LPIC 202-450

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

When using iptables, what policy setting allows the communication and places an entry in the log file?

LOG

When using apache, what command do you need to enter into the configuration file so that the system responds to the IP address 10.1.1.1?

Listen 10.1.1.1

What do need to enter into the apache configuration file in order to have the server listen on the https port?

Listen 443

When using iptables, what table is used to apply changes to the features of the packets?

MANGLE

When using iptables, what policy setting changes the packet so that it appears as though it is coming from the sending interface?

MASQUERADE

What Courier configuration setting determines how many remote clients can connect at the same time?

MAXDAEMONS

What is it called that allows an email to be kept in a format that can be viewed with either GUI or CLI?

MIME

What is an open source Network Vulnerability Test (NST) tool that you can install and use?

OpenVAS

When using iptables, what chain handles all packets heading for a remote system that have already been processed?

POSTROUTING

When using iptables, what chain handles all packet handling before the routing process starts?

PREROUTING

When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to allow authentication using text passwords?

PasswordAuthentication

When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to allow the root user to login?

PermitRootLogin

What alternative to BIND provides a robust modular system with a SQL backend?

PowerDNS

What is a special Procmail recipe condition that reverses the condition being asked for (NOT)?

!

What is the special Procmail recipe action condition that forwards a message to a following address?

!

When creating a new zone database file in BIND, what directive might you place in the file to add an include statement?

$INCLUDE

When creating a new zone database file in BIND, what directive might you place in the file so that it assumes a domain name is associated with all records?

$ORIGIN

When creating a new zone database file in BIND, what directive might you place in the file so that all records have a default TTL?

$TTL

When using Samba logging, what variable is used to create a different log file for each session?

%m

When using iptables, what switch can you use to specify a particular destination port?

--dport

When using iptables, what switch can you use to show the index number of the rules you are listing?

--list-numbers

When using iptables, what switch can you use to specify a particular source port?

--sport

When using iptables, what switch do you use to add a new rule to a chain?

-A

When using nmap, what switch can you use to fingerprint the operating system version?

-A

When using the Pure-FTPd program, it uses command line arguments to dictate the services settings. What short setting is used to daemonize the program?

-B

When using LDAP client tools, what switch do you use to specify a username by DN?

-D

When using iptables, what switch do you use to delete a rule from a chain?

-D

When using the Pure-FTPd program, it uses command line arguments to dictate the services settings. What short setting is used to deny anonymous access?

-E

When using iptables, what switch do you use remove all the rules from a chain or table?

-F

When using LDAP client tools, what switch do you use to specify a host by URI?

-H

When using iptables, what switch do you use to list the items in a table or chain?

-L

When using the ldapsearch client tool, what switch do you use to specify that the output be presented in LDIF format without the comments or version showing?

-LLL

When using ip tables, what switch can you use to list the rules of a specific chain in detail?

-S

When using ldappasswd, what switch do you use to specify a user and then be prompted for a new password?

-S

When using LDAP client tools, what switch do you use to specify prompt for password?

-W

When using iptables, what switch can you use to specify a destination address?

-a

When using LDAP client tools, what switch do you use to specify a base DN for test.com?

-b dc=test,dc=com

When using the LDAP client to import an LDIF file, what switch do you use to specify the file name and path?

-f

When using LDAP client tools, what switch do you use to specify a hostname?

-h

When using iptables, what switch can you use to specify an input interface?

-i

When using iptables, what switch can you use to specify a target that you wish to apply to a rule?

-j

When using netcat, what switch do you use to make the server side?

-l

What switch would you enter to the dnssec-keygen command to specify that you want to generate DNSSEC key?

-n ZONE

When using iptables, what switch can you use to specify an output interface?

-o

When using iptables, what switch can you use to specify a particular protocol like TCP, UDP or ICMP?

-p

When using nmap, what switch can you use to specify a port range?

-p

When using dhclient, what switch do you use to renew your IP address?

-r

When using iptables, what switch can you use to specify a source address?

-s

When using nmap, what switch can you use to scan TCP ports?

-sT

When using nmap, what switch can you use to scan UDP ports?

-sU

When using iptables, what switch can you use to specify a particular table?

-t

What switch would you use with exportfs to unmount a temporary export?

-u

When using slaptest to validate a slapd.conf file, what switch do you use to indicate a dry-run?

-u

What switch would you use with exportfs to display detailed information about the current client exports?

-v

When using LDAP client tools, what switch do you use to specify the password in clear text?

-w

When using LDAP client tools, what switch do you use to specify simple authentication?

-x

When using the ssh client, what switch do you need to use to enable X11 forwarding?

-x

When using netcat, what switches can you use to perform a portscan?

-zv

When using apache, what file do you place in the Document Root to decentralize authentication parameters?

.htaccess

When using fail2ban, what is the file extension that they recommend you use in the /etc/fail2ban directory to make any changes to the file?

.local

When using Samba, what would you enter into an fstab file to mount an smb share //1.1.1.1/share to /mnt/local using credentials from the file /etc/samba/pass.txt and UID 201?

//1.1.1.1/share /mnt/local cifs credentials=/etc/samba/pass.txt,noperm,uid=201 0 0

What file and path do you edit to create email aliases?

/etc/aliases

When using Debian apache, what is the default path and file to the primary configuration file for apache?

/etc/apache2/apache2.conf

When using Debian apache, what is the file and path to the ssl configuration file?

/etc/apache2/mods-available/ssl.conf

When using Debian where would you symbolically link an available module that you want to make active in apache?

/etc/apache2/mods-enabled/

When using Debian apache, what folder contains symbolic links to the individual sites?

/etc/apache2/sites-available/

What would the correct name and file path be for a BIND zone named 'myhome' on an Ubuntu system?

/etc/bind/db.myhome

On a Debian system, what is the path and file to the main BIND configuration file?

/etc/bind/named.conf

When using BIND on Ubuntu, what file should you modify to add a new zone directive?

/etc/bind/named.conf.local

Where are the Courier configuration files stored?

/etc/courier/

When using Ubuntu, what file do you need to modify to have a BIND server start in a chroot jail?

/etc/default/bind9

When using Debian, where is the configuration file located to configure a DHCP relay?

/etc/default/isc-dhcp-relay

When using Debian, what file and path do you need to edit to enable an interface for the DHCP server?

/etc/default/isc-dhcp-server

What is the Debian client configuration file for NFS?

/etc/default/nfs-common

What is the Debian server configuration file for NFS?

/etc/default/nfs-kernel-server

When using Debian, what is the main configuration file and path for DHCP?

/etc/dhcp/dhcpd.conf

If you want to used IPv6 with DHCPd, what configuration file do you need to create and modify?

/etc/dhcp/dhcpd6.conf

When using RHEL, what is the main configuration file and path for DHCP?

/etc/dhcpd.conf

Where can you edit the settings for SSL with Dovecot?

