13-15

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

From the bash command prompt, which of the following commands directly executes /usr/bin/scripts/cleanup.sh?

source /usr/bin/scripts/cleanup.sh

Which ssh option should you enter at the command prompt to set up an SSH tunnel for X server traffic?

ssh -X

You need to connect to a remote system whose host name is abc.def.com and execute a shell script called daily-backup.sh that backs up some files. The username that has permissions to execute that script is bubba. Which command should you run to make the connection?

ssh -l bubba abc.def.com

As you configure your client for public key authentication, you decide to generate the DSA key pair. You would like to configure the client to automatically provide the private key passphrase when needed so that you do not need to type the passphrase for every new SSH connection to a server. Which command should you use in conjunction with the ssh-agent bash command? (Enter the command and options as if you are at the command prompt.)

ssh-add ~/.ssh/id_dsa

You are currently logged in using the badams account. You want to view the contents of the /etc/inittab file, but you are not allowed to with the badams account. Which command could you use to view the file?

su -c "cat /etc/inittab" -l

You have logged in as a regular user when a frantic phone call comes in. The ABCD process must be started on the server now, but can only be run by root. Which command would you use to start this process?

sudo ABCD

Unnecessary network services might provide attackers with an entry point for an attack. To view a list of services, or units, installed or running on a systemd-based system, what could you enter at the command prompt?

systemctl list-units

What should you enter at the command prompt to check the TCP wrapper configuration on your system?

tcpdchk

What do you enter at the command prompt to prevent the shell from using too much of the system's resources?

ulimit

Which of the following are valid ways to assign a variable a value in a bash script? (Choose TWO.)

variable1=Hello declare -i num1=4

Which of the following command line tools are used to control virtualization by using arguments such as list, start, and shutdown?

virsh

Which of the following tools provides a graphical interface for managing virtual machines on a Linux host?

vmm

When creating a bash script, it is important to document the purpose of the script. Which of the following is a valid comment?

# Comment text

Which of the following shell declarations should be entered on the first line of a script for a system that uses the bash shell?

#!/bin/bash

Which chage option keeps a user from changing password every two weeks?

-m 33

Which of the following files can be configured to ignore certain file types from being committed to the local Git repository?

.gitignore

Which of the following is the associated device file for that terminal?

/dev/tty5

You are modifying the tcpd control files of the xinetd super daemon. Of the two tcpd control files, what is the full path and filename of the file that is applied first?

/etc/hosts.allow

What is the full path and filename of the file you should create to disable user login on a Linux system?

/etc/nologin

Which configuration file should you edit to enable Pluggable Authentication Modules (PAM) to check for a file named /etc/nologin?

/etc/pam.d/login

A number of remote users call to say that they cannot connect via SSH today. When you look at the processes, you see that the daemon is not running. Which command would you use to solve this problem?

/etc/rc.d/init.d/sshd start

Where does the client store SSH keys that are used to establish an SSH session? (Select TWO).

/etc/ssh/ssh_known_hosts ~/.ssh/known_hosts

Management wants a compilation of specific data to occur every night. The only way to accomplish this task is to copy files throughout all network hosts to one server via TFTP. Which of the following files MUST be edited to enable xinetd to manage TFTP on the Linux server?

/etc/xinetd.d/tftp

The gshant user is attempting to connect to a remote SSH server; however, you need to override the default SSH configurations for the client system when he establishes an SSH session. Which of the following files should you edit?

/home/gshant/.ssh/config

As the network administrator, one of your responsibilities is to analyze and troubleshoot SELinux context violations. In which directory are the SELinux violations recorded?

/var/log/audit

Which is the most correct description for 3DES?

3DES is a very secure mode of the DES algorithm encryption method that encrypts data three times using a 168-bit key.

There are two types of hypervisors, Type 1 and Type 2. Which of the following describes those two types? (Choose TWO.)

A type 2 hypervisor runs on an operating system. A type 1 hypervisor runs on bare metal hardware and is referred to as a native hypervisor.

You want to allow any host from westsim.com to have access to your system. Which of the following line items would you add to the /etc/hosts.allow file to accomplish this task?

ALL: .westsim.com

Which of the following is a key difference between agent-based orchestration and agentless orchestration? (Choose TWO).

Agent-based requires that proprietary software is installed on each device you wish to monitor. Agentless orchestration does not require a proprietary software agent to be installed on the managed hosts.

What does the netstat -a command show?

All listening and non-listening sockets

You would like to use SSH port tunneling to work on a remote system. You also need to ensure that all data that you send to the remote system is encrypted. Which SSH configuration option, in the /etc/ssh/sshd_config file, needs to be set yet to yes?

