located here...for example: ps, ls, ping, grep, cp...Answer: /binQuestion: which root sub-directory also contains binary executables...but the linux commands located under this directory are used typically by system administrator, for maintenance purposeAnswer: /sbinQuestion: which root sub-directory contains configuration files required by all programs; also contains startup and shutdown shell scripts used to start and stop individual programs. ex: resolv.confAnswer: /etcQuestion: which root sub-directory contains temporary files created by system and users; files under this directory are deleted when system is rebooted.Answer: /tmp - Temporary filesQuestion: which root sub-directory stands for variable files; content of the files that are expected to grow can be found under this directoryAnswer: /varQuestion: this root sub-directory stands for Unix System Resources; contains binaries, libraries, documentation, and source-code for second level programsAnswer: /usr - User ProgramsQuestion: this root sub-directory is the home directory for all users to store their personal files.Answer: /home - Home DirectoriesQuestion: this root sub-directory contains boot loader related filesAnswer: /boot - Boot Loader FilesQuestion: this root sub-directory is the temporary mount directory where sysadmins can mount filesystems; should be empty and only used for temporary mount pointsAnswer: /mnt - Mount DirectorySection: Working with Bash Shell: Question: This shell is short for "Bourne Again Shell" this shell is used in most situations, because it's compatible with the Bourne shellAnswer: BashQuestion: I'm running a process or job and I want to cancel the running command, which key sequence do I use:Answer: Ctrl+CQuestion: which bash key sequence brings the cursor to the beginning of the current commandAnswer: Ctrl+A Question: What can I type to repeat the last command Answer: !! - pronounced bang bang OR up arrowQuestion: which key sequence will move the cursor backward one characterAnswer: Ctrl+BQuestion: which key sequence will erase the complete lineAnswer: Ctrl+U Question: which command displays the last commands you usedAnswer: historyQuestion: By default the "history" remembers the last ___ commands of any user. Answer: 1000Question: What's the history command to show the last 35 commands?Answer: history 35Question: List atleast one way to clear the history list for the user who uses this commandAnswer: history -cQuestion: What variable can determine the number of commands to be remembered in your current environmentAnswer: $HISTSIZEQuestion: What command will show me the number of commands kept in your history file:Answer: echo $HISTSIZE Question: How can I change my history file using a variable--change to 1200...Then type the command to show the new sizeAnswer: HISTSIZE=1200 / echo $HISTSIZESection: Working with Directories: Question: use this command to change the current working directory; used to navigate the directory treeAnswer: cd (change directory)Question: What are the 2 types of Pathnames associated with linuxAnswer: Absolute and Relative Question: This pathname always starts with the forward slash(/)Answer: AbsoluteQuestion: This pathname starts from the current working directory.Answer: Relative Question: which special symbol refers to the current working directory.Answer: . (dot)Question: which special symbol refers to the working directory's parent directory.Answer: .. (dot dot)Question: what command (include short-cut symbol) will take you into your "home" directoryAnswer: cd ~Question: what command (include short-cut symbol) will take you to the previous directoryAnswer: cd - OR cd ../Question: which commands stand for "Print Working Directory", which shows the current working directory you are inAnswer: pwdQuestion: which command show the path to the command that will execute if it is run without using the absolute pathAnswer: which commandQuestion: which command is used to create a new directory.Answer: mkdirQuestion: Which option would you use with the mkdir command to create a complete directory structure in one command.Answer: -p optionQuestion: To create the following directory structure "/test/test2/test3" in one command, what command would you use.Answer: mkdir -p /test/test2/test3Question: Select the correct command:1. mkdir /test/test22. mkdir -rf /test/test23. mkdir -p /test/test2Answer: 3. mkdir -p /test/test2Question: Which option is used to set directory permissions while using the mkdir commandAnswer: -m or --mode Question: This command is used to remove empty directoriesAnswer: rmdirQuestion: The rmdir command works with files also- True or FalseAnswer: FalseSection: Working with Files:"ls" command Question: What is the command to list the following directory in Human readable format: /etc Answer: ls -lhQuestion: To create an empty file called "football.txt", which command should be used.Answer: touch football.txtQuestion: command to list all files (including hidden files)Answer: ls -aQuestion: command to display files in "long listing format"Answer: ls -lQuestion: command to display files in reverse orderAnswer: ls -rQuestion: command to sort & display files by sizeAnswer: ls -sQuestion: command to sort files by modification timeAnswer: ls -t"rm" command:Question: I want to delete sub-directory "test2" ... the parent directory is "test"... there is 1 file in the "test2" directory called exam.txt... What's the command to delete the "test2" directory..You are currently in "/" directoryAnswer: rm -rf test/test2 Question: this command is used to remove files and directoriesAnswer: "rm" commandQuestion: Which option would I use with "rm" command to ignore nonexistent files and never prompt before removingAnswer: -f or --force optionQuestion: Which option would I use with the "rm" command to cause a prompt before every file/directory removal.Answer: -i optionQuestion: which option would I use with the "rm" command to remove directories and their content recursively.Answer: -r or -RQuestion: Which command will prompt me for every file or directory "rm" command tries to delete, if write-protected:A. rm -f testDirB. rm -r testDirC. rm -rf testDirAnswer: BQuestion: Which command would I type to remove directory "test2Dir".. There are 2 files inside the "test2Dir" directory... see structure below:/var/test2Dir/Answer: rm -rf /var/test2DirQuestion: I want to delete directory /test , but it has the following content inside-- a directory call "test2"-- a directory called "test3"-- a file inside "test2" called animals.txtAnswer: rm -rf /test"cp" command Question: Which command makes a copy of your files and directories?A. mv B. cpC. pwdAnswer: BQuestion: Which option for the "cp" command allows me to copy archive files?Answer: cp -aQuestion: Which option for the "cp" command is a force copy by removing the destination fileAnswer: cp -fQuestion: Which option for the "cp" command is interactive, to prevent overwriting?Answer: cp -iQuestion: Which option for the "cp" command, link files instead of copying themAnswer: cp -l Question: Which option for the "cp" command is recursive copy (copy entire directory, including hidden files)?Answer: cp -rQuestion: Which option for the "cp" command is for updating..copies when source is newer than destinationAnswer: cp -u Question: copy picture.jpg from /etc to your home your directory...you are logged in as root; you are currently in "/var" directory; Answer: cp /etc/picture.jpg ~/picture.jpgQuestion: Let's say you are the user student, and you have a bunch of files in the directory "/home/sally/pictures/" named picture-01.jpg, picture-02.jpg... and you want to copy them into the directory /home/sally/picture-backup/. Write the command you would use..Answer: cp ~/pictures/picture-*.jpg ~/picture-backup Question: Let's say you are the user steve and you have a directory, /home/steve/files, which contains many files and subdirectories. You want to copy all those files, and all the subdirectories (and the files and subdirectories they contain), to a new location, /home/steve/files-backup. Write the command you would use....You are currently in root directoryAnswer: cp -rf ~/files ~/files-backup "mv" command:Question: This command is used to move files and directories or rename filesAnswer: mv Question: Which option would you use with the "mv" command to force a move by overwriting destination file without promptAnswer: mv -fQuestion: Which option would you use with the "mv" command for interactive prompt before overwrite?Answer: mv -i Question: Write the command to move all files in "~/backup" directory to the "~/tmp" directory. You are currently in "/" directoryAnswer: mv ~/backup/* ~/tmpQuestion: write the command to rename "friday.txt" file to "lastfriday.txt" in the current directory. The source file is located in the "/var" directory. You are currently in "/var" directoryAnswer: mv friday.txt lastfriday.txtQuestion: write command to update printer.pdf when it is newer to the "/var" directory. The source file is located in the "~/tmp" directory.Answer: mv -u ~/tmp/printer.pdf /var/printer.pdfQuestion: This command can be used to move files and rename directories and files.Answer: mv SATURDAY_7AMViewing