/etc/dovecot/conf.d/10-ssl.conf

Where does Dovecot store its configuration file with path?

/etc/dovecot/dovecot.conf

When using NFS, what subdirectory can you use to add additional export files?

/etc/export.d/

When using NFS, what file do you modify to create permanent exports?

/etc/exports

What is the path and configuration file name for fail2ban?

/etc/fail2ban/jail.conf

When using RHEL apache, what is the file and path to the ssl configuration file?

/etc/httpd/conf.d/ssl.conf

When using RHEL apache, what is the location of the module configuration files?

/etc/httpd/conf.modules.d/

When using RHEL, what is the default path and file to the primary configuration file for apache?

/etc/httpd/conf/httpd.conf

When using RHEL apache, what is the location of the actual module files?

/etc/httpd/modules/

When using iptables on Debian, where can you save the IPv4 iptables configuration file in order to have it load automatically on boot?

/etc/iptables/rules.v4

When using iptables on Debian, where can you save the IPv6 iptables configuration file in order to have it load automatically on boot?

/etc/iptables/rules.v6

When using Debian, what is the configuration path and file that is used to configure the actual LDAP service itself?

/etc/ldap/ldap.conf

What is the name and path to the sendmail configuration file?

/etc/mail/sendmail.cf

On a CentOS system, what is the path and file to the main BIND configuration file?

/etc/named.conf

What file and path would you edit on a modern Ubuntu system to add static DNS?

/etc/network/interfaces

When using Nginx, what sub-directory does RHEL keep individual website configuration files in?

/etc/nginx/conf.d/

Where is the primary configuration file located for Nginx on any distribution?

/etc/nginx/nginx.conf

When using Nginx to setup a a reverse proxy, what additional configuration file should you 'include' under the appropriate location block?

/etc/nginx/proxy_params

When using Samba AD integration, what file do you need to modify to have the server use the winbindd daemon?

/etc/nsswitch

When using PAM, what file and path is used to adjust the order of mechanisms used to authenticate?

/etc/nsswitch.conf

When using RHEL, what is the configuration path and file that is used to configure the actual LDAP service itself?

/etc/openldap/ldap.conf

When using OpenVPN, where will you normally find the scripts used to create and sign the public and private keys?

/etc/openvpn/

When using OpenVPN, where will you normally find the generated key files?

/etc/openvpn/keys/

When using OpenVPN, at what path would you generally find the server configuration file?

/etc/openvpn/server.conf

When using PAM what directory is often used to hold configuration information for individual services?

/etc/pam.d/

What Postfix folder holds the Postfix lookup tables?

/etc/postfix/

Where are the Postfix configuration files kept?

/etc/postfix/

What is the main configuration file and path for Postfix that controls mail processing?

/etc/postfix/main.cf

When using procmail, what configuration file (including path) does the administrator need to create to build recipes?

/etc/procmailrc

What is the configuration file and path for ProFTPd?

/etc/proftpd/proftpd.conf

When using pure-ftpd, what is the main configuration file for the service itself?

/etc/pure-ftpd/oure-ftpd.conf

What file and path would you edit on older systems to set a static DNS address?

/etc/resolv.conf

What is the file and path that holds the secret key used by BIND's rndc to access the BIND service?

/etc/rndc.key

When using Samba, what is the path and name of the configuration file?

/etc/samba/smb.conf

When using the PAM module pam_limits, what file should you modify to set the limitations?

/etc/security/limits.conf

What file and path contains a list of all the protocols and ports recognized by Linux?

/etc/services

When using older versions of linux, what file do you use to "setup" the ldap server database for starting?

/etc/slapd.conf

What is the file and path to the configuration file for snort?

/etc/snort/snort.conf

What is the default path and configuration file used by squid on most linux distributions?

/etc/squid/squid.conf

When using an SSH server daemon, what folder holds the encryption certificates?

/etc/ssh/

When using the SSH client, what file and path do you modify to make changes to the configuration?

/etc/ssh/ssh_config

When using the SSH server, what file and path do you modify to make changes to the configuration?

/etc/ssh/sshd_config

Where might you look on a distribution to find the current SSL certificates?

/etc/ssl/

When using PAM, what is the configuration file and path for the sssd service?

/etc/sssd/sssd.conf

When using RHEL, where is the configuration file located to configure a DHCP relay?

/etc/sysconfig/dhcrelay

When using iptables on RHEL, where can you save the iptables configuration file in order to have it load automatically on boot?

/etc/sysconfig/iptables

What is the RHEL client and server configuration file for NFS?

/etc/sysconfig/nfs

What file and path do you place a username in if you want that user to never be allowed access to vsftp?

/etc/vsftpd/ftpusers

What is the path and configuration file for vsftpd?

/etc/vsftpd/vsfptd.conf

By default, what folder holds the mail for user cnelson when using Procmail for the MDA?

/home/cnelson/mail/

When an individual, ted, using procmail wants to build a personal recipe, what configuration file (including path) does he need to create?

/home/ted/.procmailrc

What folder holds the module files used by PAM on a 32-bit system?

/lib/security/

What folder holds the module files used by PAM on a 64-bit system?

/lib64/security/

What file and path in the /proc directory shows the current NFS exports and clients that are using them?

/proc/fs/nfs/exports

What file and path do you need to modify to the number '1' to permit linux to route IP4 packets?

/proc/sys/net/ipv4/ip_forward

What file and path do you need to modify to the number '1' to permit linux to route IP6 packets?

/proc/sys/net/ipv6/conf/all/forwarding

When using the pid directive to store the Nginx current running pid, what is the default location?

/run/nginx.pid

When using NFS, what command would you enter into /etc/exports to create a Read/Write export of /srv/share to the client network 1.1.1.0/24?

/srv/share 1.1.1.*(rw)

What file and path do you place a username in if you want to either allow or deny a group of users with the userlist_deny directive for vsftp?

/tc/vsftp/user_file

After you install bind-9.11.4 on a CentOS system, where would you find the documentation files?

/usr//share/doc/bind-9.11.4/

After you install the BIND documentation on an Ubuntu system, where are the files located?

/usr/share/doc/bind9/

After Samba is installed, what is the path you would look in for extra documentation for version 4.9.1?

/usr/share/doc/samba-4.9.1/

When using Nginx, what is the default document root in RHEL?

/usr/share/nginx/html/

What is the default directory setting for BIND on an Ubuntu system?

/var/cache/bind/

When using DHCPd, what file and path stores the list of issued leases in log format?

/var/lib/dhcp/dhcpd.leases

When using ldap, what folder holds the actual database?

/var/lib/ldap/

What file and path in the /var directory shows the current NFS exports and clients that are using them?

/var/lib/nfs/rmtab

What file do you look in to see the mail log file for postfix on Debian?

/var/log/mail.log

What file do you look in to see the mail log file for postfix on CentOS?

/var/log/maillog

What log file and path does Postfix use to store system messages?

/var/log/maillog

What directory might you check to see if there are any service errors when using NFS?

