SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
RHCSA
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
rhcsa
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The INPUT chain being used is the default under Red Hat Enterprise Linux 5. This rule...
generates errors under Red Hat Enterprise Linux 6
amount of RAM
Public/private key authentication provides an additional layer of security because you need the correct key instead of just knowing someone's password. Passwords combined with public/private keys take the security one additional step.
schedule one-time-only jobs
2. What command is used to create an RPM package?
rpmbuild
semanage boolean -l
You can use the authconfig-tui command or the authconfig command.
chkconfig sshd off
3. Is it possible to share files among groups - What permissions would you set on the directory to accomplish file sharing if possible?
By default - the rndc utility listens on port 953.
You can use the authconfig-tui command or the authconfig command.
user's home directory in the /etc/skel directory
Use the setgid flag to create the appropriate permissions (chmod 2770).
4. What command can you use to view mounted Samba shares?
The smbstatus command shows you currently mounted Samba resources.
Use the setgid flag to create the appropriate permissions (chmod 2770).
Typing the mail or mutt command allows you to read mail from the command line.
The firewall rule is inserted into the fifth line of the iptables rules and opens up TCP port 80 (for the HTTP service) on the firewall to allow incoming connections.
5. What is the superblock used for?
Enforcing during installation
The superblock is a structure that contains metadata of the file system. If this becomes corrupt - you are in trouble.
The /var/log/audit/audit.log file contains all policy violations.
The yum and rpm commands are used for package management.
6. To create a RAID or LVM partition using kickstart
lvdisplay
createrepo
Kickstart supports both basic and advanced partitioning (RAID/LVM).
The superblock is a structure that contains metadata of the file system. If this becomes corrupt - you are in trouble.
7. What command can you use to view system processes and their CPU usage?
choose which mode you'd like it to operate in
ifconfig
chkconfig sshd off
Use the ps command to view processes and their CPU usage.
8. Explain the difference between soft and hard limits in quotas.
9. What three components are needed to fully automate a kickstart installation?
rpcbind service
A web proxy can provide multiple benefits - including security - web page caching for faster load times - and load balancing.
By combining a TFTP server - PXE boot - and DHCP server - you can fully automate the kickstart installation process.
The DHCP server listens on port 67 by default.
10. What port does the Apache web server run on - What about HTTPS?
The /var/liv/dhcpd/dhcpd.leases file contains all clients IP address currently in use.
By using centralized authentication - you don't need to re-create or maintain multiple accounts across every system in your organization.
If you are a hosting company or want to run multiple websites/applications from a single IP address - you can use virtual hosts to accomplish this.
Apache uses port 80 for HTTP and port 443 for HTTPS.
11. What is the name of the package that allows you to install VNC?
DNS uses port 53.
The testparm command allows you to check for syntax errors in the /etc/samba/smb.conf file.
Enforcing during installation
The VNC package for Red Hat Enterprise Linux 6 is tiger-vnc.
12. If you want a specific action to take place when user01 logs in to the system - which file would you edit?
The tcpdump command is used to monitor network connections on different interfaces.
user's home directory in the /etc/skel directory
rpmbuild
You add your action to the end of the /home/user01/.bashrc file.
13. What does ifconfig 172.168.1.100 netmask 255.255.255.0 eth1 do?
Use the /usr/share/doc/dovecot-1.0.7/examples/mkcert.sh command after editing the /etc/pki/dovecot/dovecot-openssl.cnf file.
This command sets the eth1 interface to have a static IP address of 172.168.1.100 with a netmask of 255.255.255.0.
service sshd statuts
By using centralized authentication - you don't need to re-create or maintain multiple accounts across every system in your organization.
14. The virt-install package allows you to manage virtual machines _____________. The virt-manager package allows you to manage virtual machines via a GUI interface.
user's home directory in the /etc/skel directory
via the command line
This is actually a trick question because the answer could go either way. In this chapter - we discussed only software RAID setups - in which case the answer is no. If - however - you were using a hardware RAID 5 - the answer would be yes.
DNS uses port 53.
15. What command can you use to test connectivity to another host?
service named configtest
The two main config files are master.cf and main.cf.
The ping command can be used to verify connectivity to another host.
Version 2 is the latest and most secure version of SSH.
16. Are additional packages besides httpd required for a secure website - If so - what are they?
For Apache to run a secure site - the mod_ssl package is required to be installed.
Dovecot supports the POP3 - POP3S - IMAP - and IMAPS protocols.
service named configtest
atq
17. By default - what is the path to a user's home directory?
18. What is the format of the /etc/shadow file?
choose which mode you'd like it to operate in
service dhcpd configtest
By using centralized authentication - you don't need to re-create or maintain multiple accounts across every system in your organization.