File Content: "cat" command: Question: This command stands for "catenate" and displays the content of a file by dumping it to the screenAnswer: catQuestion: Which command would you use to copy "etc.txt" into a new filed called "etcbkup.txt", using your redirect ">" symbol. Source file is located in "/var" directory. Destination file should be created in "~/tmp" directory. You are currently in the "/" directory.Answer: cp var/etc.txt > ~/tmp/etcbkup.txtQuestion: Which command would you use to append the content from "flower.txt" file to "lily.txt" file. Both files are located in "~/tmp" directory. You are currently in the "~/tmp" directory.Answer: cat flower.txt >> lily.txt"tac" command: Question: Which command does the same thing as "cat" but inverts the results...basically dumping the contents of the file to the screen, but with the last line first and the first line lastAnswer: tacQuestion: What type of log file is the "tac" command, useful for examiningAnswer: chronological log file"tail" command:Question: Which command shows the last 10 lines of a text file, if no option is givenAnswer: tailQuestion: To output the last 100 lines of "tech.txt" file, what command would you write? Source file is located in "~/tmp" directory. You are currently in "/" directoryAnswer: tail ~/tmp/tech.txt -n 100Question: Which command would you use to view "access.log" in real timeAnswer: tail -f access.log"head" command:Question: This command is opposite of "tail" command. By default it displays the 1st ten lines of a text fileAnswer: headQuestion: Write the command to display the 1st 15 lines of "passwd.txt" file. Source location of file is "/etc" directory. Your current location is "~/tmp" directory.Answer: head -15 /etc/passwd.txt"less" command:Question: This command opens a plain-text file viewer to view the file.Answer: less"more" command: Question: This command is a filter for paging through text one screen at a time. Doesn't provide as many optionsAnswer: moreQuestion: which command would you use to display the contents of "football.txt", beginning at line 3.Answer: more +3 football.txtQuestion: How would you list the contents of the current directory, using the "more" command, to display the list one screen at a time. The current directory is "/etc" .Answer: ls -ltr | moreTHURSDAY @ 2PM Piping and Redirection: Question: List all files in /etc in long listing format and pipe it over to "more" command, so I can see a page at a time:Answer: ls -la /etc | moreQuestion: What are two powerful features of the Linux command line shell which allow the output(or even input) of a program to be sent to a file or another programAnswer: redirection and pipesQuestion: Which symbol represent the "pipe" commandA. ?B. ~C. |D. >>Answer: CQuestion: Shell has three basic streams, what are they?Answer: -- it takes input from "stdin (stream 0)"-- it sends output to "stdout (stream 1)"-- it sends error messages to "stderr (stream 2)"stop page: 71 (template) / 1 (pip_redirect file)Question: Using "stdout" how would you send "It is Happy Friday" to the following "record.txt" file located in "home" directory. You are currently in the "/" directory. You are currently logged into the terminal as "student". You can overwrite any content that may be in the file, if it already exists.Answer: echo It is Happy Friday > ~/record.txtQuestion: Using "stdout", Add the following line to the "record.txt" file listed in the previous question. "Each day is a Happy Day". You are still in "/" directory.Answer: echo Each day is a Happy Day >> ~/record.txtQuestion: To redirect both "stdout" and "stderr" to the same file, what do you use?Answer: use 2>&1Question: How would you redirect any errors that exists from the following command: "find / allfiles.txt " Answer: find / > allfiles.txt 2> /dev/nullQuestion: How would you redirect both "stdout" and "stderr" to the same file of the following command:"find / allfiles_n_errors.txt"Answer: find / > allfiles_n_errors.txt 2>&1Section: Finding Files:Question: I want to delete directory /test , but it has the following content inside-- a directory call "test2"-- a directory called "test3"-- a file inside "test2" called animals.txtAnswer: rm -rf /testQuestion: What's the command to list files in the /var directory in reverse order:Answer: ls -r /varQuestion: find all files which are accessed 50 days back:Answer: find / -atime 50Question: find the file "photo.png" located in the "/var" directory. Also, display the path of the matching file(s). You are currently in the "/var" directory.Answer: find . -name photo.png -print Question: find all files in the "/etc" directory and redirect the results to "etcfiles.txt" located in the "tmp" sub-directory under your "home" directory.Answer: find /etc > ~/tmp/etcfiles.txtQuestion: find files of type "file (not directory)" that end in ".conf", located in the current directory. You are currently in "/etc" directory.Answer: find . -type f -name "*.conf"Question: find files of type directory that end in ".bak".Answer: find / -type d -name "*.bak"Question: find only files (not directories) with permission 777Answer: find / -type f -perm 777Question: find only files without permission 777:Answer: find / -type f ! -perm 777Question: find a single file called "tecmint.txt" and remove itAnswer:find / -type f -name "tecmint.txt" -exec rm -f {} \;Question: find directories with 777 permissions and change permission to 755Answer: find / -type d -perm 777 -exec chmod 755 {} \;Question: find every file ending in ".odf" and copy them to the "/backup" directoryAnswer: find / -name "*.odf" -exec cp {} /backup \;Question: find every file ending in ".odf" and remove itAnswer: find / -name "*.odf" -exec rm -f {} \;Question: find files only that are larger than 20MAnswer: find / -type f -size +20MQuestion: find directories only that are larger than 20MAnswer: find / -type d -size +20MQuestion: find all files owned by "tecmint" under "home" directoryAnswer: find ~/ -user tecmint OR find /home -user tecmintSection: Vi Editor: Question: I want to open a file to make changes to it, what can I use:Answer: vi editorSection: Getting Help: Question: What is the interface used to view the system's reference manualsAnswer: man commandSection: Job Management Task:Question 16: Which command can I use to show current system activity; to where you can monitor current process activity and also perform some basic management tasksAnswer: "top" commandQuestion: By default, this command sorts its entries by CPU use, and updates its display every few secondsAnswer: top commandQuestion: This is the kernel component that makes sure that a process is handled by any of the CPU cores in your serverAnswer: the schedulerQuestion: Which command could I use to send signals to processes, such as asking or forcing a process to stop..Answer: kill commandQuestion: Use this command to start a paused job as a background job. . .it's a job control command which resumes suspended jobs without bringing them to the foregroundAnswer: bgQuestion: To understand the __________, you should know that it reflects the average number of processes in the run queue, which is the queue where processes wait before they can be handled by the scheduler.Answer: load average parameterQuestion: Use this symbol to start a job in the background initiallyAnswer: & ampersandQuestion: If I run the process "man cat &" in the background, and the PID is 3245 of that process, but I want to change the priority of my process to -15, what is that commandAnswer: nice -n -15 3245Question: In the second line of the top window, you'll see how many tasks your server is currently handling and what each of these tasks is doing. In this line, you may find four status indications. What are they and explain each one?Answer:Running: the number of active processes in the last polling loopSleeping: the number of processes currently loaded in memory, which haven't issued any activity in the last polling loopStopped: The number of processes that have been sent a stop signal but haven't yet freed all of the resources they were usingZombie: The number of processes that are in a zombie state. This is an unmanageable process state because the parent of the zombie process has disappeared and the child still exists but can no longer be managed because the parent is needed to manage that processQuestion: What part of the "top" window, shows a list of the most active processes at the moment...this window is refreshed every 5 secondsAnswer: the lower partQuestion: If you notice that a process is very busy, what can you press from within the top interface to terminate that process?Answer: "k" keyQuestion: Most commands are started as a job in the ______?Answer: foreground / & (ampersand)Question: Which option of the "top" command specifies delay between updates, which is normally five secondsAnswer: -d option (delay)Question: Which steps would you take of the "top" command to monitor specific process of id 1212? Answer: get PID by using "ps" command (ex: 1212)top -p 1212Question: Which "top" command option, allows me to quit from top?Answer: qSection: SchedulingQuestion: What is the "at" Schedule command to Schedule a task