/var/log/messages

What is the file and directory that BIND uses to log system/service events?

/var/log/messages

When using DHCPd, what file and path contains log information about the general daemon activities?

/var/log/messges

When using Samba, what is the usual location used for log files?

/var/log/samba/

Where are the log files for PAM kept?

/var/log/secure/

In what folder does the squid program keep its log files?

/var/log/squid/

When using Debian apache, where are the access logs stored by default?

/var/logs/apache2/access.log

When using RHEL apache, where are the access logs stored by default?

/var/logs/httpd/access_log

What is the default directory setting for BIND on a CentOS system?

/var/named/

What would the correct name and file path be for a BIND zone named 'myhome' on a CentOS system?

/var/named/named.myhome

By default, what folder holds the mail for user cnelson when using Postfix for the MDA?

/var/spool/mail/cnelson

Where is the postfix mail queue located?

/var/spool/postfix/

When using Nginx, what is the default document root in Ubuntu?

/var/www/html/

When using apache, what is the default Document root directory?

/var/www/html/

When creating a Samba credential file, what should the permission numbers be?

0400

When using an NFS client, what line would you enter into the fstab file to automount /srv/share from the server 1.1.1.2 to the local directory /local/share using NFS version 3 and ensuring that the TCP protocol is used.

1.1.1.2:/srv/share /local/share nfs nfsvers=3,tcp 0 0

What would the reverse lookup zone be called for the network 192.168.1.0/24?

1.168.192.in-addr.arpa

When using FTP in passive mode, what is the minimum port the server will use for FTP Data sessions?

1025

What port is used for NetBIOS sessions?

139

What TCP port does NFSv4 use?

2049

When using FTP what is the command port for the server?

21

What HTTP server response means permanent redirect?

301

What is the default TCP port used by a squid proxy server?

3128

What TCP port does unencrypted LDAP use?

389

What version of NFS adds the Kerberos authentication protocol?

4

What HTTP server response means unauthorized?

403

What HTTP server response means proxy authentication required?

407

What port is used for SMB?

445

What TCP port does TLS encrypted LDAP use?

636

What udp port does DHCP operate on?

67

What is the default port for OpenVAS?

9392

When using apache, what would you enter in the configuration file to start a name based virtual hosting block for 10.1.1.1?

<VirtualHost 10.1.1.1>

When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to specify the Encryption protocol to be used?

Protocol

When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to allow authentication using client keys?

PubKeyAuthentication

What FTP server allows for the feature, virtual chroot and virtual accounts?

Pure-FTPd

When using iptables, what policy setting is used to manipulate the traffic ports etc.?

REDIRECT

When using iptables, what policy setting denies the communication and does send an error?

REJECT

What kind of name server goes and finds the IP information from root servers?

Recursive

What would you enter into an apache configuration file to create a temporary redirect from /apache to http://test.com?

Redirect /apache http://test.com

What directive would you use in an apache configuration file to create a redirect using regex?

RedirectMatch

When using apache, what directive do you use in a directory block to tell it to require authentication?

Require valid-user

What is another name for the DNS client that keeps the local cache?

Resolver

When using SSL with apache, what extension do you need to use if you wish to use name-based virtual hosts?

SNI

When creating a zone database file, what should the first record always be?

SOA

When using apache, what directive would you enter in the ssl.conf file to tell the system what path to look in for CA certificates used for validating client certificates?

SSLCACertificatePath

When using apache, what directive would you enter into the virtual host configuration file to direct the server to the public key?

SSLCertificateFile

When using apache, what directive would you enter into the virtual host configuration file to direct the server to the private key?

SSLCertificateKeyFile

When using SSL with apache, what directive should you use to control what encryption algorithms are excepted?

SSLCipherSuite

When using apache, what directive would you enter into the virtual host configuration file to enabled SSL?

SSLEngine on

When using apache, what ssl directive would you use to specify what versions of SSL or TLS are supported?

SSLProtocol

What SMTP command does a client issue to use TLS?

STARTTLS

What type of name server contains a read-only copy of a zone database?

Secondary

When using apache, what directive do you place in the configuration file to specify the email address of the system administrator?

ServerAdmin

When using apache, what would you enter into the configuration file in the virtual host block so that the virtual host responds to the name www.example.com?

ServerName www.example.com

When using apache, what ssl directive would you use to specify whether or not the server sends a brief footer in its responses?

ServerSignature

When using apache, what ssl directive would you use to specify whether or not the server sends information about its OS in its responses?

ServerTokens

When using MPM in apache, what setting in the configuration file dictates the starting number or processes that are allowed to be spawned?

StartServers

Does BIND use TCP or UDP for messages that exceed 512 bytes?

TCP

When using iptables, what policy setting allows the communication?

ACCEPT

What directive do you add to an apache configuration file to allow the server to interact with other application extensions like .pl?

AddHandler

What security program can you use to control access to vsftp?

TCP wrappers

When using NFS, what security feature do you use to control who can access the RPC services?

TCP wrappers

What part of the Domain Name Space is '.com'?

TLD

What setting do you need to change in the configuration file to allow for anonymous user uploads on pure-ftpd?

AnonymousCantUpload

When using DANE, what kind of resource records aids in the transaction?

TSLA

When using apache, what directive do you use to name the username and password dialog box during the authentication process?

AuthName

When using apache, what directive do you use to enable an authentication method that uses a username and password dialog box during the authentication process?

AuthType basic

When using apache, what directive do you use to specify a location for a basic authentication file?

AuthUserFile

When using apache authentication, you can use groups by creating a file with the following format and linking it via what directive in the apache configuration file? groupname: user1 user2

AuthuserGroup

What is an alternative name for BIND10?

Bundy

When using apache what conditional block would you setup in a configuration file if you only want it to run only in a particular folder?

Directory

When using apache, what would you enter into the configuration file in the virtual host block so that the virtual host looks in the directory /var/www/html/testsite for its default file?

DocumentRoot /var/www/html/testsite

What SMTP command does the client issue to use ESMTP?

EHLO

What ESMTP command reverses the roles of client and server?

ETRN

What setting in the snort configuration file defines the external hosts to monitor?

EXTERNAL_NET

What command do you use in an apache configuration file to specify the error log location?

ErrorLog

When using iptables, what table is used to control what traffic is allowed and denied to a particular thread?

FILTER

When using iptables, what chain handles all packets heading to a remote machine?

FORWARD

What part of the Domain Name Space is 'google'?

First level domain

When configuring an ssh client for X11 forwarding, what directive do you need to enter the 'yes' value in on the client?

ForwardX11

What command does the client send during an HTTP session to retrieve a web page?

GET

What setting in the snort configuration file defines the internal hosts to monitor?

HOME_NET

When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to show the path to the keys used to encrypt traffic?

HostKey

When using iptables, what chain handles all packets heading to the local machine?

INPUT

When using apache what conditional block would you setup in a configuration file if you only want it to run if the variable home is set?