AllowTCPForwarding

Lynda, a network administrator, has been tasked with connecting the VMs on multiple virtual machine hosts in a way that doesn't expose the VMs to the external network. Which of the following should you implement?

An overlay network

What is the purpose of the find / type f -perm -o=x -ls command?

Audit files in the root directory that have execute permissions for others.

What is the purpose of the find / type f -perm -u=s -ls command?

Audit files in the root directory that have the SUID bit set.

Which of the following types of cloud storage is managed from a dashboard or webpage?

Blob

Which of the following cloud storage types is accessed through network drives or as a cloud computing resource?

Block

Which of the following templates, which use the JSON file format, can be copied and used to create multiple containers, that run the same applications?

Container image

Which of the following would enable the rsync service to be managed by the xinetd super daemon?

Create the rsync file in /etc/xinetd.d

Which of the following provides security for datagram-based applications by allowing them a communication method designed to prevent eavesdropping, tampering, and message forgery?

DTLS

When implementing a network gateway, implementing a firewall, or increasing performance, multiple NICs can be added to a computer. Which of the following can be implemented on VMs to provide this capability?

Dual-homed NICs

Which of the following is an advantage of xinetd over inetd?

xinetd uses separate configuration files for each managed service.

You were recently hired by a small start-up company. The company is in a small office and has several remote employees. You have been asked to find a business service that would accommodate the current size of the company but would also be able to scale as the company grows. The service needs to provide adequate storage as well as additional computing power. Which cloud service model should you use?

IaaS

Orchestration is the automated configuration, coordination, and management of computer systems and software. Orchestration takes advantage of several tasks that are usually automated to create a more complex workflow. Which of the following workflows needs can be satisfied by orchestration? (Choose FOUR).

Inventory Automated builds and code deployments Server provisioning Configuration management

Which of the following can be used to script Anaconda and provide unattended installations using a single file?

Kickstart

You work for a growing small business where the executives are traveling and working remotely. Which of the following would offer the BEST protection for sensitive data on their laptops?

LUKS disk encryption

Within the /etc/security/limits.conf file, you notice the following entry: @guests hard maxlogins 3 What effect does this line have on the Linux system?

Limits the number of maximum logins from the guest group to three.

Linux-based hypervisors, such as Xen, KVM, and QEMU, provide a software-based virtual network switch. Which of the following is an additional feature provided by a Linux bridge?

NAT

Anna, a system administrator, created a new virtual machine that she would like to provision on additional hypervisors. Which of the following will provide a VM template that is open and can be used by hypervisors from different vendors?

OVF

Which of the following describe an OVA (open virtual appliance or application) file?

Provides a single file that archives all the files that make up an OVF using TAR.

For Linux systems where physical access could be compromised, which of the following best practices should be implemented to prevent a user from booting into single user mode with root access?

Set a bootloader password.

Which of the following describes the function of the export command?

Sets environment variables.

What is the effect of the following command? chage -M 60 -W 10 jsmith

Sets the password for jsmithto expire after 60 days and gives a warning 10 days before it expires.

Which of the following orchestration attributes are typically configured? (Choose TWO).

Start and stop time. User name, title, and employee ID for user orchestration.

Given the command ls > myfiles which of the following describes the results?

The stdout of the ls command is redirected to the myfiles file.

Your company is deploying ten new virtual machines. You have planned the disk space for anticipated future growth. However, the hypervisor currently doesn't have enough disk space for the all the disks that need to be allocated. You have placed an order for additional storage that will be added to the hypervisor. You must have all ten servers operational before your order will arrive. You determine that overbooking the storage space will work in the short term. Which of the following storage provisioning options should be selected?

Thin provisioning

Which of the following is the main purpose of the xinetd service?

To receive client requests for network services and start and stop them on demand.

Maria, a user, is working remotely from a hotel while traveling for business. Maria needs to access some sales resources on the company's network. Which of the following would allow Maria to securely access the resources she needs?

VPN

Mary, a system administrator, would like to deploy virtual machines, storage, and networking in a cloud environment. Which of the following file formats would allow Mary to modularized these items as a template? (Select TWO).