to run at 10AM on Aug 9Answer: at 10:00 AM August 9Question: What is the command to list scheduled "at" jobs.Answer: atqQuestion: Which key sequence would I use to exit the "at" commandAnswer: Ctrl+ DQuestion: What is the command to list all your cron jobsAnswer: crontab -lQuestion: What is the command to delete the current cron jobsAnswer: crontab -rQuestion: What is the command to delete cron job for user "jkelly" ... you are logged in as rootAnswer: crontab -r -u jkellyQuestion: What is the command to list all cron jobs for user "jdoe"Answer: crontab -u jdoe -lQuestion: 30 18 * * * rm /home/someuser/tmp/*Explain the cron job..it's scheduled to do what and whenAnswer: cron job removes the tmp files from /home/someuser/tmp each day at 6:30pmQuestion: 0 22 * * 1-5 /scripts/phpscript.phpExplain the cron job..it's scheduled to do whatAnswer: Run /scripts/phpscript.php at 10pm on weekdaysQuestion: Schedule an "at" job to be executed 5 minutes from now: list all files in /etc directory for this jobAnswer: at now + 5 min / ls -ltr /etcQuestion: Schedule an "at" job to be the same date next month at 10:00 AM. job to run is "echo Time to start speaking success in your life"Answer: at 10:00 AM next monthat> echo Time to start speaking success in your lifectrl+DQuestion: Run /scripts/phpscript.php at 10 pm on weekdays using the cron scheduleAnswer: 0 22 * * 1-5 /scripts/phpscript.phpSection: Working with Links:Question:Which command would I use to display all the contents of the /etc directory in long listing format, including the inode number?ANSWER: ls -ali /etcQuestion:Which command allows you to see how many inodes are used and free on mounted file systems?ANSWER: df -iQuestion:I have a file (ab*.sql) I'm having problems removing from directory /tmp, with an inode number 1448365. I've tried the "rm" command, but no success. What's another way to delete the file.ANSWER: find . -inum 1448365 -exec rm -i {} \;Question:What is an inode?Answer: An inode is a data structure that contains metadata about a file.Question:The _______ contains all of the inodes and is created when you create the file system (with mkfs).Answer: inode tableQuestion:Each inode has a unique number (the inode number). Which command could you use to see the inode numbers?Answer: ls –li commandQuestion:In reference to an inode, what is a directory?Answer: A directory is a special kind of file that contains a table which maps filenames to inodes.Question:There are two types of links, what are they?Answer: Symbolic and hard linksQuestion:Which link is this:Points to other files or directories, no matter where it is locatedMost flexible type link usedThere is a difference between original file and the link..If you remove the original file, the linked file won’t workDo not link to inodes, but create a name to name mappingAnswer: symbolicQuestion:Create a symbolic link of the following file listed below to the destination location listed below:Location of Source File: /var/linked.txtName of new linked file: slinked.txtDestination file: “files” directory located under “~”Your current location: /tmpAnswer: ln –s /var/linked.txt ~/files/slinked.txtQuestion:Which link can be used to point to a file that exists on the same device?Answer: hard linkQuestion:What command would you use to create a link?Answer: “ln” commandSection: Mounting Devices:Question: What are 3 ways to display all mounted file systems on your server:Answer: -- # mount-- cat /proc/mounts-- cat /etc/mtab-- df -h (add on 1/23/2016)Question: What would be the steps to mount usb device "/dev/sdb1" to the /mnt/usb directory as ext4..Answer: mount -t ext4 /dev/sdb1 /mnt/usbQuestion: Mount the device (/dev/sdb1) to your home directory "project42". "project42" hasn't been created yet. What are the steps to mount device "/dev/sdb1".Answer: step 1: mkdir project42step 2: mount -t ext4 /dev/sdb1 ~/project42Question: If you have successfully completed question above, now unmount the device.Answer: umount ~/project42Question: df command (150)Which command would you run to show the user-friendly way of looking at mounted file systems in human readable format? Answer: df -h Question: What command could I use to display all mounted file systems on /dev/sdb:Answer: mount | grep /dev/sdbQuestion:How would I mount the following device (/dev/hdb1) as read-only to the following location: /mnt/backupANSWER: mount -t ext4 -o ro /dev/hdb1 /mnt/backupSection: Creating Backups: Question: Create an archive of the "etc" directory and save to the "/tmp" directory of your "home" directory..you are currently in the "/" directory. . .name file etcbu.tar:Answer: tar cvf ~/tmp/etcbu.tar /etcQuestion: This command creates, appends, updates, and extract files to and from a single file?Answer: tarQuestion:Which tar command option, creates a tarball?Answer: -cQuestion:Which tar command option, specifies a tarball name?Answer: -fQuestion:Which tar command option, compresses a tarball with bzip2?Answer: -jQuestion:Which tar command option, appends files to the end of an existing tarballAnswer: -rQuestion:Which tar command option, lists contents of a tarballAnswer: -tQuestion: Which tar command option, appends files to the end of an existing tarball if the specified files are newer. Does not append to compressed tarballsAnswer: -uQuestion:Which tar command option, displays in verbose mode?Answer: -vQuestion:Which tar command option, extracts from a tarball?Answer: -xQuestion:Which tar command option, compresses a tarball with gzip command?Answer: -zQuestion:To create an archive of all configuration files in the “/etc” directory, what command would you use?Tar file name: etc.tarDestination of tar file: /tmpAnswer: tar cvf /tmp/etc.tar /etcQuestion:How would you list the contents of the following tar file (/tmp/passwd.tar)?Answer: tar tvf /tmp/passwd.tarQuestion:How would you extract archive “/tmp/etc.tar” to the following location “~/tmp/etc_backup”. You are currently in “/var” directory?Answer: tar xvf /tmp/etc.tar –C ~/tmp/etc_backup/Question:What are the 2 most popular tools for compression of regular files on Linux?Answer: gzip/gunzip and bzip2/bunzip2Question:How would you list the specific file “etc/resolv.conf” in the “/backup/etc.tar” archiveAnswer:tar tvf /backup/etc.tar etc/resolv.confQuestion:Which tar option would you use to preserve file permissions?Answer: pQuestion:Write command to create gzip tar file and preserve the permissions: Source: /etcTar file name: etc_backup.tar.gzDestination: /backupAnswer: tar cpzf /backup/etc_backup.tar.gz /etcQuestion:Which command would you write to archive a copy of the “/var” directory to the “copy_of_etc” directory, located under the home directory?Answer: (cd /var; tar –cf - .) | (cd ~/copy_of_etc/ ; tar –xpf - )Question:Create a tarball called /tmp/files.tar containing multiple files from the /etc directory: multiple file name are belowhost.confshadowpasswdyum.confAnswer: tar cvf /tmp/files.tar /etc/host.conf /etc/shadow /etc/passwd /etc/yum.confQuestion:How would you uncompress the following tar file: /etc/ebkup.tar?Answer:tar xvf /etc/ebkup.tarQuestion:How would you uncompress the gzip tar file “bkup.tar.gz”?Answer: tar xvzf bkup.tar.gzSection: Setting up System Logging: Question:This is performed to capture messages generated by the kernel, daemons, commands, user activities, applications, and other events. . .these messages are forward to various log files, which store themAnswer: syslog or System loggingQuestion:What is the daemon responsible for system logging?Answer:rsyslogdQuestion:Even if you don't do anything to setup logging, your server will log automatically. True or FalseANSWER:FalseQuestion:The "rsyslogd" daemon reads its configuration file _______ and the files located in the ________ directory at startup, to determine what it has to do.Answer:The "rsyslogd" daemon reads its configuration file "/etc/rsyslog.conf" and the files located in the "/etc/rsyslog.d" directory at startup, to determine what it has to do.Question:The default repository for most system log files is the ______ directory, as defined in "/etc/rsyslog.conf"Answer:default repository for most system log files is the "/var/log" directory, as defined in "/etc/rsyslog.conf"Question:Which file allows me to set up how to handle the logging of different events?Answer:rsyslog.conf fileQuestion:Which file ensures that all important messages are written to different log files in the "var/log" directory?Answer:rsyslog.confQuestion:What's the most important file found in the "/var/log" directory, that contains nearly all of the messages that pass through syslog?Answer:"messages" logQuestion:By default, the logrotate command runs as a cron job once a day from ________.Answer:/etc/cron.dailyQuestion:What helps you define a policy where log files that grow beyond a certain age and size are rotated?Answer:logrotateSection: Configuring and managing storage:Question:_____ offer a rather static way to configure storage on a server.Answer:PartitionsQuestion:These volumes offer a much more dynamic way to configure storage.Answer:logicalQuestion:All Red Hat servers have at least one partition that is used to do whatAnswer:to boot the serverQuestion:All