The format of the /etc/shadow file is <username>:<encrypted password>:<last passwd change>:<min>:<max>:<warn>:<inactive>:<expires>:<not used>.
19. What command displays your current interfaces and IP address?
ifconfig
Using the chcon command - you can change the context of a file to work with Apache.
Physical volumes - volume groups - and logical volumes.
You can use the remove or erase options with yum to remove a package.
20. How can you list all services on the system to tell whether they will boot during startup?
For Apache to run a secure site - the mod_ssl package is required to be installed.
The virsh command is used to manage virtual guests.
chkconfig—list
lvdisplay
21. What are the three different types of RAID described in this chapter?
RAID 0 (Striping) - RAID 1 (Mirror) - and RAID 5 (Striping with parity).
service sshd statuts
atq
If you shrink a volume group or logical volume - there is a chance you could lose data depending on how much you shrink the volume.
22. What is the last rule in the iptables file?
23. What command can you use to create your own repositories?
chkconfig sshd off
Use the route command with the add option to create a static route.
choose which mode you'd like it to operate in
createrepo
24. What critical step must you take after updating the kernel to a newer version?
This command sets the eth1 interface to have a static IP address of 172.168.1.100 with a netmask of 255.255.255.0.
getfacl
You must ensure that the /boot/grub/grub.conf file has the new entry for your newly updated kernel to be able to boot into it.
The /var/log/audit/audit.log file contains all policy violations.
25. What port does the rndc utility listen on by default?
mkfs.ext4
The three utilities are: route - ping - and nslookup.
By default - the rndc utility listens on port 953.
Use the ps command to view processes and their CPU usage.
26. What command can you use to check the config file of the DHCP server?
service dhcpd configtest
You should never use the -U option because it erases the prior kernel when updating. This leaves you with no fallback kernel should your system not boot properly.
The install.log.syslog file contains messages that are generated during the installation. If you run into trouble during the installation - this is a good place to start.
The NFS service uses TCP port 2049 by default.
27. What does it mean if you ping a host and you receive the response Destination Unreachable?
The TFTP server uses UDP port 69.
The SMTP service runs on TCP port 110.
The gateway is incorrectly set - and the subnet of the host you are trying to reach is inaccessible.
Use the yum groupinstall command to install multiple packages in a single group at once.
28. How can you display all virtual guests after they're connected to a hypervisor?
PAM is used as a modular way to leverage security. In this chapter - the main function we discussed was for managing password policies and complexity.
When the system starts up again - the cron service will run any jobs that were missed while the system was off. On Red Hat Enterprise Linux 5 - the anacron service handles this functionality.
After you connect to a hypervisor - you can use virsh list —all to list all virtual guests.
getsebool
29. Can you put your /boot partition on a RAID 5 array?
The /var/log/audit/audit.log file contains all policy violations.
The rpm command can operate in install - query - or verify modes.
This is actually a trick question because the answer could go either way. In this chapter - we discussed only software RAID setups - in which case the answer is no. If - however - you were using a hardware RAID 5 - the answer would be yes.
The superblock is a structure that contains metadata of the file system. If this becomes corrupt - you are in trouble.
30. What is the /etc/vsftpd/user_list file used for?
Use the resize2fs command to grow a file system.
The virsh command is used to manage virtual guests.
The format of the /etc/shadow file is <username>:<encrypted password>:<last passwd change>:<min>:<max>:<warn>:<inactive>:<expires>:<not used>.
The user_list file can be used to limit which users have access to the FTP server.
31. Should you allow remote root access - Why or why not?
32. What command can be used to easily list all the options in the FTP main config file?
The anonymous_enable=YES option in the main config file allows anonymous uploads.
The chmod command is used to change the permissions of files and directories. The chown command is used to change the ownership of files and directories.
ifconfig
The grep -v ^# /etc/vsftpd/vsftpd.conf command shows you all the options currently being used with the FTP server.
33. What two commands are used for package management?
generates errors under Red Hat Enterprise Linux 6
The /var/log/audit/audit.log file contains all policy violations.
The yum and rpm commands are used for package management.
The htpasswd command can be used to password-protect a web page.
34. What command can you use to create a new SSL certificate?
By default - the rndc utility listens on port 953.
The two main config files are master.cf and main.cf.
A soft limit acts like an alarm - signaling you when you are reaching your limit. If you don't specify a grace period - the soft limit is the max. A hard limit is required only when a grace period exists. It is the max limit you can hit before your g
Use the /usr/share/doc/dovecot-1.0.7/examples/mkcert.sh command after editing the /etc/pki/dovecot/dovecot-openssl.cnf file.