YAML JSON

Login blocking is enabled using the Pluggable Authentication Modules (PAM) module. What line needs to be in the /etc/pam.d/login file to configure PAM to check and see if a file named /etc/nologin exists?

auth requisite pam_nologin.so

When using templates to deploy virtual machines, one challenge is that all VMs will have the same settings, such as hostname, security identifiers, and even the same IP address. Which of the following allow a VM to be provisioned with unique settings and configurations?

bootstrapping

What chage command should you enter at the command prompt to set the password for jsmith to expire after 60 days and give a warning 10 days before it expires?

chage -M 60 -W 10 jsmith

You would like to make it harder for malicious users to gain access to sensitive information. Which of the following techniques can be used to remap the root directory to include only certain directories and files?

chroot jail SSH

The /etc/cloud/cloud.cfg file controls the cloud-init modules that are run. The modules represent configuration stages. Which of the following are the three configuration stages used by Cloud-init? (Select THREE.)

config stage init stage final stage

Given the following bash script: #!/bin/bashdeclare -i count=5until [ $count -lt 3 ]doecho count $countcount=count-1done Which of the following shows the output from this script?

count 5 count 4 count 3

Removing unnecessary software increases the security of your Linux system. If your system uses RPM for package management, what can you enter at the command prompt to look for unnecessary software that might be installed on your system?

dnf list installed

Anna, a technician, executed a command to display the contents of a file and received the output. [user@linux ~]$ cat myfile.txtat: myfile.txt: No such file or directory Which of the following commands would Anna enter to find out the exit code that was returned by this command?

echo $?

You have used su to switch to the root user account to do system administration tasks. Now you want to revert back to your regular user account. Which command should you use?

exit

A script developer is working on some new features for the administering Linux servers and wants to add the features without changing the master branch. Which of the following is the BEST command to use?

git branch

A technician wants to obtain the ABRT repository from a git online service. Which of the following commands should be used?

git clone [email protected]:abrt/abrt.git

Which of the following is the BEST command for initializing a new Git repository?

git init

Which of the following is the BEST command for showing the commit history of a repository?

git log

When a Git repository is created using git init, Git creates a directory named .git. This directory contains all the information necessary for that repository to work correctly. Which of the following directories contain the scripts that are run during each Git phase?

hooks

Your site is dependent upon the use of the rlogin utility for remote access. For security reasons, you want to prevent the hosts in the marketing department from accessing the payroll server, but allow all others to do so. Which of the following files should you use to create this restriction?

hosts.deny

Which keys are generated when you execute the ssh-keygen command with no options? (Select TWO.)

id_rsa id_rsa.pub

Given the following bash script, #!/bin/bashfor i in $(ls)doecho item: $idone Which of the following shows possible output if the script is executed from Bill's home directory?

item: Desktop item: Documents item: Downloads

Which of the following is an open-source application programming interface (API) that's used for creating, monitoring, migrating, starting, and stopping virtual machines?

libvirt

Which of the following are three popular toolsets Linux-based hypervisors use to manage virtual machines? (Select THREE).

libvirt virsh vmm

Which of the following statements is true about the command myscript < mydata.txt?

myscript receives input (stdin) from mydata.txt.

What should you enter at the command prompt to display both listening and non-listening sockets on your Linux system?

netstat -a

You need to increase the security of your Linux system by finding and closing open ports. Which of the following commands should you use to locate open ports?

nmap

What should you enter at the command prompt to scan for open TCP ports on your Linux system?

nmap -sT

You want to change the port that SSH listens on. You are going to edit the /etc/ssh/sshd_config file. Which line, when added to the file, will change the listening port to 1066?

port 1066

You are limiting the total amount of memory a user can take up when they use the X Windows System. Which of the following limit keywords should you use?

rss

Which of the following is the BEST command for viewing SELinux errors?

sealert

You are a network administrator for your company. A user calls to complain that his Firefox browser is not working as it did the day before. Knowing that you recently updated the SELinux profile for Firefox, you suspect the change you made is causing the issue. You want to troubleshoot the issue by switching the profile to permissive mode. Which of the following is the BEST command to use in this situation?

setenforce

What is the full path and filename of the file you should edit to configure the SSH daemon on the server system?

/etc/ssh/sshd_config

AppArmor has been installed on your computer. Which of the following directories contain your AppArmor profiles?

/etc/apparmor.d/

The root user attempted to log in to the system using tty and was denied access. The pam_securetty module uses a configuration file to determine which virtual terminals (tty#) that root is allowed to log in from. Which of the following files would the root user check to see which terminals are permitted?

/etc/securetty

What is the full path and filename of the file you should edit to limit the amount of concurrent logins for a specific user?

/etc/security/limits.conf

You need to configure which commands are allowed to be used with the sudo command. What is the full path and filename of the file you should edit?