Red Hat servers have at least one partition that is used to boot the server, why?Answer:because the boot loader GRUB can't read data from logical volumesQuestion:The Logical Volume Manager(LVM) offers many benefits, name some of the benefits:Answer:LVM makes resizing of volumes possibleIn LVM, you can work with snapshots, which are useful in making a reliable backupIn LVM, you can easily replace failing storage devicesQuestion:There are 3 kinds of partitions you can create, name them:Answer:Primary, Extended, LogicalQuestion:Which partition am I; These are written directly to the master boot record of your hard drive... After creating four of these partitions, you can't add any more partitions. . .There's space for just four partitions in the partition table and no more than fourAnswer:Primary PartitionQuestion: Which partition am I; Every hard drive can have one of these partitionsYou can't create a file system in this partitionThe only thing you can do with it is to create logical partitionsYou'll use this type of partition if you intend to use more than four partitions in total on a hard driveThis type of partition, will allow you to create 11 additional logical partitionsAnswer:Extended PartitionQuestion:This partition is created inside an extended partitionYou can have a maximum of 11 per disk, and you can create file systems on top of theseAnswer:Logical partitionQuestion:After selecting between primary, extended, or logical partitions, you need to select a partition type. .This is an indication to the OS what the partition is to be used for....what are the most common partition types, and explain each one:Answer:83 - This is the default partition type. It's used for any partition that is formatted with a Linux file system82 - This type is used to indicate that the partition is used as swap space05 - This partition type is used to indicate that it is an extended partition8e - Use this partition type if you want to use the partition as an LVM physical volumeQuestion:Writing the new partition table to disk doesn't automatically mean your server can start using it right away... if you get an error message indicating that the device on which you've created the partition is busy, what can you do to resolve the error?Answer:restart the server to activate the new partitionSection: Working with Logical Volumes:Question:Logical Volume (LVM) solution is widely used for managing ______________.Answer:disk storageQuestion:LVM allows us to accumulate spaces taken from one or several partitions or disks called _____, to form a logical container called _____, which is then divided into logical partitions called _____.Answer:1. physical volumes2. volume group3. logical volumesQuestion:What are Primary Benefits LVM offers:Answer:1. resizing of VGs and LVS2. user-defined naming for VGs and LVs3. mirroring and striping across multiple physical disksQuestion:Which device is created when at least one physical volume is added to itAnswer:VG or Volume GroupQuestion:This device is created when a block storage device such as a partition or an entire disk is brought under LVM control after going through the initialization processAnswer:PV or Physical VolumeQuestion:space from all physical volumes in a volume group is aggregated to form one large pool of storage, which is then used to do what?Answer:build one or more LVMs (logical volumes)Question:What does VG metadata contains:Answer:its name unique ID date and time of creation how it was created the extent size used a list of included physical volumes and their attributes a list of logical volumes a mapping of physical and logical extentsQuestion:A ___ is divided into several smaller logical pieces when it is added to a volume group(VG)Answer;Physical Volume(PV)Question:What's the command to delete a LV or Logical Volume, named "lvstuff" and located in VG(vgpool)?Answer: # lvremove /dev/vgpool/lvstuffQuestion:What's the command to delete PV or Physical Volume "/dev/sdb1"?Answer:#pvremove /dev/sdb1Question:What's the command to delete LV or Logical Volume "lvstuff" located in the VG "/dev/vgpool"Answer:#lvremove /dev/vgpool/lvstuffQuestion:A ____ is divided into several smaller logical pieces when it is added to a VG.Answer: Physical Extents (PEs)Question:An ____ is the smallest allocatable unit of space in LVMAnswer:extentQuestion:A volume group consists of a pool of storage taken from one or more physical volumes. . .this volume group space is divided into one or more logical partitions called _____.Answer:logical volumes (LVs)Question:What command can verify LMV is installed?Answer:rpm -qa | grep -i lvmQuestion:What 3 different parts must you set up, to create logical volumes?Answer:step 1: create physical volume(PV)step 2: create the volume group(VG)step 3: create the logical volume(LV)Question:The ___ is the actual storage device you want to use in your LVM configuration.Answer:physical volume(PV)Question:What's the command to create a PV on device: "/dev/sdb3"Answer:pvcreate /dev/sdb3Question:What would be the command to create the "tester" volume group on the PV "/dev/sdb3"?Answer:vgcreate tester /dev/sdb3Question:What would be the command to create a 100MB LV, called "maintenance", in the "tester" VG?Answer:lvcreate -n maintenance -L 100MB testerQuestion:By default, every LVM logical volume(LV) has a device structured as what?Answer:/dev/name-of-vg/name-of-lvQuestion:When resizing logical volumes, you don't have to resize the file system that is on it as well? True or FalseAnswer:False (you must resize the file system)Question:If you're extending a logical volume, you will 1st _______ and then you can _________?Answer:1. extend the volume itself2. extend the file system that's on itQuestion:When you reduce a logical volume, you 1st need to ____ before you can reduce the size of the logical volumeAnswer:reduce the file systemQuestion:To resize any Ext file(Ext2, Ext3, or Ext4), what command can you use?Answer:resize2fs commandQuestion:When will you need to extend the VG before you can extend a logical volume(LV)?Answer:this occurs when you have allocated all available disk space in the volume group previouslyQuestion:To extend a volume group(VG), you must add what to it?Answer:add new PVs to itSection: Working with Snap Shots:Question:Using a LVM ______ allows you to freeze the current state of an LVM volume.Answer:snapshotQuestion:The consumption of a snapshot volume can be checked by means of the what command?Answer:lvs Question:What does creating a snapshot allow you to do?Answer:keep the current state of a volume and gives you an easy option for reverting to this state later if that becomes necessaryQuestion:snapshots themselves are not intended for use as a means of making backups, since only the changes will be saved. True of FalseAnswer:TrueSection: Creating Swap File:Question:Every server needs what type of space, even if it's never going to use it?Answer:Swap spaceQuestion:Swap space is allocated when your server is what?Answer:is completely out of memoryQuestion:Using swap space allows your server to continue to do what?Answer:offer its servicesSection: Working with Encrypted Devices:Question:What type of setup would you use to create an encrypted volume?Answer:LUKS (Linux Unified Key Setup)Section: Basic Networking:Question:Setting up Linux's _____ tools is necessary for fully configuring LinuxAnswer:basic networkingQuestion:The most common "network stack" today is what?Answer:the Transmission Control Protocol/Internet Protocol (TCP/IP)Question:_____ is designed to enable 2 or more computers to communicate with one anotherAnswer:Network hardwareQuestion:Linux supports several types of common network hardware. . .what is the most common?Answer:EthernetQuestion:Name atleast 3 common wireless protocols.Answer:1. 802.11a2. 802.11b3. 802.11g4. 