Exam Review
What command would we use to mount a CD ROM?
"mount /root/install.iso -o ro,loop /media" specifying loop so it is continuously read
What are some examples of filesystem independent mount options
"rw, noexec" which means the filesystem is readable/writable but not executable
What does SELinux permissive mode do? How do we set it?
"setenforce 0" will log exceptions but does not perform denials
What character do you need to put in /etc/sudoers when specifying a group?
%
If we wanted to recover a lost password, what key would we hit at the GRUB boot menu
'e'
Where are X-Server configurations found?
- /etc/X11/xorg.conf - /etc/X11/xorg.conf.d
Where are .so files found in linux?
- /lib - /usr/lib(64) - /usr/local/lib - /usr/share
Describe the 3 main locations for systemd unit files.
- /usr/lib/systemd/system - provided by package installations - /etc/systemd/system - place where unit files are edited and override original files on system - /run/systemd/system - contains runtime unit files
What are the two types of Systemd timers and what parameters does each have?
- Monotonic (OnBootSec,OnActiveSec) - Realtime (OnCalendar)
What three steps do you have to take after creating a systemd job and placing the files in /etc/systemd/system ?
- Reload the daemon with "systemctl daemon-reload" - Enable the services to run at boot with "systemctl enable ..." for the .timer and .service - Start the services with "systemctl start..."
What does a .rpm package contain?
- The application or utility - Default config files - How and where to install the files that come with the package - listing of deopendencies package requires
What are the two main methods of creating a custom unit file?
- copying an existing unit file from /etc/lib64/systemd/system to /etc/systemd/system and editing the file - Creating a directory within /etc/systemd/system and then creating a unit file to edit and put in the directory.
Once we install the "at" package, how do we enable and start it?
- systemctl start atd.service - systemctl enable atd.service
What is the highest "nice" value?
-20
What do the following switches do for tar: -c, -f, -t, -x ?
-c tells us we are CREATING an archive, -f tells tar we are createing a name for our archive, -t informs tar we want to see the contents of the tarball, -x opens the tarball back up and copies everything inside the archive back to filesystem
Which flag for grep makes character regexes case insensitive?
-i
What switch would we use in "tar" to utilize bzip2 for compression?
-j
Which flag is added to dracut to specify modules we don't want to add to the initial RAM disk?
-o, for example dracut -o "fcoe-uefi" -M -f where: - f creates new initial ram disk with the same name as the one we have installed - M allows us to see the modules we are using
What switch tells tar we are going to compress an archive using gzip?
-z
What file extension is used for statically linked libraries?
.a
Which file does .bash_profile call?
.bashrc, which then makes a call to /etc/bashrc
What corresponding file do you need for a .timer file?
.service file
What two files are needed to create a systemd service job?
.timer and .service file, each of which must have the same name.
After we login to some machine using ssh, where will we see a new entry?
/.ssh/known_hosts
Where does "apt" read sources from?
/etc/apt/sources.list
Where would we modify the umask for the entire system?
/etc/bashrc
Which directory contains cron jobs for the whole system?
/etc/cron.d
Which configuration file is references by useradd command? What sort of things does this file contain?
/etc/default/useradd GROUPID, HOME (users home dir), INACTIVE (value of -1 indicates user's account not disabled if expired), EXPIRE
If we wanted to create a configuration file for dracut to omit modules for us automatically, where would it go?
/etc/dracut.conf.d
If you verified that a device is connected in /sys but you're still having issues, what should you check?
/etc/fstab for incorrect information and typos
Where does the "init" program read configuration settings?
/etc/inittab
Which file does the ldd command look at?
/etc/ld.so.conf
Which directory contains configuration for log files?
/etc/logrotate.d
Which file is used to display a message on the console when someone attempts to login with an account that is using /sbin/nologin?
/etc/nologin
Which file sets up system wide environment variables, umask values, bash history controls and is the first file read on a login session?
/etc/profile
Which directory contains extra script config files for bash which are read in by /etc/profile?
/etc/profile.d
Where is remote logging configured?
/etc/rsyslog.conf
Where are SELinux policy files located?
/etc/selinux
When a service starts and it binds to a port, where is this port binding information located?
/etc/services
The encrypted passwords for users on the system are located in what file?
/etc/shadow
Which directory contains encrypted paswords for accounts listed in /etc/passwd?
