Instructions:

• Answer 50 questions in 15 minutes.
• If you are not ready to take this test, you can study here.
• Match each statement with the correct term.
• Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. What is the point of using SELinux?
Enforcing during installation
used for kickstart and/or network installs
The ping command can be used to verify connectivity to another host.
SELinux provides enhanced granular security for the Linux operating system.


2. What option can you change in the rsyslog config file to accept remote logs (acting as a centralized logging server)?
Uncomment the following line in the /etc/rsyslog.conf file: #$ModLoad imudp.so #$UDPServerRun 514
The user_list file can be used to limit which users have access to the FTP server.
SELinux provides enhanced granular security for the Linux operating system.
support for TCP Wrappers


3. Red Hat Enterprise Linux 6 is the only version that officially supports _______
chkconfig—list
mkfs.ext4
rpcbind service
LUKS encryption


4. The at command is used to ____________. The cron service handles reoccurring system jobs.
The xinetd daemon is used to control and/or run multiple system services. One example is a TFTP server.
The mount command lists all currently mounted file systems.
The /var/liv/dhcpd/dhcpd.leases file contains all clients IP address currently in use.
schedule one-time-only jobs


5. What file needs to be edited so that the system will mount a file system at boot time?
The /etc/fstab file.
chkconfig xinetd --list
halts the system
You should never use the -U option because it erases the prior kernel when updating. This leaves you with no fallback kernel should your system not boot properly.


6. What are the three items that make up LVM?
Enforcing during installation
Enforcing during installation
Physical volumes - volume groups - and logical volumes.
The service command is used to start - stop - and manage system services.


7. The ______________ for Red Hat Enterprise Linux 5 or 6 includes the use of LVM.
Use the chkconfig command to enable or disable services during the boot process. The on option enables the service and off disables it.
You must ensure that the /boot/grub/grub.conf file has the new entry for your newly updated kernel to be able to boot into it.
Enforcing during installation
The smbstatus command shows you currently mounted Samba resources.


8. How can you display all virtual guests after they're connected to a hypervisor?
Sendmail
Use the chkconfig command to enable or disable services during the boot process. The on option enables the service and off disables it.
After you connect to a hypervisor - you can use virsh list —all to list all virtual guests.
Network installations can be performed using the HTTP - FTP - and NFS protocols.


9. You must dictate the ____________ you want allocated to your virtual machine when you create it.
SSH is used for secure remote management of Linux systems.
Uncomment the following line in the /etc/rsyslog.conf file: #$ModLoad imudp.so #$UDPServerRun 514
createrepo
amount of RAM


10. How can you change the security context of a directory to work with Apache?
amount of RAM
Using the chcon command - you can change the context of a file to work with Apache.
support for TCP Wrappers
Public/private key authentication provides an additional layer of security because you need the correct key instead of just knowing someone's password. Passwords combined with public/private keys take the security one additional step.


11. What command can be used to view the queue for at service jobs?
PAM is used as a modular way to leverage security. In this chapter - the main function we discussed was for managing password policies and complexity.
atq
By default - the rndc utility listens on port 953.
semanage boolean -l


12. Editing the /etc/xinetd.d/tftp file and enabling the service are the same as running the chkconfig tftp on command. Both of these actions...
Uncomment the following line in the /etc/rsyslog.conf file: #$ModLoad imudp.so #$UDPServerRun 514
have the same effect
rpmbuild
The five directories are BUILD - RPMS - SOURCES - SPECS - and SRPMS.


13. What commands can you use to add a client machine to an LDAP server?
createrepo
The smbpasswd command is used to create Samba users.
The anonymous_enable=YES option in the main config file allows anonymous uploads.
You can use the authconfig-tui command or the authconfig command.


14. What is the benefit of using public/private key authentication?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


15. What are the side effects of shrinking a volume group or logical volume?
enabled by default
browseable option
If you shrink a volume group or logical volume - there is a chance you could lose data depending on how much you shrink the volume.
The smbstatus command shows you currently mounted Samba resources.


16. What port does NFS use by default?
The SSH service is almost always installed by default in Red Hat. It uses TCP port 22 - and this port is open on the default firewall rules.
You can use the sudo command to run a command with elevated privileges provided you have the rights in the /etc/sudoers file.
The NFS service uses TCP port 2049 by default.
The /proc directory. The /proc/sys directory is the place where you actually tune kernel parameters.