802.11nQuestion:Which wireless protocol support maximum speeds of 300Mbps?Answer:802.11nSection: Connecting to Network, Pt-I:Question:__________ service is used to start the network.Answer:NetworkManagerQuestion:Many network types require the use of a central device known as a ____ or a ______.Answer: hub or switchQuestion:What's the purpose of a hub or switch?Answer:It passes data between the computersQuestion:As a general rule, hubs are superior to switches.True or FalseAnswer: FalseQuestion:This is smart enough to send packets only to the intended destination. . . Switch or HubAnswer:SwitchQuestion:____ allow full-duplex transmission, in which both parties can send data at the same timeAnswer:SwitchesQuestion:this device permits only half-duplex transmission, in which the two computers must take turn (like 2 people using walkie-talkiesAnswer:HubQuestion:Which device is more common to use to link together both wireless and Ethernet devices. . .such devices also provide connections to an outside network, typically the Internet?Answer:wireless routerQuestion:Modern networks operate on discrete chunks of data known as _______.Answer:packetsQuestion:The _____ is a set of software that converts and encapsulates data between layers of abstraction.Answer:protocol stack-- stopped on page 333Section: Connecting to Network, Pt-II:Question:The easiest way to configure the network is by clicking the _________ icon on the graphical desktop of your serverAnswer:NetworkManagerQuestion:by default, your network card is configured to obtain an address from a ________.Answer:DHCP serverQuestion:Apart from the NetworkManager service, there's also this device, which is what enables all network cards on your serverAnswer:network service(/etc/init.d/network)Question:The classic tool for manual network configuration and monitoring is what..... This command provides an overview of the current configuration of all network cards, including some usage statistics that show how much traffic has been handled by a network card since it was activated?Answer:ifconfigQuestion:the “ip” command works with subcommands, known as what?Answer:“objects”Question:If you type “ip help” on the command line, what would you see?Answer:you’ll see a help message showing all the objects that are available with the “ip” commandQuestion:What can "ip route" be used for?Answer: can be used to show and manage routes on your serverQuestion:A key concept in ______ is the ability to define what addresses are locally reachable as opposed to not directly known destinationsAnswer:IP routingQuestion:Every IP capable host knows about at least three classes of destination: name them.Answer:1. itself2. locally connected computers3. everywhere elseQuestion:which command allows you to manage the current address allocation of a device?Answer:ip addrQuestion:Which command would you use to add the IP address (192.168.0.72) to the network device with the name "peeps"?Answer:# ip addr add dev peeps 192.168.0.72/24Question:To communicate on a network, your server needs to know which node to use as the ______, also known as the “_______”.Answer:default gateway / default routerQuestion:What's the command to show the current settings of the default routerAnswer:# ip route showSection: Connecting to Network, Pt-III:Question:Most services provided by a RHEL server are offered by a service script that starts when your server boots. Where can you find the scripts?Answer:/etc/init.d directoryQuestion:A service script doesn’t contain any variable parameters. All variable parameters are read while the service script starts, either from ________ in the “/etc” directory or from a configuration file that it uses, which is stored in the _____ directoryAnswer:configuration file And “/etc/sysconfig”Question:To manage service scripts, two commands are relevant. What are they? Explain each.Answer:1. service commandyou can use to start, stop, and monitor all of the service scripts in the /etc/init.d directory2. chkconfig commandyou can use to enable the service in the runlevelSection: Connecting to Network, Pt-IV:Questions:The ______ is the default service to obtain remote access to a serverAnswer:Secure Shell (SSH) protocolQuestion:What process am I:I run on the serverOn most Linux distros, I go by the name "sshd"To connect to me from a client computer, you can use the "ssh" client utility if the client is Linux or use Putty if you're on a Windows clientAnswer:SSH ServerQuestion:SSH is enable by default, but, to ensure it starts manually, which command would you use:Answer:service sshd startQuestion:to make the SSH server secure, there are at least two modifications you should make to what file?Answer:/etc/ssh/sshd_config fileSection: Managing Software, Pt-ONE:Question:An ____ is basically an archive file. . .it’s created with the “cpio” command. . .however, its no ordinary archive Answer:RPMQuestion:RPM is a great step forward in managing software, but there is still one inconvenience that must be dealt with---What is it?Answer:Software dependencyQuestion:Meta Package Handler, which in Red Hat/CenTOS is known as ___, works with repositories, which are the installation sources that are consulted whenever a user wants to install a software packageAnswer:yum (Yellowdog Update Manager)Question:using a yum is really the solution for what?Answer:dependency problemQuestion:What command would you use to install Apache(httpd) using yum?Answer:yum install httpdQuestion:Which command would you use to search repository RPM-package to see if php is installed?Answer:rpm -qa | grep -i php/////////////// Stopped on page 8Section: Managing Software, Pt-TWO:Question:Which command would you use to search for package nmap using yum?Answer:# yum search nmapQuestion:Write command to search in yum for the package that contains the file "topper"Answer:yum provides */topperQuestion:Write command to force yum to clear everything it has cached and download new index files.Answer:# yum clean allQuestion:What command would you use to install the network analysis tool "nmap" using yum?Answer:yum install nmapQuestion:when using yum install, which option can I use to perform a GPG check, which tells yum to check for signature of the package being downloaded?Answer:--gpgcheck optionQuestion:command to install the "xinetd" package without performing a GPG check and without having to confirm the installation, using yum.Answer:# yum install -y --nogpgcheck xinetdQuestion:Which yum command will install the newer version of the kernel, while keeping the older version on your server?Answer:# yum update kernelQuestion:run the command to remove the "nmap" pacakage.Answer:yum remove nmapQuestion:which command could you use to search for all "nmap" packages.Answer:rpm -qa | grep "nmap"Section: Managing Software, Pt-THREE:Question:Which command allows you to perform a basic integrity check on the software you have on your server:Answer:# rpm -qVaQuestion:Write command to install httpd package from an unverified sourceAnswer:rpm -q --scripts httpdQuestion:Use this option to find out from which file a package originatedAnswer:rpm -qfQuestion:Every RPM package consists of 2 parts, what are they?Answer:1. The metadata part, that describes what is in the package2. A cpio archive, that contains the actual files in the packageSection: Working with User, Groups, and Permission, Part ONE:Question:Write command-line command to create user "pthomp"Answer:# useradd pthompQuestion:Write command to lock user "linda" account.Answer:passwd -l lindaQuestion:Write command to force user "linda" to change password on next login.Answer:passwd -e lindaQuestion:Write command to set maximum number to 28, that the user linda can use password without having to change itAnswer:passwd -x 28 lindaSection: Working with User, Groups, and Permission, Part TWO:Question:Write command to set the new primary group of user linda to a group with the unique ID 155Answer:usermod -g 155 lindaQuestion:user "thomml" account is locked. Which command would unlock "thomml" account as the sysadmin?Answer:# usermod -U thommlQuestion:I want to verify if user "jtop" account is locked. What command can you use?Answer:# grep -E --color 'jtop' cat /etc/shadowQuestion:What command would you use to lock user "jtop" account?Answer:# usermod -L jtopQuestion:A user on our system has just remarried, therefore we need to change the user login name from "btipper" to bjohns". How would you change it? Also, what would be the command to verify.Answer:# usermod -l bjohns btipper # id bjohnsQuestion:We need to add the "accting" group to user "rawlant" and keep her current group as well, which command would you use?Answer:# usermod -a -G accting rawlantQuestion:Using the "chage" command, which command could I use to check the current account expiry status of user "linda"Answer:chage -l lindaQuestion:I want to change user account "lisa" to expire 30 days from 2016-04-15. Type command to make it happenAnswer:# usermod -e 2016-05-15 lisaQuestion:Add the "hr" group to user "salbk".Answer:# usermod -G hr salbkQuestion:Change user "tthomp" from /bin/bash shell to /bin/shAnswer:# usermod -s /bin/sh tthomp-- verify after making change:# grep -E --color 'tthomp' /etc/passwdQuestion:write command to show me the group(s) the user "ffins" is a member or has been a member?Answer:# grep -E --color 'ffins' /etc/groupQuestion:Verify the UID of user "ascott".Answer:grep -E --color 'ascott' /etc/passwd OR id ascottQuestion:Change the UID of user "ascott" to "773"; then verify the change was madeAnswer:# usermod -u 773 ascott-- now, verify the change:# id ascottQuestion:Lisa has decided to leave the company for a better opportunity. We need to delete her account "lisa" from our server, to include all files. What command would you use to make it happen?Answer:userdel -rf lisaQuestion:I just deleted user "linda" account, but I'm not sure if all files created by linda were removed. Besides using the command "userdel", what's another way to find all files owned by "linda" and delete them?Answer:find / -user "linda" -exec rm {} \;Section: Working with User, Groups, and Permission, Part THREE:Question:What are the 3 commands to manage the groups in your server environment?Answer:groupadd / groupdel / groupmodQuestion:group management does not follow the same patterns as user management. True or FalseAnswer:FalseQuestion:All groups on your system are defined in which file?Answer:configuration file "/etc/group"Question:To manage group membership, which 2 commands could you use?Answer:usermod and groupmod commandsQuestion:Add