IfDefine home

When using apache what conditional block would you setup in a configuration file if you only want it to run if a module is present?

IfModule

When configuring an ssh Server for X11 forwarding, what directive do you need to enter the 'yes' value in on the server?

X11Forwarding

When using Samba, what would the block name be for a share that was named private?

[private]

When creating an NFS export, what directive should you use to have the system treat all users as anonymous?

all_squash

When editting the DHCP configuration file, what command do you need to enter to enable BOOTP?

allow bootp;

What command should you enter into a BIND configuration file to limit the servers that a slave will except NOTIFY requests from to 10.1.1.1?

allow-notify { 10.1.1.1; };

What BIND configuration option would you use to control what systems can query data?

allow-query

What configuration entry should you place in a BIND zone configuration file to allow a master server to transfer zones to only 1.1.1.1?

allow-transfer { 1.1.1.1; };

What would you enter into a BIND master server configuation file to have a zone transfer use a key named 'mykey'?

allow-transfer { key "mykey"; };

What command should you enter into a BIND configuration file to limit the servers that you will except updates from to none?

allow-update { none; };

When configuring vsftp, what directive would you set to specify that anonymous users can create new directories?

anon_mkdir_write_enable

When configuring vsftpd, what directive needs to be set to change the anonymous root directory to a new location?

anon_root

When configuring vsftp, what directive would you set to specify upload access is possible for anonymous users?

anon_upload_enable

When using vsftp, what directive setting would you change to deny anonymous access?

anonymous_enable

When using Debian, what package would you install to enabled apache?

apache2

When using Debian apache, what package would you install to enabled the apache manual website?

apache2-doc

When using Debian apache, what package to you need installed to use htpasswd?

apache2-utils

When using Debian apache, what command and switch can be entered to see the current MPM type?

apache2ctl -V

When using apache, what command can you use to check the configuration files?

apache2ctl configtest

When using apache, what command can you use to display the server statistics in a verbose fashion?

apache2ctl fullstatus

When using apache, what command can you use to gracefully restart the server?

apache2ctl graceful

In Ubuntu, what command would you run to install Nginx?

apt-get install nginx

When creating an NFS export, what directive should you only use with Read-Only due to its nature to corrupt files?

async

When using LDAP, what component links a name to a data field?

attribute

When using PAM, what 'type' is used to validate usernames and passwords?

auth

When using squid, what directive is used to manage user authentication?

auth_param

When using squid, what directive would you add to the configuration file to enable basic authentication using the program /usr/lib/squid/basic_ncsa_auth and the password file /etc/squid/passwords?

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords

What is the name of the BIND service user id on an Ubuntu system?

bind

What two packages would you install for BIND on a CentOS system?

bind bind-utils

What package would you use to on a BIND system running on CentOS to implement a chroot jail?

bind-chroot

What is the BIND service called on an Ubuntu system?

bind9

What two packages would you install for BIND on an Ubuntu system?

bind9 bind9utils

What package do you install on an Ubuntu system to get the BIND documentation?

bind9-doc

What is a simple MDA that is an alternative to procmail?

binmail

What command should you enter into a BIND configuration file to ban the server 10.1.1.1 from making queries?

blackhole { 10.1.1.1; };

When using Samba, what would you put in the smb.conf file to make a share able to be browsed?

browseable = yes

When using OpenVPN, what script will you run to generate the public and private key for the client?

build-key

When using OpenVPN, what script will you run to generate the public and private key for the server?

build-key-server

When using squid, what would you enter into the configuration file to enable disk caching to /var/spool/squid3/ with 100MB, 10 level 1 folders and 200 level two folders and using the ufs file system type?

cache_dir ufs /var/spool/squid3 100 10 200

When using squid, what directive would you enter into the configuration file to use 256MB of memory as cache?

cache_mem 256 MB

What statement do you enter into an LDIF file if you want to update a field that already exists?

changetype: modify

When on a RHEL system, what package might you have to install to have the smbclient utility succesfully authenticate?

cifs-utils

What Postfix helper process checks inbound email headers and places them in the incoming queues?

cleanup

When using a more modern version of linux, what LDAP database holds the configurations for the other LDAP databases?

cn=config

When using PAM, what is the third field in a configuration line?

control

What does the following Procmail recipe do to incoming messages? :0: c messages

copy to messages

What MUA can use an MySQL or LDAP for its database?

courier

What MUA is modular and has different programs installed for IMAP and POP3?

courier

When editting the DHCP configuration file, what global directive do you need to set to change the default lease time to 1000 seconds?

default-lease-time 1000;

When using logging in BIND, what is the default channel used by most systems?

default_debug

When using squid, if your last ACL is an allow statement, what will the implied default be (allow/deny)?

deny

When modifying the fail2ban configuration file, what option specifies the destination email address for alerts?

destemail:

When using RHEL, what package do you install for a DHCP server?

dhcp

When using older Ubuntu systems (pre-12.04), what package did you install to enable a DHCP server?

dhcp3-server

What command can you use to test a DHCPd configuration file for syntax errors?

dhcpd -t -cf

If you want to use the CLI utility to run a DHCP relay server and to point it to the server 1.1.1.1, what command would you run?

dhcrelay 1.1.1.1

What command would you use with the dig command to perform a reverse lookup on 192.168.1.1?

dig -x 192.168.1.1

What BIND option setting specifies the default directory used by the BIND service?

directory

When creating a Sieve script, what action command silently ignores the message?

discard

When using LDAP, what is it called when different parts of the database reside on different LDAP servers?

distributed

What alternative to BIND provides a very secure DNS platform that we used by tinydns and dbndns?

djbdns

When is the abbreviation for the full chain and name of an LDAP object?

dn

When creating an LDIF file, what would the first line of the cn object server1 in the test.com domain be?

dn: cn=server1,dc=test,dc=com

What alternative to BIND provides a lightweight DNS forwarding daemon that also provides TFTP and DHCP?

dnsmasq

When deploying TSIG on a BIND DNS server, what command would you enter to create an HMAC-MD5 128-bit key named 'mykey'?

dnssec-keygen -a HMAC-MD5 -b 128 -r /dev/urandom -n HOST mykey

If you are using DNSSEC without automatic signing, what command can you run to manually sign a zone?

dnssec-signzone

When using Samba, what security mode should you use if you want to join an older NT domain?

domain

What is the main application for controlling dovecot?

doveadm

What command is used to display the current configuration for dovecot?

doveconf

What is it called when Dovecot supports the Sieve programming language for handling incoming settings.

dovecot vacation extension

When using an acl element in squid, what 'acl type' would you use to specifiy a destination domain name?

dstdomain

What command would you enter in the aliases file to forward emails from ed to root?

ed: root

When running CentOS, what package do you need to install prior to installing the nginx package?

epel-release

When using apache, what is generally the default MPM?

event

When using NFS, what is a share called?