17. What is a gateway used for on a network?
user's home directory in the /etc/skel directory
The user_list file can be used to limit which users have access to the FTP server.
A gateway is used as an entry and exit point for a subnet on a network. To contact hosts outside your subnet - you need to pass through a gateway.
via the command line


18. Which log file is used to keep track of policy violations?
support TCP Wrappers
The /var/log/audit/audit.log file contains all policy violations.
Network address translation (NAT) maintains a table that allows the use of multiple internal IP addresses to a multiple public IP address (called address translation). It can also be used for one-to-one or one-to-many relationships as well.
When the system starts up again - the cron service will run any jobs that were missed while the system was off. On Red Hat Enterprise Linux 5 - the anacron service handles this functionality.


19. How would you disable SELinux protection for NFS - allowing shares to be read/write?
Sendmail
setsebool -P nfs_export_all_rw=1
The mount command lists all currently mounted file systems.
Enforcing during installation


20. What command can you use to query Boolean values?
The /var/log/audit/audit.log file contains all policy violations.
getsebool
Sendmail
The two main config files are master.cf and main.cf.


21. The package selection screen allows you to install any software you want during the installation process as long as...
The four types of DNS servers are master - slave - caching-only - and forwarding.
you have access to the correct packages or repositories.
The five directories are BUILD - RPMS - SOURCES - SPECS - and SRPMS.
Enforcing during installation


22. How would you view all Boolean options for the HTTP service?
The file that stores usernames and their encrypted passwords is erased and replaced with a new file.
VNC is used to control a remote desktop session.
getsebool -a | grep http
Use the ps command to view processes and their CPU usage.


23. Does a DHCP server allow reserved IP addresses - If so - how?
The format of the /etc/shadow file is <username>:<encrypted password>:<last passwd change>:<min>:<max>:<warn>:<inactive>:<expires>:<not used>.
Using the host option in the dhcpd.conf file allows you to reserve a client IP address based on its MAC address.
serve both files and printers to users
chkconfig sshd off


24. What command can you use to query information from the kernel about RAID arrays?
When the system enters into runlevel 2 - the rsyslog service has a priority of 12 when starting. Anything with a lower number (or the same number and lower first letter) starts before the rsyslog service.
cat /proc/mdstat
The dig - host - and ping commands can be used to test DNS server functionality.
The file system where ACLs will be implemented must be mounted with the acl option before ACLs will work properly.


25. What does ifconfig 172.168.1.100 netmask 255.255.255.0 eth1 do?
The xinetd daemon is used to control and/or run multiple system services. One example is a TFTP server.
Kickstart supports both basic and advanced partitioning (RAID/LVM).
This command sets the eth1 interface to have a static IP address of 172.168.1.100 with a netmask of 255.255.255.0.
If you shrink a volume group or logical volume - there is a chance you could lose data depending on how much you shrink the volume.


26. What command would you use to create a group - to add the user George to the group?
This command sets the eth1 interface to have a static IP address of 172.168.1.100 with a netmask of 255.255.255.0.
rpmbuild
You should never use the -U option because it erases the prior kernel when updating. This leaves you with no fallback kernel should your system not boot properly.
Use the groupadd command to create a group. You can then add user George with the following: usermod -G <group name> George


27. Are additional packages besides httpd required for a secure website - If so - what are they?
The four types of DNS servers are master - slave - caching-only - and forwarding.
For Apache to run a secure site - the mod_ssl package is required to be installed.
The htpasswd command can be used to password-protect a web page.
PAM is used as a modular way to leverage security. In this chapter - the main function we discussed was for managing password policies and complexity.


28. To export directories as resources - what file needs to be edited?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


29. If a package is built on an RHEL6 system and deployed to a custom RHEL5 repository - are RHEL5 systems able to use it?
The SMTP service runs on TCP port 110.
No. Red Hat Enterprise Linux 6 uses a different key to sign its packages.
The tcpdump command is used to monitor network connections on different interfaces.
service sshd statuts


30. What is the last rule in the iptables file?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


31. Which remote management service is installed by default?Can you name the port that it uses?
entering rescue mode and repairing the problem.
support for TCP Wrappers
The SSH service is almost always installed by default in Red Hat. It uses TCP port 22 - and this port is open on the default firewall rules.
An A record translates translated hostnames to IP addresses - and a PTR record works the other way around.