the supplementary group "sales" to the user "linda".Answer:# usermod -a -G sales lindaSection: Working with User, Groups, and Permission, Part FOUR:Question:The ______ provides information about all available authentication sources, and it is also capable of providing offline authenticationAnswer:sssd serviceQuestion:Change the group owner of directory /tmp to "flextt" from "linda" using "chgrp" command. "tmp" directory is a sub-directory under "root" directory.Answer:chgrp flextt /tmpQuestion:Using "sssd" doesn 't require much information. The configuration parameters specified are written to the configuration file "/etc/sssd/_______ "Answer:sssd.confQuestion:I want to find all files owned by the group "dbadmin". Which command would you use?Answer:find / -group dbadminQuestion:The "/etc/_____" files is used to determine where different services on a computer are looking for configuration informationAnswernsswitchQuestion:What are the 2 ways to change group ownership?Answer:using "chown" commandusing "chgrp" commandQuestion:The ____ and ____ files are relevant for authentication. They specify that the local files are always checked first, prior to the authentication mechanism that is offered through "sssd"Answer:passwd and shadowQuestion:To determine whether you, as a user , have permissions to a file or a directory, the kernel checks what?Answer:ownershipQuestion:I want to find all files that have the user "linda" as the owner, which command would you use?Answer:find / -user lindaQuestion:which command allows you to change owner permissions?Answer:chown Question:user "jdoe" currently owns the file football.pdf and I would like to change the owner of the file to user "lisaj". Write the command to make this happen.Answer:chown lisaj football.pdfQuestion:Change ownership of the /home directory and everything beneath it from user "linda" to "mthomp"Answer:chown -R mthomp /homeQuestion:Change the group owner of directory /tmp to "flextt" from "linda" using "chown" command. "tmp" directory is a sub-directory under "root" directory.Answer:chown :flextt /tmpQuestion:To show the effective primary group, a user can use what command?Answer:# groupQuestion:to set read, write, and execute for the user, read and execute for the group, and read and execute for others on the file “/etc”, you would use the command:Answer:chmod 755 /etcQuestion:To change the permission in relative mode by adding execute permissions to group and write permission for others of the rrlinux.txt file located in /etc/tmp directory, which command would you use?Answer:chmod g+x, o+w /etc/tmp/rrlinux.txtSection: Working with User, Groups, and Permission, Part FIVE:Question:What permission bit allows the users to execute a program with the permissions of its owner?Answer:SUID (set user id)Question:when changing a password, the user temporarily has root permissions, which allow the user to write to which file?Answer:“/etc/shadow”Question:You can see the SUID permission with this command: _____ …. what letter would you expect to see at the position where normally you would expect to see the “x” for the user permissionsAnswer:# ls –l ; sQuestion:This advance permission has two effects:If applied on an executable file, it gives the user who executes the file the permissions of the group owner of that fileWhen applied to a directory, this permission may be used to set default group ownership on files and subdirectories created in that directoryAnswer: set group ID (SGID)Question:By default, when a user creates a file, the user’s effective primary group is set as the _______ for that fileAnswer:group ownerQuestion:This bit permission is used to protect files against accidental deletion in an environment where multiple users have write permissions in the same directoryFor that reason, it is applied as a default permission to the “/tmp” directory, and it can be useful on shared group directories as wellAnswer:sticky bitQuestion:When applying sticky bit, a user can delete files only if either of the following is true:Answer:The user is owner of the fileThe user is owner of the directory where the file existsQuestion:To apply SUID, SGID, and sticky bit, you can use the “___” commandAnswer:chmodSection: Working with User, Groups, and Permission, Part SIX:Question:If you're using this type of file system, ACL support is added to all file systems created while installing the system. What is the file system type?Answer:Ext4Question:I want to verify if sdb2 device has ACL support, which command could I use to do so?Answer:dumpe2fs /dev/sdb2Question:As an alternative, support for the ACLs can be added as a mount option in this file, what file is it?Answer:/etc/fstabQuestion:Use the tune2fs command to add permissions support to device "/dev/sdb2"Answer:tune2fs -o acl,user_xattr /dev/sdb2Question:This command is used to apply or modify ACL settings on a file or directory. What command is it?Answer:setfacl commandQuestion:Which command could I use to see the current ACL settings for the directory "/tmp/dba"?Answer:getfacl /tmp/dbaQuestion:Modify ACL permissions to the following group: sales to directory: /tmpAnswer:setfacl -m g:sales:rx /tmpQuestion:Explain this command: setfacl -m u:linda:rwx /tmpAnswer:this command gives permissions to user linda on the /tmp directory without making her the owner and without changing the current owner assignmentQuestion:What are 2 benefits of using ACLs?Answer:1. you can give permissions to more than one user or group at a directory2. you can enable inheritance by working with default ACLsQuestion:True or False. . .a default ACL changes the permissions for existing files and subdirectories.Answer:FalseQuestion:Write command to give the group: sales; read and execute permissions on everything that will ever be created in the /etc directory.Answer:setfacl -m d:g:sales:rx /etcSection: Working with User, Groups, and Permission, Part SEVEN:Question:_____ is a shell setting that determines the default permissions that you will get if you don't use ACLsAnswer:umaskQuestion:An alternative to setting the umask setting in /etc/profile, where it is applied to all users logging into the system, is to what?Answer:change the umask settings in a file with the name .profile OR .bash_profile OR .bashrc, which is created in the home directory of an individual userQuestion:This setting contains a numeric value that is subtracted from the maximum permissions that can be set automatically to a fileAnswer:umaskQuestion:Concerning "umask", what are the maximum setting for files?Answer:666Question:Concerning "umask", what are the maximum setting for directories?Answer:777Question:Personal environment variables and startup programs should go in what location?Answer:~/.bash_profileQuestion:Of the digits used in the "umask", when using the numeric arguments (for ex: 644) for the chmod command:the first digit applies to whomthe second digit applies to whomthe third digit applies to whomAnswer:end-user permissionsgroup permissionsall others default permissionsQuestion:If the umask is changed in this file, it applies to all users after logging in to your server. What file is this?Answer:/etc/profile fileQuestion:The default umask setting of 022, gives what permissions for:all new filesall new directoriesAnswer:644 for all new files755 for all new directoriesQuestion:System wide environment variables and startup programs are in what location?Answer:/etc/profileQuestion:Personal aliases and functions are in what location?Answer:~/.bashrcQuestion:What permission does this command set: umask u-x,g=r,o+wAnswer:prohibit execute permission for user, while leaving the rest of the owner permissions unchangedenable read permission for group, while prohibiting write and execute permission for the groupenable write permission for others, while leaving the rest of the other permissions unchangedQuestion:If you want to set umask for all users, you must make sure the umask setting is entered in this configuration file..Answer:/etc/profileQuestion:What are the 3 general classes of users?Answer:The user who owns the file (User)Users belonging to the files defined ownership group (Group)Everyone else (Other)Question:What are two ways to represent a file's permissions?Answer:symbolically and octalQuestion:To view your system's current umask value, which command would you use?Answer:umaskQuestion:To view your system's current umask value as a symbolic representation, which command would you use?Answer:umask -SQuestion:What permission does this command set: umask u+wAnswer:write permission for the user(file owner)Section: Understanding and Configuring SELinux, Part ONE:Question:In _______, an additional set of rules is used to define exactly which process or user can access which files, directories, or portsAnswer:SELinuxQuestion:Underline the security context of this line:rw-r--r--. root root system_u:object_r:etc_t:s0 /etc/logrotate.confAnswer:system_u:object_r:etc_t:s0Question:I want to check the type contexts for the root home directory, which command would you use to do so?Answer:ls -Z ~/Section: Understanding and Configuring SELinux, Part TWO:Question:3 different modes can be used in SELinux, what are