export

When using NFS, what command would you use to reload the NFS export settings without restarting the service?

exportfs -r

What command would you use on an NFS server to export the share named /nfsshare to client 1.1.1.1?

exportfs 1.1.1.1:/nfsshare

What program can you use to disable an account that has missed its login consecutive times?

fail2ban

In CentOS, Nginx is automatically enabled and started (true/false)?

false

When using postconf -e to change a Postfix option, the daemon must be restarted in order to activate the changes (true or false).

false

When using IPv6, what does a link local address start with?

fe80

When editting the DHCP configuration file, what BOOTP directive do you need to set for the provided file to be /etc/testfile.img?

file "/etc/testfile.img";

When creating a Sieve script, what action command saves the message into the the specified location?

fileinto

When editting the DHCP configuration file, what directive do you use to assign the IP address 10.1.1.10 to a host?

fixed-address 10.1.1.10;

When configuring vsftp, what directive would you set to specify a specific user account for anonymous ftp?

ftp_username

When using DHCPd, what command must you start a configuration block with if you want to share common options on static host objects?

group

When editting the DHCP configuration file, what directive do you use to assign a fixed address to 11:22:33:44:55:66?

hardware address 11:22:33:44:55:66;

What zone type is used to query the Root Servers with BIND?

hint

What quick command can be used to get a quick resolution for a domain name using the DNS servers that are listed in your /etc/resolv.conf file?

host

When editting the DHCP configuration file, what do you start a clause with for a static host mapping?

host

What using Samba, what global configuration directive would you use to deny the system 1.1.1.1 from access?

host deny = 1.1.1.1

When using ncsa authentication, what command string would you enter to create a new password file at /etc/apache/pass with a new user jsmith?

htpasswd -c /etc/apache/pass cnelson

When using squid, what command would you enter in a terminal to add the user jsmith to a new password file located at /etc/squid/passwords in the basic_ncsa_auth format?

htpasswd -c /etc/squid/passwords cnelson

When using squid, what would you enter into the configuration file to tell the system to use the authentication acl element named TEST on all traffic?

http_access allow TEST

When using squid, what directive would you enter ino the configuration file to control the communication port?

http_port

When using RHEL, what package would you install to enabled apache?

httpd

When using RHEL apache, what command and switch can be entered to see the current MPM type?

httpd -V

When using RHEL apache, what package to you need installed to use htpasswd?

httpd-tools

When using NFSv4, what daemon can be used to map UIDs and GIDs to usernames?

idmapd

What command would you enter on a Linux system to add a second IP address of 10.1.1.1 to eth0?

ifconfig eth0:0 10.1.1.1

What command would you use to include the following file in the BIND configuration: /var/named/extra.config ?

include "/var/named/extra.config";

When using Nginx, what directive line would you enter to set the default webpage looked for to index.htm?

index index.htm;

What LDAP object class is also known as the whitepages?

inetOrgPerson

What command can you use to make modifications to the IPv6 iptables?

ip6tables

When using iptables what command would you enter to add a rule to the INPUT chain stating that any traffic coming from the source IP address of 1.1.1.1 would be rejected?

iptables -A INPUT -s 1.1.1.1 -j REJECT

When using iptables, what would you enter into the command line to make the default policy for the INPUT chain the target REJECT?

iptables -P INPUT REJECT

When using iptables on Debian, what package do you need to install to load the iptables configuration automatically on boot?

iptables-persistent

When using iptables, what command would you use to restore the firewall configuraiton to a file in the current directory named myrules.txt?

iptables-restore < myrules.txt

When using iptables, what command would you use to save the firewall configuraiton to a file in the current directory named myrules.txt?

iptables-save > myrules.txt

When using Debian, what package do you need to install to enable a DHCP relay server?

isc-dhcp-relay

When using Debian, what is the service name for the DHCP server?

isc-dhcp-server

When using Debian, what package do you install for a DHCP server?

isc-dhcp-server

When creating a Sieve script, what action command saves the message into the default file location for the user?

keep

What alternate method can be used to increase the log level of a Samba system by one if its PID is 10?

kill SIGUSR1 10

What alternate method can be used to decrease the log level of a Samba system by one if its PID is 10?

kill SIGUSR2 10

When using an ftp client, what command can you use to change your local ftp directory?

lcd

What is the LDAP service name on an LDAP server?

ldap

When using Debian, what package do you need to install to enable the LDAP client?

ldap-utils

When using the LDAP client, what command can you use to import a LDIF file?

ldapadd

When using the LDAP client, what command do you need to use delete an object?

ldapdelete

When using the LDAP client, what tool can be used to change the settings of an object?

ldapmodify

When using the LDAP client, what tool do you use to change the encrypted password of a user?

ldappasswd

What using an LDAP client, what tool can you use to query ldap information?

ldapsearch

What is an enhance version of the client ftp program for the CLI?

lftp

When using the lftp program, what command would you enter to connect to server 1.1.1.1 with the user jsmith?

lftp -u jsmith 1.1.1.1

When using Debian apache, what package would you need to install to get the perl module?

libapache2-mod-perl

When using Debian apache, what package would you need to install to get the php module?

libapache2-mod-php5

When using Nginx, what directive in the server block dictates what IPs and ports to use?

listen

What BIND configuration option would you use to configure a server so the service listens on port 53 on all interfaces?

listen-on port 53 { any; };

When using vsftp, what directive do you need to have set to allow regular linux users to authenticate to the server?

local_enable

When creating a BIND ACL, what word can be used to represent the local subnets to the server?

localnets

When using Nginx, what directive would you use to adjust settings for a particular folder?

location

When using Samba, what global configuration directive would you use to set the logging to the maximum level?

log level = 10

When using ldap, what directive is used to enable logging?

loglevel

What tool is used to help generate the monolithic sendmail configuration file?

m4 preprocessor

What parameter must you enter into the Postfix configuration file in order to process local deliver with Procmail?

mailbox_command

Which mailbox method is used to store all the emails for a user as individual files in their mail folder?

maildir

What Postfix utility program checks the Postfix mail queue?

mailq

What sendmail emulation command allows you to check on the number of messages in the queue waiting to be delivered?

mailq

What is the name of the main Postfix process?

master

What zone type is used when configuring a primary server with BIND?

master

What is the Postfix configuration file that manages when Postfix processes start and stop?

master.cf

What entry would you put in a BIND zone configuration file on a secondary server to dictate that the zone database files be kept in text format and not binary

masterfile-format text

What configuration entry should you place in a BIND zone configuration file to allow a secondary server to accept transfers from a master server at 1.1.1.1?

masters { 1.1.1.1; };

When using squid, what directive would you enter into the configuration file to control the maximum size of a file in memory?

maximum_object_size_in_memory

Which mailbox method is used to store all the emails for a user in a single file?

mbox

What part of the modular linux email system is responsible for local delivery?

mda

What Dovecot settings specifies the authentication methods that the server supports?