/etc/shadow
Which directory contains items that will automatically be added to a user's home directory when their account is created?
/etc/skel
Where is the journalctl daemon configured at?
/etc/systemd/journald.conf
What is the location of the unit files for systemd that are safe to be edited by system admins?
/etc/systemd/system
Where do systemd .timer and .service files go?
/etc/systemd/system
When the kernel boot up process uses systemd, what is /sbin/init symbolically linked to?
/lib/systemd/systemd
In which directory are hard drives accessed?
/mnt
List two "pseudo" filesystems. What do they contain?
/proc which contains processes running on the system and /sys which contains system info about kernel modules and hardware
Which file contains the number of seconds a system will wait before rebooting to recover from a kernel panic?
/proc/sys/kernel/panic
In which directory are sysadmin tools located?
/sbin
Which shell is given to a service account? What command would be used to modify the shell for service account called projectx?
/sbin/nologin usermod -s /sbin/nologin projectx
What file needs to be edited to change the IO Scheduler mode?
/sys/block/sda/queue/scheduler
What is the location of the unit files provided by the package installation for systemd?
/usr/lib/systemd/system
If you have a shell script that is associated with a systemd job, where should it be placed?
/usr/local/sbin
Where is the RPM database located?
/var/lib/rpm
Where do authentication attempts get logged at?
/var/log/auth.log
A user is having an issue logging in and you are wanting to troubleshoot. Which log file would you inspect to see the authentication error message?
/var/log/secure
Where can we get logs with information about authentication on some machine?
/var/log/secure
What are the trusted ports?
0 - 1023
For RFC 1918 Class A, what is the range and number of hosts?
1 - 126; 16,777,214
What are the ports for SNMP over TLS?
10161, 10162
What is the local loopback address for anything that uses the ICP/IP protocol?
127.0.0.1/8
For RFC 1918 Class B, what is the range and number of hosts?
128 - 191; 65,534
For RFC 1918 Class C, what is the range and number of hosts?
192 - 223; 254
What are the file handles associated with the following: standard error, standard in, standard out?
2, 0, 1
For RFC 1918 Class D, what is the range and number of hosts?
224 - 239; Reserved for multicast
For RFC 1918 Class E, what is the range and number of hosts?
240 - 254; Reserved for future use or research + development
What is the subnet mask for class A networks?
255.0.0.0/8
What is the subnet mask for class B networks?
255.255.0.0/16
What is the subnet mask for class C networks?
255.255.255.0/24
What are the default permissions for files?
666
What are the default permissions for directories?
777
If the umask is 0002, what would the default permissions for directories become?
777 -> 775
What is the partition ID for linux swap partitions?
82
What is the partition ID for the standard linux filesystem?
83
What is the partition ID for Linux LVM volumes?
8e
What ends a case statement in a bash script?
;;
How would we create a bridged connection interface? How would we then assign network interfaces to the bridge?
> brctl addbr br0 > brctl addif br0 veth0
What two commands are used to make sure you have enough space free and make sure you have enough inodes?
> df -h > df -i
How would we put swap space on /dev/sdb1?
> mkswap -c /dev/sdb1 > swapon /dev/sdb1
Type the two commands you'd use to archive and restore some tar.
> tar -cvf backup.tar > tar -xvf backup.tar
What can we use to redirect standard error?
>&2
What symbol is used in file globbing to match a single character? How would you use this to find a .txt file with 4 characters?
?; ????.txt
What is the yellowdog updater?
A package installed for RHEL, CentOS, and older Fedora that handles RPM package dependencies.
What is a unit file?
A unit is an object that systemd can control, and a unit file describes how it interacts with that unit.
What is a symbolic link?
Acts as shortcuts files or folders on other operating systems. It's like an alias.
What does the lpd toolset do?
Adds/removes printers, enables and disables them, manages print jobs.
What distinguishes agent vs. agentless scenarios?
Agentless management requires no software installed on target machine. Agent management requires software to be installed on the target machine with elevated privilege.
What does the xauth command do?
Allows a user to edit and view security information that grants a user the ability to control remote X11 client windows.
What is an inode?
An inode contains information about the file or folder, such as ownership and permissions.
What is the xhost command?
An older/insecure method of allowing client systems the ability to display remote X11 windows.
What is an example of agentless software and agent software?