/etc/sudoers

Sam, a system administrator, is implementing measures to harden the Linux systems on the network. Sam wants to modify kernel parameters at runtime to protect the system from syn flood attacks using the sysctl command. Which file would Sam modify to implement the following changes? # TCP SYN Flood Protectionnet.ipv4.tcp_syncookies = 1net.ipv4.tcp_max_syn_backlog = 2048net.ipv4.tcp_synack_retries = 3

/etc/sysctl.conf

After installing Git and before the first commit is made, the user.name and user.email properties need to be configured. Which of the following commands are used to configure these properties?

git config

Which of the following is a pair of virtual character devices that provide a bidirectional communication channel? (One end of the channel is called the master; the other end is called the slave.)

pseudo-terminal (pty)

Which of the following commands deletes a variable?

unset

Which of the following is a function of a virtual network switch?

Connects the VMs virtual NIC and the host's physical NIC.

Anaconda is an installation program that's used by Fedora, RHEL, and other distributions. Which of the following does Anaconda perform? (Select THREE.)

Creates a file system. Identifies the computer's hardware. Provides a user interface with guided installation steps.

Which of the following Linux bridge modes is the default?

NAT

Which of the following is the super daemon that is most commonly found in modern Linux distributions?

xinetd

You are working with a bash script, and there are multiple variables being used. Which of the following commands can be used to determine which commands are environment variables and which are shell variables? (Choose TWO).

set printenv

Which of the following describes Infrastructure as Code (IaC)?

The process of managing and provisioning computer data centers.

You are running AppArmor on your system. Which of the following commands will show all of the processes from the /proc filesystem with TCP or UDP ports that are not protected by AppArmor profiles?

aa-unconfined --paranoid

Cindy, a technician, created a perl script named server-info.pl that used for gathering server information. Cindy wants to add the file to the repository and has executed the command git add server-info.pl. Which of the following commands should she execute NEXT?

git commit -m "Adding server-info.pl script"

Which of the following is the BEST command used to join a branch to a master?

git merge

What do you enter at the command prompt to edit the /etc/sudoers file?

visudo

You need to block all users from logging in to the Linux system while you resolve a serious issue. You first need to force all active users to logout. Which command should you enter to display a list of all active users?

w

You want to allow any host from westsim.com to have access to your system except a system called testsvr.westsim.com. Which of the following line items would you add to the /etc/hosts.allow file to accomplish this task?

ALL: .westsim.com EXCEPT testsvr.westsim.com

You manage a Linux server that occasionally needs to provide ftp services at irregular intervals. To save on resources, you want to have the ftp server service running only when it is needed, and stopped the rest of the time. Which of the following solutions would satisfy these requirements and require the LEAST amount of effort?

Enable the ftp service to be managed by the xinetd service.

You want to limit Telnet access to three specific users. Which of the following strategies will BEST accomplish this goal?

Enter IP address entries for the three users in the /etc/hosts.allow file.

When configuring the SSH daemon using the /etc/ssh/sshd_config file, which options can be set to either prevent or allow unrestricted access to all GUI features on the client? (Select TWO).

ForwardX11Trusted X11Forwarding

Carlos, a system administrator, needs to set up a VPN tunnel from a branch office to the main office. Data security is a high priority. Which of the following will allow the IP packets to be encrypted and encapsulated in a new IP header that is sent through the VPN tunnel?

IPSec

Which of the following are multifactor authentication supported by Linux? (Select THREE.)

Iris pattern Fingerprint One-time password (OTP)

What effect does the ulimit -t 600 command have on a Linux system?

Limits CPU time for a process to 10 minutes.

You are the only Linux administrator for a very small company. You are constantly asked to fix one problem or another as they occur. Which of the following is the BEST way to log into the system each morning?

Log in as a regular user and then use su as needed to solve problems.

What is the name of the hash function used to verify the public key for an SSH connection?

MD5

You want to enable public key authentication on the server. Which option in the /etc/ssh/sshd_config file needs to be set?

PubkeyAuthentication yes

Which of the following technologies can used to set up passwordless SSH logins by distributing a server SSH certificate?

Public key infrastructure (PKI)

Which of the following industry-standard management systems can be used by agentless orchestration? (Choose FOUR).

SSH CIM SNMP WMI and WInRM

Which version of SSH supports the Rivest, Shamir Adleman (RSA), and Digital Signature Algorithm (DSA) encryption standards?

SSH2

Which of the following virtual private networks (VPNs) utilizes digital certificates to ensure that only the intended recipients can view and use the data sent?

SSL/TLS

A system was installed by an employee that is no longer with the company, and that employee used a non-standard root password that was not documented. Which mode must you boot the system into to reset the lost root password?