mechanisms

When using the lftp client, what command can you use to download all the files in the current directory that end in .temp?

mget *.temp

When using apache what module needs to be installed if you want to use the client's hostname or IP address to restrict access using the order,allow and deny statements?

mod_access_compat

When using apache what module needs to be installed if you want to use downstream authentication systems?

mod_auth_basic

When using apache what module needs to be installed if you want to use the client's hostname or IP address to restrict access using the require statement?

mod_authz_host

When using RHEL apache, what package would you need to install to get the perl module?

mod_perl

When using apache, what module package do you need to install to support SSL?

mod_ssl

When using a Samba client system, what command would you enter to mount //1.1.1.1/share to /mnt/local using the user jsmith?

mount -o username=jsmith,noperm //1.1.1.1/share /mnt/local

When using an NFS client, what command would you use to mount the NFS export /srv/share from the server IP 1.1.1.2 using NFSv3 to /local/share?

mount -o vers=3 1.1.1.2:/srv/share /local/share

What command can be used to mount client samba shares?

mount.cifs

What mount command should you use to mount an NFS share?

mount.nfs

What is the name of the daemon that handles the NFS client mount requests on the server side?

mountd

What command can you use to show per mount statistics?

mountstats

What module configuraton file is deployed in Debian to enable the prefork MPM?

mpm_preform.conf

What part of the modular linux email system is responsible for sending and receiving emails to and from external systems?

mta

What part of the modular linux email system is responsible for allowing the clients see their messages with either CLI or GUI?

mua

When editing the Postfix main.cf file, what parameter is used to identify domains that will be sent for?

mydestination

What is the BIND service called on a CentOS system?

named

What is the name of the BIND service user id on a CentOS system?

named

What command would you run to check a servers named.conf file for syntax errors?

named-checkconf

What command would you use to verify the syntax of a forward lookup zone for example.com located at /var/named/named.example.com

named-checkzone example.com /var/named/named.example.com

What command can you enter to convert a zonefle from binary to text and back again?

named-compilezone

When using Samba, what command would you use to join as a member server using the administrator account cnelson if you are already pointing to the correct DNS?

net ads join -U cnelson

What command can be used to display open samba shares on the network that is similar to a Windows command?

net status shares

When using Samba, what global configuration directive would you use to specify the NetBIOS name?

netbios name

After adding or changing aliases in the /etc/aliases file, it's important to run what command as root?

newaliases

When editting the DHCP configuration file, what command do you need to enter to specify that the secondary server named mainhost should be used to download the file?

next-server "mainhost";

When using NFS on Debian, what is the package that you install to enable the client?

nfs-common

What is the server service name for NFS on Ubuntu?

nfs-kernel-server

When using NFS on Debian, what is the package that you install to enable the server?

nfs-kernel-server

When using NFS on RHEL, what is the package that you install to enabled the server and client?

nfs-utils

What command can you use to display NFS statistics for IO?

nfsiostat

When using NFS, what command can be used to show both RPC protocol stats and NFS protocol stats?

nfsstat

When using Nginx, what is the default user directive on a RHEL system?

nginx

When using Nginx, what command line tool and switch could you use to test and dump the current configuration of Nginx?

nginx -T

When using Nginx, what command line tool and switch could you use to test the current configuration of Nginx?

nginx -t

When using Nginx, what command line tool and switch could you use to display the current version of Nginx?

nginx -v

What mode is the snort program in if it only reports on detected intrusions?

nids

What daemon in the Samba suite is respondsible for NetBIOS?

nmbd

When using Samba, what command can you use to find systems on the network that are members of the workgroup 'WORK' and also display their names?

nmblookup -S WORK

When using LDAP, what defines the available attributes of an object?

object class

When using Postfix as the MDA, how are the emails concatenated into one file or is there one file per email (one / individual)?

one

When using RHEL, what package do you need to install to enable the LDAP client?

openldap-clients

When using RHEL, what package do you need to install to enable the LDAP server?

openldap-servers

When using Debian, what package do you install to enable the SSH client?

openssh-client

When using RHEL, what package do you install to enable the SSH client?

openssh-clients

When using either Debian or RHEL, what package do you install to enable the OpenSSH server?

openssh-server

What package should you install to generate and manage SSL certificates?

openssl

What package do you need to install to have access to OpenVAS?

openvas-server

If you want to run the initial setup of OpenVAS, what script should you run?

openvas-setup

When using either Debian or RHEL, what package do you need to install to enable OpenVPN?

openvpn

When using OpenVPN with static keys, what command would you run to create an encryption key with the name 'mysecret.key'?

openvpn --genkey --secret mysecret.key

When using OpenVPN, what command would you use to start the VPN server with the configuration file server.conf?

openvpn server.conf

When editting the DHCP configuration file, what global directive do you need to set the broadcast address to 10.1.1.255?

option broadcast-address 10.1.1.255;

When editting the DHCP configuration file, what global directive do you need to set the domain name suffix to home.local?

option domain-name home.local;

When editting the DHCP configuration file, what global directive do you need to set to enable a DNS server of 1.1.1.1?

option domain-name-servers 1.1.1.1;

When editting the DHCP configuration file, what global directive do you need to set the default gateway to 10.1.1.1?

option routers 10.1.1.1;

When using PAM, what 'control' is used only when linked to another service module?

optional

What mode is the snort program in if it dumps information to a log file?

packet logger

What PAM module is used to enforce certain password requirements like length and complexity?

pam_cracklib

What PAM module is used to enforce technical limits on uses like how many files they can have open?

pam_limits

What PAM module is used to map to a file that limits the users or groups it contains?

pam_listfile

What PAM module is used to integrate with AD or LDAP?

pam_sss

What PAM module is used to authenticate against the passwd file?

pam_unix

When using Samba, what global configuration directive would you set to indicate the smb password database should use the default type?

passdb backend = tdbsam

When using Samba AD integration, what password line do you need to add if you want it to check local files then active directory for user IDs?

passwd: compat winbind

When using Samba AD integration, what password line do you need to add if you want it to check active directory first for user IDs?

passwd: files winbind

When using PAM, what 'type' is used to change passwords?

password

When creating a Samba credential file to be used by fstab, what is the format for the password of 123?

password=123

When using Samba, what command would you use to list the users that are current set in the smb password database?

pdbedit -L

When using RHEL apache, what package would you need to install to get the php module?

php

What Postfix helper process waits for messages in the maildrop queue and sends them to the cleanup program?

pickup

When configuring a BIND file, what option do you use to specify where the daemon writes the current PID in clear text?

pid-file

In what section of the configuration file are the Dovecot vacation extension stored?

plugin

When using an acl element in squid, what 'acl type' would you use to specifiy a port used?

port

What Postfix utility program and option is used to interact with the alias database?

postalias

What command can be used to show all the settings currently configured in the Postfix main.cf file?

postconf

Postfix contains a dedicated user account that runs all the services called?