they?Answer:EnforcingPermissiveDisabledQuestion:This is the default mode. SELinux protects your server according to the rules in the policy, and SELinux logs all of its activity to the audit log. . .Which SELinux mode am I?Answer:EnforcingQuestion:This mode is useful for troubleshooting. If set to Permissive, SELinux does not protect your server, but it still logs everything that happens to the log files. . . the Linux kernel still maintains the SELinux labels in the file system. . .this is good because this prevents your system from relabeling everything after turning SELinux on again. . .Which SELinux mode am I?Answer:PermissiveQuestion:I want to see a list of all contexts in the SELinux policy, which command should I use?Answer:semanagefcontext -lSection: Understanding and Configuring SELinux, Part THREE:Question:____ allow parts of SELinux policy to be changed at runtime, without any knowledge of SELinux policy writing. This allows changes, such as allowing servicess access to NFS volumes, without reloading or recompiling SELinux policyAnswer:BooleansQuestion:I need to see a list of booleans and to see whether they are on or off. How can I make this happen?Answer:# semanage boolean -lQuestion:I ran the command to see a list of booleans and I noticed that "ftp_home_dir" is showing as "off". What does that mean?Answer:prevents the FTP daemon(vsftpd) from reading and writing to files in user home directoriesQuestion:How can I see a list of Booleans, but exclude the description?Answer:# getsebool -aQuestion:I would like to see the status of boolean "ssh_sysadm_login", which command would you run?Answer:getsebool ssh_sysadm_loginQuestion:Which utility do you use to enable or disable BooleansAnswer:setsebool utilityQuestion:Use this option with the "setsebool" utility. This option writes the setting to the policy file on disk, and this is the only way to make sure that the Boolean is applied automatically after a reboot. What is this option?Answer:-P optionQuestion:I would like to set the ssh_sysadm_login boolean to on. How would you make it happen and make sure it's persistent across reboots? Then verify it...Answer:# setsebool -P ssh_sysadm_login on# getsebool ssh_sysadm_loginQuestion:The current implementation of SELinux on RHEL is modular. What does that mean?Answer:This means that the policy that implements SELinux features is not a single large policy but one that consists of many smaller modulesQuestion:How can I get an overview of SELinux modules?Answer:# semodule -lQuestion:To switch off a SELinux module, use _____.Answer:# semodule -d modulenameQuestion:To switch an SELinux module on again, use _____.Answer:# semodule -e modulenameQuestion:Which command allows you to install the setroubleshoot-server?Answer:yum install -y setroubleshootQuestion:If SELiux is the reason why something isn’t working, by default, a log message is sent to _____.Answer:/var/log/audit/audit.log fileSection: Securing Your Server with IpTables, Part ONE:Question:A Firewall works through "packet inspection", explain in your words what this mean.Answer:This means that the firewall screens incoming and outgoing packets to check whether the address, protocol, and port of the packet is either allowed or deniedQuestion:A firewall normally have a hard time checking the actual data portion of the packet. What is a resolution to handle this?Answer:Use a proxyQuestion:In large company networks, firewalls are often handled by the ________ that connects the network to the InternetAnswer:routerQuestion:When does a server normally require a firewall?Answer:If a server is directly connected to the Internet or if you want to configure your network for additional securityQuestion:What is the default firewall offered through the Linux kernel?Answer:NetfilterQuestion:What are 2 options to configure Netfilter on Red Hat Enterprise Linux or CenTOS?Answer:use the "system-config-firewall" tool if you prefer graphical interfaceuse the "iptable" command to work from command lineQuestion:Before starting to configure a firewall with the system-config-firewall, one important thing to realize is what?Answer:it wipes clean all configurations you created manuallyQuestion:You have just made some firewall configuration changes using the "system-config-firewall" gui tool and know, you need to make the new configurations operational, what must you do?Answer:Check that the iptables services is enableduse the "iptables -L" command to verify the rules have been appliedQuestion:If the firewall is installed on a server, there is normally just one network interface on which the firewall is operational. If the firewall is on a server that is used as a router, usually there is an internal network interface and an external network interface... Packets are routed between these interfaces by a routing process. By default, all network interfaces are considered untrusted. If your server works as a router and you want to specify some interfaces as trusted, how could you do this using the "system-config_firewall" gui tool? Show me a print screen of gui from your system.Answer:from system-config-firewall, click Trusted Interfaces and select the interfaces you want to addQuestion:you can configure a server to connect your local network to the Internet. In this configuration, IP addresses from the private address ranges are used on the private network. These addresses cannot communicate on the Internet, but they will be translated to the public IP address on the interface that faces the Internet. What is this process known as? Also, what is it referred to as? Answer:IP masquerading / Network Address Translation(NAT)Question:What's the major benefit of using masquerading?Answer:with just one public IP address, you can connect many devices on the private network to the InternetQuestion:IP masquerading is commonly used in what type of networks?Answer:home and corporate networksQuestion:One of the computers on the private network is not directly reachable from the Internet, but this computer offers a special service that you want to make available on the internet, what approach can you use to make it available?Answer:you can use port forwarding in combination with masquerading, which means you assign a port on the public interface of the NAT router and forward everything that comes in on that port to a specific host and port on the private networkSection: Securing Your Server with IpTables, Part TWO:Question:Everything you do with system-config-firewall is saved to two configuration files that are stored in the directory /etc/sysconfig, what are the 2 files?Answer:iptables and iptables-configQuestion:Of the following chains used in a filter table, this chain is used on routers, and packets that don't have a process on the firewall as their destination use it. Which chain is this?Answer:FORWARDQuestion:this is the process of passing or blocking packets at a network interface based on sources and destination addresses, ports, or protocolsAnswer: packet filteringQuestion:To set up a basic firewall, using the system-config-firewall tool is a good utility to use, but for advance features set up, it's best to use the following command?Answer:iptablesQuestion:_____ are the basic building blocks of a Netfilter firewall.Answer:TablesQuestion:This is often part of the firewall program for protecting a local network from unwanted intrusion?Answer:packet filteringQuestion:Of the following chains used in a filter table, incoming packets are processed in this chain. Which chain is this?Answer:INPUTQuestion:a ____ consists of a set of rules that is sequentially processed for each packet that enters the firewall until it finds a matchAnswer:chainQuestion:What are the following chains used in a filter table?Answer:INPUT, OUTPUT, and FORWARDQuestion:Of the following chains used in a filter table, this chain is used for outgoing packets. Which chain is this?Answer:OUTPUTQuestion:In modern network environments, _____ are used more and more frequently, which means that the role of Linux servers as a firewall becomes less importantAnswer:hardware routersQuestion:You have just flushed all firewall rules. So we want to start adding selected services to our firewall filter. Now let's allow web server traffic. The two ports for web server traffic are 80 and 443Answer:# iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT# iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPTQuestion:List some of the most common elements you'll find in rules:Answer:ModulesInterfaceIP AddressesProtocolTargetPolicyQuestion:Which command would you use to flush all firewall rules?Answer:iptables -FQuestion:You have just flushed all firewall rules. So we want to start adding selected services to our firewall filter. The first such thing is a localhost interface. What command would you use to add the localhost interface to the firewall filter?Answer:# iptables -A INPUT -i lo -j ACCEPTexplanation: We tell iptables to add (-A) a rule to the incoming (INPUT) filter table any trafic that comes to localhost interface (-i lo) and to accept (-j ACCEPT) it.Section: Securing Your Server with IpTables, Part THREE:Question:Which target within iptables environment, allows you to log