Single user mode

Given the following bash script: #!/bin/bashmynumber=5guess=0echo -e "I am thinking of a number from 1 to 10\n"read -p "Enter guess: " guessif (( guess == mynumber ))thenecho "That is correct!"elif (( guess != mynumber )); thenecho "Sorry, that is not my number!"fi Which of the following would be displayed if the number 12 is entered as the guess?

Sorry, that is not my number!

There are three types of virtualization environments. Match the virtualization type on the left with the description on the right. Virtualization types may be used more than once.

The virtual machine completely simulates a physical computer system. Full virtualization Operating systems do not need modification to run within virtual machines. Full virtualization Only some of the components of a virtual machine are virtualized. Partial virtualization Handles some of the virtualization processing the hypervisor would normally perform. Hardware-Assisted Virtualization

Given the following bash script, what is the output if the user enters Kali? #!/bin/bashecho 'Which Linux distribution do you like? 'read distro case $distro inubuntu)echo "Ubuntu is based on Debian.";;centos|rhel)echo "CentOS and RHEL are RPM based distributions.";;windows)echo "That is not a Linux distribution.";;*)echo "This is an unknown Linux Distribution.";;esac

This is an unknown Linux distribution.

What is the purpose of the -N option in the following command? ssh -f -N -L 2345:mail.mydomain.com:110 [email protected]

To ensure that SSH does not execute a remote command.

Which of the following is a key difference between VPN tunnel and transport modes?

With transport mode, only the payload of the IP packet is encrypted, and the original IP headers are left intact.

Your computer is using AppArmor. Which of the following commands is BEST to use for troubleshooting an AppArmor profile?

aa-complain

You have just started protecting your computer while running Firefox using AppArmor. After a short time, employees start to complain that some of the features they use frequently are no longer functioning. After a quick check, you discover that these features should be working and decide not to protect Firefox anymore. Which of the following is the BEST command to quickly stop protecting Firefox?

aa-disable /etc/apparmor.d/usr.bin.firefox

You are writing a bash script that lists the contents of a file. You would like to have any stderr messages sent to a file. Which of the following commands will write the error message to a file?

cat projects 2> projects.err

Troy, a system administrator, created a script to automate some daily administrative tasks. Which of the following commands would make Troy's script, /scripts/dailytasks, executable by everyone, but writable only by its owner?

chmod u=rwx,go=rx /scripts/dailytasks

While writing a shell script, you want to perform some arithmetic operations. Which of the following commands is used to create an integer variable?

declare -i variablename

A script named myscript contains the following command line: echo $1 $2 $3 The following command is typed in an interactive shell. myscript dog cat bird frog Which of the following will be displayed in the interactive shell?

dog cat bird

Alberto, a system administrator, is working with another system administrator, Leroy, to update the bash scripts used on various servers. The bash scripts are stored in a Git repository. Alberto updated a script that may have also been updated by Leroy. Which of the following commands SHOULD Alberto execute before he commits his changes to the repository?

git pull

Lydia, a developer, recently made changes to some files and wants to update the changes on the master branch. Which of the following is the BEST command to use for this purpose?

git push

Given the following command sequence: echo 'blue orange green brown' | while read a b c d; do echo output: $b $c $a $d; done Which of the following is the correct output?

output: orange green blue brown

You were recently asked to manage the SELinux implementation at your company. Since you are still coming up to speed on this technology, you have not yet mastered the process of creating or making major changes to SELinux policies. However, an employee has just called you complaining that they don't seem to be able to accomplish a task with a particular application. After scanning through the SELinux policy for that application, you notice that there is a method that can be used to enable the desired function. Which of the following is the BEST command for enabling that feature without editing the policy?

setsebool

Which daemon, or service, provides port tunneling to encrypt non-secure protocols such as email and X server traffic?

ssh

You are configuring public key authentication on your client system. Which command enables the passphrase agent?

ssh-agent bash

When using DSA to establish an SSH session, what is the name of the key that the SSH server will send to the client? (Enter the name of the key only.)

ssh_host_dsa_key.pub

Which of the following public keys is sent from the SSH server to the SSH client when they are in the process of establishing a session with the SSH1 protocol?

ssh_host_key.pub

PAM is configured on your system to look for the presence of the nologin file in the /etc directory. If the nologin file exists, user login is disabled, and only the root user can log in. If your current working directory is root's home directory, which command would you enter to quickly create an empty nologin file in the /etc directory?

touch /etc/nologin


Ensembles d'études connexes

Real Estate License Exam Review 22

View Set

Entrepreneurial Small Business Ch.1

View Set

Chapter 13 Quizzes (All MC options)

View Set