32. What port does the SMTP service run on?
alternatives --config mta
The SMTP service runs on TCP port 110.
have the same effect
The du and df commands are used to view available space on the system.


33. Samba servers can...
The /etc/dhcp/dhcpd.conf file is the main config file for the DHCP service.
service dhcpd configtest
The testparm command allows you to check for syntax errors in the /etc/samba/smb.conf file.
serve both files and printers to users


34. What command can you use to check the config file of the DHCP server?
The htpasswd command can be used to password-protect a web page.
You must open TCP ports 20 and 21 for the FTP server to function properly.
service dhcpd configtest
The rdnc-confgen command generates an rndc.conf file for the rndc utility.


35. By default - what is the path to a user's home directory?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


36. Should you allow remote root access - Why or why not?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


37. Place all files you want added to a _______________ during creation.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


38. What command can you use to validate the syntax of the Apache config file?
The tcpdump command is used to monitor network connections on different interfaces.
service httpd configtest
The NFS service uses TCP port 2049 by default.
The vsftpd package is used to install an FTP server.


39. What does the rdnc-confgen command do?
The yum and rpm commands are used for package management.
You must ensure that the /boot/grub/grub.conf file has the new entry for your newly updated kernel to be able to boot into it.
The rdnc-confgen command generates an rndc.conf file for the rndc utility.
Physical volumes - volume groups - and logical volumes.


40. What happens to jobs that are scheduled to run while the system is off?
When the system starts up again - the cron service will run any jobs that were missed while the system was off. On Red Hat Enterprise Linux 5 - the anacron service handles this functionality.
run on any port you'd like (provided that port is available)
Use the top command to view CPU and memory usage.
The nfsstat command can be used to view NFS statistics.


41. What command is used to create a user for Samba?
choose which mode you'd like it to operate in
enabled by default
The smbpasswd command is used to create Samba users.
The ping command can be used to verify connectivity to another host.


42. A service needs to have _______________ to be able to use it.
SELinux Booleans provide restrictions to different aspects of a service.
have the same effect
The nfsstat command can be used to view NFS statistics.
support for TCP Wrappers


43. What are the three modes in which the rpm command can operate?
generates errors under Red Hat Enterprise Linux 6
The rpm command can operate in install - query - or verify modes.
used for kickstart and/or network installs
The virsh command is used to manage virtual guests.


44. Can you name three utilities that can be used for network or DNS client troubleshooting?
mkfs.ext4
The three utilities are: route - ping - and nslookup.
If you shrink a volume group or logical volume - there is a chance you could lose data depending on how much you shrink the volume.
Enforcing during installation


45. What is a virtual host?
A virtual host is a way of hosting multiple sites using a single IP address.
chkconfig xinetd --list
This command reboots virtual guest Client04.
The /etc/hosts file is a local lookup file used to map IP addresses to hostnames if a DNS server isn't available.


46. In Red Hat Enterprise Linux 6 - the default for SELinux is _______________ (which can be changed after the installation completes). For Red Hat Enterprise Linux 5 - you were able to choose what mode you wanted SELinux to start in.
Enforcing during installation
semanage boolean -l
The last rule is always an implicit deny statement rejecting anything that wasn't matched by previous rules.
You must ensure that the /boot/grub/grub.conf file has the new entry for your newly updated kernel to be able to boot into it.


47. What three components are needed to fully automate a kickstart installation?
An A record translates translated hostnames to IP addresses - and a PTR record works the other way around.
You can use the authconfig-tui command or the authconfig command.
The /proc directory. The /proc/sys directory is the place where you actually tune kernel parameters.
By combining a TFTP server - PXE boot - and DHCP server - you can fully automate the kickstart installation process.


48. The virt-install package allows you to manage virtual machines _____________. The virt-manager package allows you to manage virtual machines via a GUI interface.
used for kickstart and/or network installs
The smbpasswd command is used to create Samba users.
via the command line
Sendmail


49. It is possible to run scripts before a kickstart installation. This is done by...
You can use the sudo command to run a command with elevated privileges provided you have the rights in the /etc/sudoers file.
Upstart. The Upstart utility is now used in the boot process for Red Hat Enterprise Linux 6.
defining a %pre section although it is rarely used
The VNC package for Red Hat Enterprise Linux 6 is tiger-vnc.


50. What is the /etc/hosts file used for?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183