35. What does the partprobe command do?
LUKS encryption
The partprobe command forces the kernel to reread the partition table. You should always call it after making any changes to your system partitions.
A user's home directory is created under the /home directory.
Public/private key authentication provides an additional layer of security because you need the correct key instead of just knowing someone's password. Passwords combined with public/private keys take the security one additional step.
36. Can you name three utilities that can be used for network or DNS client troubleshooting?
The three utilities are: route - ping - and nslookup.
choose which mode you'd like it to operate in
You can use the remove or erase options with yum to remove a package.
used for kickstart and/or network installs
37. To grow a file system
Use the resize2fs command to grow a file system.
The lastlog and faillog commands are used to view user login-related events?
No. Red Hat Enterprise Linux 6 uses a different key to sign its packages.
choose which mode you'd like it to operate in
38. What is the name of the package used to install an FTP?
An ext3 file system has journaling built in to it - whereas the ext2 file system doesn't.
support for TCP Wrappers
The file system where ACLs will be implemented must be mounted with the acl option before ACLs will work properly.
The vsftpd package is used to install an FTP server.
39. What command can you use to monitor and troubleshoot network connections?
The TFTP server uses UDP port 69.
The tcpdump command is used to monitor network connections on different interfaces.
After the ntpd service is stopped - you can use the ntpdate <server> command to update/sync the time.
The ping command can be used to verify connectivity to another host.
40. What three protocols can you use to perform network installations?
generates errors under Red Hat Enterprise Linux 6
By default - the rndc utility listens on port 953.
The install.log.syslog file contains messages that are generated during the installation. If you run into trouble during the installation - this is a good place to start.
Network installations can be performed using the HTTP - FTP - and NFS protocols.
41. What are SELinux Booleans?
Use the ps command to view processes and their CPU usage.
Yum repository config files (.repo files) are located in the /etc/yum.repos.d directory. You can also make direct entries into the main /etc/yum.conf file.
The firewall rule is inserted into the fifth line of the iptables rules and opens up TCP port 80 (for the HTTP service) on the firewall to allow incoming connections.
SELinux Booleans provide restrictions to different aspects of a service.
42. What is the difference between an ext2 and ext3 file system?
43. What is PAM used for?
semanage boolean -l
By default - Squid runs on port 3128.
Kickstart supports both basic and advanced partitioning (RAID/LVM).
PAM is used as a modular way to leverage security. In this chapter - the main function we discussed was for managing password policies and complexity.
44. What are the three items that make up LVM?
You should never allow remote root access. Should your root account become compromised and you use the same password - someone could gain access to all your systems. You also don't want the most powerful user of your system (with no accountability) l
getfacl
By defining a %post section - you can run scripts after a kickstart installation is complete.
Physical volumes - volume groups - and logical volumes.
45. What command can you use to create a password-protected page?
You add your action to the end of the /home/user01/.bashrc file.
setsebool -P nfs_export_all_rw=1
entering rescue mode and repairing the problem.
The htpasswd command can be used to password-protect a web page.
46. What option needs to be used with the mount command to mount an NFS resource?
Version 2 is the latest and most secure version of SSH.
The -t nfs option is used with the mount command to mount NFS resources.
via the command line
The /etc/sysctl.conf file maintains a list of custom kernel parameters that should be applied during system boot.
47. Samba servers can...
The lftp command can be used on a client to test FTP server connections.
The smbpasswd command is used to create Samba users.
The virsh command is used to manage virtual guests.
serve both files and printers to users
48. Place all files you want added to a _______________ during creation.
49. What option is used to allow anonymous uploads to the FTP server?
The firewall rule is inserted into the fifth line of the iptables rules and opens up TCP port 80 (for the HTTP service) on the firewall to allow incoming connections.
The format of the /etc/shadow file is <username>:<encrypted password>:<last passwd change>:<min>:<max>:<warn>:<inactive>:<expires>:<not used>.
You have the flexibility to resize and add new volumes on the fly. With basic partitions - any time that you want to make a change - you need to destroy the partition and create it again.
The anonymous_enable=YES option in the main config file allows anonymous uploads.
50. What are the two types of back-end authentication mechanisms discussed in this chapter?
By combining a TFTP server - PXE boot - and DHCP server - you can fully automate the kickstart installation process.
The last rule is always an implicit deny statement rejecting anything that wasn't matched by previous rules.
This chapter described tdbsm and smbpasswd back-end authentication.
The /etc/exports file needs to contain any directory that you want to export - including which options you'd like to use as well.