Ansible is agentless. Puppet uses agent management.
How do you differentiate automation and orchestration?
Automation is the steps taken to build infrastructure. Orchestration is the management of automation to achieve a deployed infrastructure.
What packages provide DNS?
BIND, dnsmasq, Unbound
What is the name of the boot process that allows a client to mount a network share as its root file system?
Boot from NFS. In the Pre-Execution Environment, or PXE boot, the client machine searches for a server machine from which to download the boot image over the trivial file transfer protocol.
What is the memory referred to that is assigned to a swap device and is used to cache filesystem data?
Buffer
What class would the following IP address belong to: 10.0.0.10
Class A
What class would a network belong to that contains 192 ?
Class C
How can you tell if you're in a login shell or non-login shell?
Command: echo $0, if it returns -bash you're in a login shell
What is rsync used for? What is it implemented over.
Copying files to remote and local filesystems; ssh or the rsyncd daemon.
What is the X11 system?
Core display server that provides protocol service for the X window system.
What's the best way to prevent the "out of memory killer" from going through processes it doesn't need and killing them?
Create swap space and offload memory there.
Describe the IEEE 802.3ad policy network bonding mode.
Creates aggregation groups for which included interfaces share the speed and duplex settings. Set this mode on server, and on switch, the ports understand they're working with this policy.
What is the difference between "cron" and "at"?
Cron is for recurring jobs while at is used for one-off jobs to be run.
In networked systems, what is the name of the protocol used to dynamically assign IP addresses to network interfaces?
DHCP
Which package installer is used on Fedora linux?
DNF
What is the name of the system used to resolve IP addresses to hostnames?
DNS
What can you use instead of OpenVPN?
DTLS, Datagram Transport Layer Security, which uses UDP and has less latency.
What components does infrastructure as code include?
Deploying new assets, configuring assets, deploying and managing applications + databases, deploying and managing monitoring and patching.
What are two good examples of infrastructure as code?
Docker and Vagrant
Explain the IO Scheduler "noop" mode.
Doesn't sort the requests. When you're using non-volatile RAM, you want to use noop since it doesn't slow things down.
List some things you should do when designing secure systems.
Don't use shared IDs. Use a chrooted jail. Separate application from OS data using disk partitions. Discourage USB devices. Use disk encryption. Disable ctrl+alt+del. Add banners.
List 3 'journaling' file systems? Which one is not a journaling file system?
EXT3, XFS, EXT4 EXT2
Explain the IO Scheduler "[cfq]" mode.
Each process gets its own time slice and the scheduler looks at each time slice. This is a round robin approach.
How would we allow the IP addresses {3.17.167.1, 172.31.100.21} to ssh into our system and deny all others?
Edit /etc/hosts.allow to have the line "sshd : 3.17.167.1,172.31.100.21" and edit /etc/hosts.deny to have "sshd : ALL"
After creating a swap partition, it disappears when the system is powered off. What do we need to do to have it persist?
Edit the /etc/fstab file
What can inventory reports be used for?
Ensures that the commands run on the machines in a system infrastructure are the correct ones.
How can you differentiate between shell variables and environment variables?
Env variables are uppercase. Shell are not. Shell variables are set on each child. Environment variables are set on the workspace and the children inherit from these parents.
How do we list processes in current shell only?
Execute "ps" without any flags.
What partition does EFI need to use?
FAT, or VFAT on a linux system
Why are multiple routes to storage devices created?
For redundancy. If the route selected fails, the multipath daemon finds anothe route to the host and monitors previous route so when it comes back up, it adds it again to the rotation.
Which desktops do GTK+ include?
GNOME and XFCE
What is an HBA? Where does it go?
Host Bus Adapter - hardware device that interfaces with external or internal devices. Also serves as a storage adapter. It clicks into the motherboard.
What did SATA replace?
IDE (Integrated Device Electronics)
What is a broadcast address? How do you identify it?
IP addr. used to broadcast messages to all hosts on a particular network. The last octet is 255. Ex) 192.168.0.255 is the broadcast addr. for 192.168.0.0/24
How does transport mode differ from tunnel mode?
In transport mode, data is encrypted, but headers are not encrypted. In tunnel mode, both headers and the data are encrypted. Transport mode is used in remote access VPNs. Tunnel mode is used in site to site VPNs.