postfix

What Postfix utility program and option is used to stop the Postfix service?

postfix stop

What Postfix utility program is used to create the binary lookup files from the lookup text files?

postmap

When using apache, what type of MPM allows for the PHP pluggin?

prefork

When using Samba, what printers directive would you use to allow the submital of print jobs?

printable = yes

What package would you install to enable the ProFTPd package?

proftpd

When using an acl element in squid, what 'acl type' would you use to specifiy a protocol?

proto

When using Nginx, what directive line would you add to the location block to reverse proxy traffic to http://10.1.1.1/?

proxy_pass http://10.1.1.1/;

When using Samba, what would you put in the smb.conf file to make a share NOT public?

public = no

When using OpenVPN what type of encryption uses certificate keys?

public key

What is an additional package that you can add to snort that includes sample templates?

pulled pork

What package would you use to install pure-ftpd?

pure-ftpd

What Postfix helper process is responsible for central message routing?

qmgr

When you are configuring an IPv6 DHCPd server, what service should you employee if you want to enable Stateless DHCP (or SLAAC)?

radvd

What configuration file do you need to modify to configure the DHCPv6 radvd service?

radvd.conf

When editting the DHCP configuration file, what global directive do you need to set to have a valid IP range of 10.1.1.1-20 provided by DHCP?

range 10.1.1.1 10.1.1.20;

What BIND configuration option would you use to allow a server to be a caching server?

recursion yes

When creating a Sieve script, what action command forwards the message?

redirect

When creating a Sieve script, what action command rejects a message and sends the reason back to the sender?

reject

When editing the Postfix main.cf file, what parameter is used to identify what will be allowed to relay?

relayhost

When configuring an OpenVPN client, what would you enter into the configuration file to point it to the server at 1.1.1.1 on port 1194?

remote 1.1.1.1 1194

When using PAM, what 'control' is used to terminate the service after running through the remaining items when the check is failed?

required

When using PAM, what 'control' is used to terminate the service immediately when the check is failed?

requisite

When using BIND, what command can you use to write all the statistics to the file indicated by the statistics-file setting in the named.conf file?

rndc stats

What command would you issue to the BIND Daemon to receive the status in a nice easy to read format?

rndc status

What command would you run to re-create the rndc key file used to access BIND?

rndc-confgen -r /dev/urandom -a

What is the highest level of the Domain Name Space, often represented by a "."?

root

When creating a Samba credential file, who should the owner be?

root

When using Nginx, what directive line would you enter to set the Document root to /usr/share/nginx/html?

root /usr/share/nginx/html;

When creating an NFS export, what directive should you use to ensure that root users on other systems don't have administrative access to your system?

root_squash

When using a slapd.conf file to configure the LDAP server database, what directive do you use to specify the administrative user?

rootdn

What command do you need to run to see the current routing tables and to add routes to a server?

route

What daemon do you need to install to enable RIP on a linux server?

routed

When using NFSv3, what module is responsible for communicating with with the client machines?

rpcbind

When using NFS, what command and switch can be used to see detailed information about what ports are being used by rpc?

rpcinfo -p

When on a RHEL system, what package would you install to deploy the samba server software?

samba

When on a RHEL system, what package would you install to deploy the samba client software?

samba-client

What program is used to administrate the Samba Active Directory server?

samba-tool

When on a RHEL system, what package would you install to deploy the samba's integration with active directory as a member?

samba-winbind

When using LDAP, what defines the object classes and how they are interrelated?

schema

When using SCP, what command would you enter to copy the file /home/test.txt from the remote server 1.1.1.1 as the user cnelson with the destination folder on the localhost being /home/share/test.txt?

scp [email protected]:/home/test.txt /home/share/test.txt

When configuring an OpenVPN client, what would you enter into the configuration file to tell it to use the secret key at mysecret.key?

secret mysecret.key

When using Samba, what global configuration directive would you use to set the security level to user (the default)?

security = user

What website do you go to in order subscribe to the bugtraq mailing list where they send "full disclosure" information about vulnerbilities and how to exploit them?

securityfocus.com

When modifying the fail2ban configuration file, what option specifies the sending email address for alerts?

sender:

Postfix server comes with what type of emulation layer?

sendmail

What sendmail command is used to run sendmail as a background daemon that will check the mail queue every 5 minutes?

sendmail -bd -q5m

What legacy sendmail command can you type to see the postfix mail queue?

sendmail -bq

When using Nginx, what 'block type' is used to setup how the server responds to requests

server

What would you enter into a BIND secondary server configuation file located at 1.1.1.1 to have a zone transfer use a key named 'mykey'?

server 1.1.1.1 { keys { mykey; }; };

When using Samba, what global configuration directive would you use to create a friendly name for your server?

server string

When editting the DHCP configuration file, what command do you need to enter to specify that the primary server named mainhost should be used to download the file?

server-name "mainhost";

When using Nginx, what directive in the server block is used to set the domain names that virtual host will respond to?

server_name

When using PAM, what 'type' is used to mount directories and perform other staging items?

session

When using Samba, what security mode should you use if you want to have one password for all users?

share

When using DHCPd, what command must you start a configuration block with if you want to share common options on several subnets?

shared-net

When on an NFS client, what command can you use to display the available exports on the server 1.1.1.1?

showmount -e 1.1.1.1

What is a programming language built specifically for email filtering?

sieve

When on an LDAP server, what command is used to directly inject LDIF files into the database?

slapadd

When on an LDAP server, what command is used to export LDIF files from the database?

slapcat

What is the main LDAP process that responds to server requests?

slapd

When using Debian, what package do you need to install to enable the LDAP server?

slapd

When using an LDAP server, what command is used to start and configure the LDAP system through the use of LDIF files?

slapd-config

When on an LDAP server, what command is used to reindex the LDAP database?

slapindex

When using an LDAP server, what command can you use to validate a slapd.conf file?

slaptest

What zone type is used when configuring a secondary server with BIND?

slave

When using multiple LDAP servers, what utility is used to initiate replication?

slurpd

When on a RHEL system, what is the name of the samba service?

smb

When on a Debian system, what package would you install to deploy the samba client software?

smbclient

When using Samba, what command would you use to list the shares available on a server with the IP address 1.1.1.1 using the username jsmith?

smbclient -L //1.1.1.1 -U jsmith

When using Samba printing, what command would you use to send a print job called 'test1.txt' to server 1.1.1.1 and to a printer named 'Print1' as the user jsmith?

smbclient //1.1.1.1/Print1 -U jsmith -c "print test1.txt"

When using Samba, what command would you use to access the share 'awesome' available on a server with the IP address 1.1.1.1 using the username jsmith?

smbclient //1.1.1.1/awesome -U jsmith

When using Samba, what command can you use to reload the smbd daemon configuration?

smbcontrol smbd reload-config

When on a Debian system, what is the name of the samba service?

smbd

When using Samba, what command would you use to add a new user to the Samba password file named jsmith?