matching packetsAnswer:LOG targetQuestion:To send a packet to the LOG target, you need to include a line that refers to that target before anything else happens to the packet. . .Now, how would you log all packets, which the node with IP address 192.165.0.55 that sends to SSH(port 22) traffic, which is allowed in general?Answer:# iptables -A INPUT -s 192.165.0.55 -p tcp --dport 22 -j LOG# iptables -A INPUT -p tcp --dport 22 -j ACCEPTQuestions:When using the LOG target, sequence isn't that important:TrueFalseAnswers:FalseQuestion:to make sure that your computer can do packet forwarding, check that the /etc/sysctl.conf file contains what:Answer:net.ipv4.ip_forward = 1Question:Explain the purpose of the Limit ModuleAnswer:this module allows you to jump to a target if a certain number of packets have been matched within a specific period of timeQuestion:I want to limit the number of packets logged to one per 2 minutes for all SSH traffic, how can I do this?Answer:# iptables -I INPUT 3 -p tcp --dport 22 -m limit --limit 2/min -j LOGQuestion:I would like to delete a iptable rule that happens to be number 5 under OUTPUT of the iptable. How would you do it?Answer:iptables -D OUTPUT 5Question:This is a common technique that can be used on routers to have nodes on the private network go out with one registered IP address on the public network. What is it?Answer:Network Address Translation (NAT)Question:In the NAT table, what 3 different chains are available?Answer:PREROUTINGPOSTROUTINGOUTPUTQuestion:I need to enable NAT, what's the 1st thing I need to address?Answer:verify that my host is configured for packet forwardingSection: Configuring openLDAP, Part ONE:Question:if you’re responsible for operating dozens servers, you’ll need a solution that helps you maintain essential system information from a single location in your network. What is a good solution.Answer:An LDAP ServerQuestion:The _____________ is a solution to access centrally stored information over a network. It is organized in a directory that follows the X.500 standardAnswer:Lightweight Directory Access Protocol(LDAP)Question:What type of manner is the OpenLDAP organized?Answer:hierarchical mannerQuestion:What would be the fully distinguished name for the user "jdoe" in the hierarchy Memphis.?Answer:cn=jdoe,dc=Memphis,dc=example,dc=comQuestion:Which is the right fully distinguished name setup:A. cn=fgram.dc=Georgia.dc=example.dc=comB. cn=fgram,dc=Gerogia,dc=example,dc=comC. Either one will workAnswer:BQuestion:I would like to setup a solution on my LDAP server that consists of multiple servers all over the world, which should tell servers that contain a copy of the database for a specific domain how they can contact servers, which contain the information used elsewhere in the hierarchy. What could be used to set this upAnswer:1st, set up OpenLDAT Directories in a hierarchical way2nd, configure LDAP to use referralsQuestion:I would like to set up an OpenLDAP Directory in a way in which there is no single point of failure, because the information is available on multiple servers in the hierarchy. What is this called?Answer:replicationQuestion:What are the 3 steps to configure a base openLDAP server?Answer:Install the OpenLDAP softwareConfigure the LDAP process to service your needsRun the OpenLDAP serverQuestion:Which command to run to install OpenLDAP?Answer:# yum install –y openldap openldap-clients openldap-serversQuestion:Where's the location of the LDAP configuration file?Answer:/etc/openldap/slapd.d/cn=config.ldifQuestion:Apart from the basic LDAP parameters that you’ll use to specify items such as the number of connections the server can support or the timeouts it should apply, there are also some database-specific settings. Where are they located?Answer:/etc/openldap/slapd.d/cn=config/olcDatabase={2}bdb.ldifSection: Configuring openLDAP, Part TWO:Question:To make sure that your LDAP "slapd" process starts automatically when your server boots, which command would you use?Answer:chkconfigslapd onQuestion:When using the "ldapsearch" tool, it requires a number of parameters/options. Which option "Specifies the account you want to use to get the requested information from the LDAP Directory" Answer:-D optionQuestion:When using the "ldapsearch" tool, it requires a number of parameters/options. Which option specifies the password to use.Answer:-w optionQuestion:Where is the schema file found for openLDAP?Answer:/etc/openldap/schemaQuestion:The use of ______ objects can help you in providing additional structure to the LDAP databaseAnswerorganization unitQuestion:When using the "ldapsearch" tool, it requires a number of parameters/options. Which option specifies the base context to use?Answer:-b optionQuestion:I've just added another "ou" to the base.ldif file. Now, let's add this information to the LDAP Directory. Which command would you use? Answer:ldapaddQuestion:This is a collection of files that is found in /etc/openldap/schemaAnswer:schemaQuestion:Changes have been made to case.ldif and need to be added to the LDAP Directory, using "linda" as the administrator and "password" as the password and the following domain: . Answer:ldapadd -x -D "cn=linda,dc=example,dc=com" -w password -f case.ldifQuestion:When adding information to an LDAP database, it’s also useful if you can verify that the information has been added correctly, which tool to use for this purpose?Answer:ldapsearchQuestion:When using the "ldapsearch" tool, it requires a number of parameters/options. Which option indicates that simple authentication should be used?Answer:-xQuestion:To search all the information from the LDAP Directory, you can use the following command: See info below to assist:administrator name is: lindadomain: password: passwordAnswer:ldapsearch –x –D “cn=linda,dc=example,dc=com” –w password –b “dc=example,dc=com” “(objectclass=*)”Question:When working with any database, you need to define which kinds of entries you can add to the database. In OpenLDAP, this is done by defining what?Answer:the schemaSection: Configuring openLDAP, Part THREE:Question:To add anything to LDAP Directory, you need to create what?Answer:an LDIF FileQuestion:Once you have generated an LDIF for the user accounts you want to create and you use "ldapadd" to import it. . .Let's assume the name of the LDIF file is lisa.ldif, the administrator user account cn=linda,dc=example,dc=com... which command would you use to complete the import:Answer:ldapadd –x –D “cn=linda,dc=example,dc=com” –w password –f lisa.ldifQuestion:Once you have imported a user account in the LDAP Directory, you still need to set its password. Write the command to make this happen, using the following information:Administrator: lindapassword: passworduid: lisauser password: mypasswordou: usershost: Answer:ldappasswd -s userpassword -D "cn=linda,dc=example,dc=com" -w password -x "uid=lisa,ou=users,dc=example,dc=com"Question:You have just created an LDIF file to modify an existing group by adding some users to it. Which command would you use to write the modifications to the Directory? Additional information:administrator: lindapassword: passworddomain: filename: groupmod.ldifAnswer:ldapmodify -x -D "cn=linda,dc=example,dc=com" -w password -f groupmod.ldifQuestion:I would like to delete the following entries for lisa and all associated properties from the LDAP Directory. See additional information below to assist:administrator: lindapassword: passwordou: usersdomain: Answer:ldapdelete -D "cn=linda,dc=example,dc=com" -w password "uid=lisa,ou=users,dc=example,dc=com"Section: Configuring DNS and DHCP, Part ONE Question:______ is the system that helps clients resolve an IP address in a name and vice versaAnswer:DNSQuestion:_____ is the service that allows clients to obtain IP related configuration automatically. In this chapter, we learn how to set up these servicesAnswer:DHCPQuestion:What is known as a worldwide hierarchical system?Answer:DNSQuestion:This is the domain that is not directly visible in DNS names but is used to connect all of the top-level domains togetherAnswer:root domainQuestion:Within DNS, a ____ can be configured to administer just the serves within its domain.Answer:name serverQuestion:Which system associates hostnames with IP addresses?Answer:DNSQuestion:The entire portion of DNS for which a name server is responsible is referred to as a _____.Answer:zoneQuestion:When subzones are split, what is this referred as?Answer:delegation of subzone authorityQuestion:This is the server that is responsible for a zone and the one on which modifications can be made. . .Which DNS server type is this?Answerprimary or master name serverQuestion:To keep the primary and secondary name servers synchronized, a process known as “_______” is usedAnswer:zone transferQuestion:In DNS traffic, both primary and secondary name servers are considered to be what?Answer:authoritative name serversQuestion:To get information from a DNS server, a client computer is configured with what?Answer:a DNS resolverQuestion:If the client computer is a Linux machine, where is the DNS resolver located in?Answer:/etc/resolv.conf file ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download