What are two reasons infrastructure as code might be important?
Infrastructure resilience and ability to be stable when a hardware issue occurs. Also useful for scaling out when more resources are needed.
How do init and upstart differ from systemd?
Init and upstart rely on bash shell scripts/ systemd does not.
What are exit codes?
Integers that get passed back to the parent when a process has completed.
Describe the two main types of shell environments we need to be aware of.
Interactive login shell - created when you log into a console or when you login remotely via SSH. Interactive non-login shell - created when a terminal application such as GNOME terminal is started.
What is the purpose of single user mode?
It allows passwordless access as the root user so that emergency maintenance can be performed on the system.
What happens when you kill a process?
It also kills all of the children processes.
What is contained in the /etc/fstab file?
It contains the list of mount points and their locations and is used as a reference for automounting file systems.
In system logging via rsyslog, what is the purpose of a third-party agent?
It converts the native logging format to one that can be read on the rsyslog server.
Why is xargs faster than -exec?
It creates sublists and gives the ability to act on all files in one fell swoop.
What does RFC 1918 describe?
It describes the 5 ranges that determine how many hosts are available within each class?
What is the purpose of the $PATH variable?
It is a list of locations that are searched for executable files.
What is the purpose of a load balancer?
It is placed in front of servers to allow them to be used together, and provides fault tolerance in the event one of the servers goes offline.
What is the purpose of the ssh-copy-id command?
It is used to copy a user's keys over to a remote server, thus "keying" the server.
What is the purpose of the command lsof?
It lists all of the open files on a system.
What happens if you make changes to the symbolic link?
It modifies the original file.
How does a stateless firewall work?
It provides single packet filtering and no introspection. It doesn't know about the packet in front of it or behind it. Simply accepts IPs from a certain range and sends it to some destination.
What is displayed when we run the ls -Z command?
It shows the SELinux related information about the files in the current directory.
What is CPIO and how does it work?
It's a utility used to create archive files and can take stdin. For example we can do "ls | cpio -ov archive.cpio"
What layer is VPN using SSL/TLS on?
It's on the application layer. It is application dependent because it is two applications talking to one another.
What desktop does Qt based have?
KDE
What line would we add in /etc/fstab to mount /dev/sdb1 to /opt?
LABEL=opt /opt ext4 defaults 1 2
What layer is IPSec in?
Layer 3. Not application dependent.
Which layer do application layer firewalls operate at?
Layer 7.
When installing a new CUPS print server, you are attempting to access the management console from the server itself, what is the correct URI?
Localhost:631 or 127.0.0.1:631
What does /opt contain?
Location used for optional software for 3rd party vendors.
What is located in the /var directory?
Log files
What sort of levels of niceness should a cron job be operating at?
Lower levels
What are the differences between MBR (Master Boot Record) and GPT (GUID Partition Tables)
MBR supported 26 total partitions and was limited to 2TB. GPT ssupports 128 partitions, and supports up to a zettabyte. GPT also contains EUFI which prevents unauthorized operating systems from booting up the system.
Give an example of MFA.
MFA is comprised of a minimum of two factors: something you know (password), something you have (token), something you are (biometrics)
What might be the issue if you can't delete a folder in your home directory?
Might be directory above you. Run "lsattr ../" and see if it has an immutable flag.
What is RAID1?
Mirroring
Which of the following are reasons to use configuration management? Select 3
Monitoring, Patch management, Inventory Management
List the two types of timer units and their paramters
Monotonic (OnBootSec,OnActiveSec) and Realtime (OnCalendar)
What is the configuration that treats two or more network interfaces as a single network interface?
Network bonding
What is nmcli?
NetworkManager command line interface, used for configuring network devices and their connection settings.
When running "ps -l", what does NI stand for?
Nice - it's the priority of the process where a lower value is higher priority.
What does init level 5 do?
No remote filesystems, multiple users can login, and a graphical desktop is running.
What does init level 3 do?
No remote filesystems, multiple users can login.
What does init level 2 do?
No remote filesystems, no networking, but multiple users can login.
What needs to be inside of the [Timer] section of a .timer file?
OnCalendar (has the time in format *-*-* 23:00:00 for example), Persistent (boolean), and Unit (the associated .service file)
What is the purpose of the partprobe command?