smbpasswd -a jsmith

When using Samba, what command can be used to check the active sessions?

smbstatus

When using Samba, what command can be used to check the active sessions with the maximum verbosity?

smbstatus -d 10

What Postfix helper process sends messages to external servers?

smpt

What Postfix helper process receives messages from external servers?

smptd

When configuring Postfix's main.cf configuration file, what option do you use to make TLS use mandatory?

smtpd_tls_security_level = encrypt

When configuring Postfix's main.cf configuration file, what option do you use to enable TLS to be used if desired?

smtpd_tls_security_level = may

What mode is the snort program in if it dumps information to the terminal?

sniffer

If you were creating an 'A' record for a server named svr1 at IP address 1.1.1.1, what would the syntax be?

srv1 IN A 1.1.1.1

What linux utility adds new key passphrases to ssh-agent?

ssh-add

What linux utility holds onto the key passphrase for future logins?

ssh-agent

When using SSH keys on a client, what command would you enter to send the public key with the default location and name to the server at 1.1.1.1 as the user jtest?

ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]

When using an SSH client, what command would you enter to generate the private and public keys?

ssh-keygen

When using PAM, what is the daemon name for the service that is used to pass authentication to LDAP or AD?

sssd

When configuring DHCP for IPv6, which configuration mode requires that you only configure the options?

stateless

When using OpenVPN what type of encryption uses a common secret on both sides?

static key

When creating a Sieve script, what control command terminates the script?

stop

When using PAM, what 'control' is used to terminate the service immediately when the check is passed?

sufficient

When using a slapd.conf file to configure the LDAP server database, what directive do you use to specify the base DN?

suffix

When using Samba, what command would you use to test the syntax of the smb.conf file?

testparm

Exim is another option for email services (true / false)?

true

When adding a matching user to a Samba client system, the UID should match the UID on the server (true or false)

true

When using Samba, it will allow printing to all printers added through cups (true/false)

true

When using active FTP, both the client and server initialze sessions to open ports (True/False)?

true

When using PAM, what is the second field in a configuration line?

type

When using Samba, what global configuration directive would you use to automatically synchronize a changed smb password to the linux password?

unix password sync = yes

What command would you enter on a linux system to create a user named cnelson with a UID of 201, create the home directory at the path /home/cnelson

useradd --uid 201 -m -d /home/cnelson cnelson

When there are dissimilar usernames between a Samba client and server, what directive would you use to signify a file that contains a static mapping from server to client?

username map

When using Samba, what share configuration directive would you use to allow only members of the group 'cool' to access the share?

valid users = @cool

When on a Linux system, what package do you install to load the Very Secure FTP program?

vsftpd

When using Samba, what command and switch can you enter to see if the server can correctly query usernames from Active Directory?

wbinfo -u

When on a Debian system, what package would you install to deploy the samba's integration with active directory as a member?

winbind

What value would you place in the sshd_config files option of PermitRootLogin to force only key system access for the root account?

without-password

When using apache, what MPM is designed to be memory effecient through the use of child threads?

worker

When using Samba, what global configuration directive would you use to create a browseable domain name called test?

workgroup = TEST

When configuring vsftp, what directive would you set to specify upload access is possible?

write_enable

When using Samba, what would you put in the smb.conf file to make a share both read and write?

writeable = yes

When using Nginx, what is the default user directive on an Ubuntu system?

www-data

When you are installing squid on a Debian system, is in automatically started and enabled (yes/no)?

yes

In CentOS, what command would you run to install Nginx?

yum install nginx

What is the special Procmail recipe action condition that starts a program?

|

When using SSH keys, what file and path on the server holds the valid keys for access?

~/.ssh/authorized_keys

When generating SSH client keys, what is the default name and path of the private key?

~/.ssh/id_rsa

When generating SSH client keys, what is the default name and path of the public key?

~/.ssh/id_rsa.pub

When using SSH keys, what file and path on the client holds the public signature key for the server?

~/.ssh/known_hosts

When using apache, what ssl directive would you use to specify whether or not the server honors http trace requests?

TraceEnable

What web service can you subscribe to for weekly bulletins and technical alerts?

USCERT

When using apache, what directive do you place in the configuration file to change the user name for the service?

User

When using apache, what directive do you place in the configuration file to utilize individual user directories named public_html in each users home directory?

UserDir public_html

When using iptables, what chain handles all packets heading from the local machine?

OUTPUT

When using decentralized authentication files in apache, what directive do you need to place in virtual host configuration file to tell the system to look for the independted auth file?

AllowOverride AuthConfig

When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to allow specific users?

AllowUsers

When configuing a RHEL DHCP client, what do you add to the network configration file to enable DHCP?

BOOTPROTO=dhcp

When using apache, what is the abbreviation for the interface that allows apache to interact with other programs like Perl and PHP?

CGI

What script can you use to create your own CA for generating self-signed SSL certificates?

CA.pl

If you have the CA.pl script available what command would you enter to create your own CA?

CA.pl -newca

If you have the CA.pl script available what command would you enter to sign a certificate?

CA.pl -signreq

What technology is used to help mitigate the risks caused by Certificate Authority compromises?

DANE

When configuring dhcrelay, what entry to you need to set in the configuration file to point the relay to the DHCP server located at 1.1.1.1?

DHCPSERVERS=1.1.1.1

When using iptables, what policy setting denies the communication and doesn't send an error?

DROP

When using MPM in apache, what setting in the configuration file dictates the maximum number or processes that are allowed to bespawned?

MaxRequestWorkers

When using iptables, what table is used to apply changes to the addresses of the packets?

NAT

Although it has been deprecated, what command would you enter into an apache configuration file to specify that the IP address 10.1.1.1 was using name based virtual hosting?

NameVirtualHost 10.1.1.1

When using Debian what command would you enter to disable an enabled apache site file named example.conf?

a2dissite example

When using Debian apache, what command could you use to enable a module called php7.0?

a2enmod php7.0

When using Debian apache what command would you enter to enable an available site file named example.conf?

a2ensite example

What Postfix lookup table file is used to create ACLs for SMTP?

access

When configuring LDAP, what directive is used to configure access permissions of objects?

access

When using squid, what would you enter into the configuration file to create an acl element that is named TEST that requires authentication to proxy traffic?

acl TEST proxy_auth REQUIRED

What command would you use to create BIND ACL named 'test' that allows only the subnet '10.0.0.0/24'?

acl test { 10.0.0.0/24; };

When using Samba, what security mode should you use if you want to join an Active Directory as a member?

ads

What would a snort rule syntax be to alert on icmp traffic going from 192.168.1.0/24 on any port destined for any destination on any port

alert icmp 192.168.1.0/24 any -> any any


Kaugnay na mga set ng pag-aaral

Chapter 8 Questions (All Correct)

View Set

3g E: U13: (***) past simple or present perfect

View Set

Art History II Chapter 16 & 17 Quiz

View Set