Once a new partition is created, the partprobe command is used to update the kernel with the new partition information.
By default, on a system that uses a BIOS, how do you access the GRUB boot options menu?
Once the system post has completed, and before the OS loads, hold down the shift key.
How does incremental backup work?
Only the changes since the last incremental backup are taken. Restoration involves restoring the full backup and then incrementing it forward to the latest change set.
Which PID corresponds to user space? How about kernel space?
PID1 and corresponding children processes are "user-space". PID2 and corresponding child processes are "kernel-space".
What is the process ID for systemd and when does it start?
PID1, which starts after the kernel finishes booting.
Which is better when it comes to securing systems: password authencation or PKI?
PKI
What is PAM?
Pluggable Authentication Module - common authentication mechanism on linux system with a single configuration location.
What is server clustering?
Practice of running more that one server that is configured to provide the same service so if one fails the other can continue to provide it.
What does DHCP do? What ports is it associated with?
Provides automatically assigned IP addresses to a client on a network; UDP 67,68
In the mount command, what does the -o flag allow for?
Provides filesystem independent mount options
List 3 X11 extensions.
RandR, GLX, Xinerama
Why is the "find" command computationally expensive?
Relies on CPU usage extensively instead of an external database since it searches through computer each time you use it.
What is RADIUS?
Remote Access Dial-In User Service. Internet protocol that provides authentication, authorization, and accounting services. It provides a central source for AAA services.
What is Wayland? What is the backwards compatibility tool for it?
Replacement for X windows system. XWayland.
What things would you want to check when troubleshooting firewall issues?
Restrictive ACLs, blocked ports, and blocked protocols.
What does init level 1 do?
Root user is the only user allowed to login to this system.
What is the difference between a privileged and a non-privileged port?
Running services on privileged ports requires root privileges.
Which packages provide monitoring services?
SNMP, Nagios, Munin, Zabbix, Monit
Which packages provide file server services?
Samba, NFS
What does the egrep command do? What is it equivalent to?
Searches a specified file line by line, returning lines that contain a pattern matching a given regular expression. Grep -E.
Describe the XOR Policy network bonding mode.
Selects an interface to transmit packages to based on the result of an XOR operation.
What packages provide email server services?
Sendmail, Postfix, Dovecot
What does D-bus do?
Sends data messages between applications, a conduit of information about what is going on in the system. Used to notify users when new hardware is attached.
What is the purpose of a systemd target?
Serves as a unit that syncs other units when the computer boots or changes state.
What sort of accounts have /sbin/nologin?
Service accoutns created for applications.
Describe the active-backup policy network bonding mode.
Sets all interfaces to the backup state while one remains active. If the active goes down, another is taken from the backup state.
What does the redhat service tool "chkconfig" do?
Sets queries and runlevel settings for services
What is ksh?
Shell based on bourne shell, with some features of the C shell added.
What is zsh?
Shell which includes elements of the bash and Korn shells.
What is nohup?
Some command preceded by this one receives a signal of 1 (NOHUP), so that if the terminal window closes, the process will still run as the login session is not terminated.
What it a network mask?
Something that defines the logical network, or subnet, that indicates the start and end of IP addresses.
Which 4 things are ACL filters based on?
Source IP, destination IP, source and destination port TCP/UDP, and the protocol TCP/UDP
Which of the following are part of a Firewall ACL (Access Control List)? Choose three.
Source, Protocol, Destination
Which packages provide proxy server services?
Squid, Varnish, Apache, Nginx
What is the difference between a standard user and a service user?
Standard users have login shells, while service users are only to be used for services. They do not have login shells.
What is RAID0?
Striping
What is SSSD?
System Security Services Daemon provides access to local or networked identity and authentication stores. Used for caching credentials.
What is the port for POP3?
TCP 110
What are the ports for Samba?
TCP 137,445
What is the port for IMAP?
TCP 143
What is the port for SMTP?
TCP 25
What is the port for MySQL?
TCP 3306
List the ports for LDAP/LDAPS.
TCP 389; TCP 636
What is the port associated with certificate authority servers?
TCP 443
What is the port for PostgreSQL?
TCP 5432
What is the port for CUPS?
TCP 631
What is the port for secure syslog?
TCP 6514
What is TCP? What is UDP?
TCP is the method by which all transactions between IPv4 and IPv6 take place. Relies on a send and acknowledgement system. UDP (user datagram protocol) - a stateless connection between hosts, so there is no "acknowledgement" portion. In other words, data packets are sent to a destination without any verification they were received. Less overhead, but less reliable.
What are the ports for NFS?
TCP/UDP 111,2049
In automated configuration management, what do the target and master servers contain?
Target server has the files to be tracked. Master server contains the manifests for the tracked files.
What is TACACS? How does it differ from RADIUS?
Terminal Access Controller Access-Control System provides AAA services, but it scalable and more secure than RADIUS.
What happens if we try to copy a file to a location and it has the same file name?
The copy command won't let us perform the operation.
In git, what does HEAD point to?
The current directory of the branch you're in.
If you have free space and have not exceeded the inode count, what might be the issue when trying to create a file?
The directory is immutable.
What do you need to make sure is done before running the "fsck" utility on a drive?
The drive needs to be unmounted first.
What is the "fsck" command and at what location is it configured?
The filesystem check utility. Configured in /etc/fstab.
On a system with four CPUs, what percentage of total CPU is being used with a load average of 1.00?
The load average is divided among the CPUs. In this case only one of the CPUs is being loaded to 100% and so the actual CPU usage is 25%.
What information is displayed by issuing the free command?
The memory usage on the system, both free memory and memory in use
What does infrastructure as code refer to?
The process by which all of the objects on an infrastructure are described in code in such a way that they can be reproduced by running that code.
What is the purpose of a pseudoterminal?
The pseudoterminal is terminal emulation that is provided to programs.
In an SELinux AVC log error, what two things should you check to see if they align?
The scontext (source context) and the tcontext (target context)
Which of the following is a benefit of infrastructure as code? Select 2
The state of the infrastructure can be checked in to SCM for versioning and tracking. When load exceeds resources, more resources can be deployed from the code base that are the same as the existing resources.
In a systemd .unit file, what does "Requires" variable have?
The unit that is activated, in the form of a .target file.
What might be the issue if we can't run basic commands such as "ls" and "clear" ?
The user might have added something to their PATH variable, but it is incorrect/they didn't put the whole path.
A junior administrator has installed an Apache web server on one of your RHEL instances. The administrator cannot get the Apache instance to log errors. You check into the issue and run ausearch with the following result: type=AVC msg=audit(1455805464.059:137): avc: denied { append } for pid=3128 comm="httpd" name="error_log" dev="sdb1" ino=31221 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0 What is the most likely cause?
There is a type mismatch on the source and target contexts. The target context is most likely the issue, since it is not in the httpd_ t context.
If there is space left on the device, but you apparently can't create another file, what might be the problem?
There may not be enough inodes. Increase space.
What are advantages and disadvantages to incremental backups?
These backups are faster, but restoration is more complicated.
What are advantages and disadvantages of differential backups?
They are faster to create, but slow down as more and more differentials are taken since more backups needs to be restored since the last backup.
How to differential backups work?
They contain the changes since the last full backup occurred. Restoration involves restoring the full backup, and then the differential.
When looking at file permissions, what does an "s" in place of the "x" permission mean for a group?
This assigns group ownership to files and is useful for shared groups or directories.
What is the output of the following command? timedatectl
This command as written will output the current date and time settings for the system.
What is the sticky bit?
This is a "t" in place of the "x" in the "others" section of permissions and only allows the creator of a file to remove the file.
What is the access vector cache?
This is a cache of all denies/allows that SELinux has done.
Explain the IO Scheduler "deadline" mode.
This is a first in, first out mode that has both a read and write queue.
What is an ARP packet?
This is a packet that is used to resolve local network addresses.
What is a whois lookup?
This is a search for the IANA registration for a domain, it provides contact information for the domain administrator
What is meant by a chroot jail?
This is a technique which changes the effective root of the file system for a process or user so that the user or process can not traverse the directory tree above the new effective root.
What is umask?
This is the default masking value that gets taken away from the default permissions of files and directories in a system.
What is the purpose of the /etc/hosts file?
This is the local DNS look up location, and by default it is checked first for DNS names.
What is located in the directory /etc/cups/?
This is the location of the configuration files for the printing subsystem that are set using the interface located at http://localhost:631
What is network bonding?
This is the process of creating a single interface from multiple network interfaces.
What is signal 15? What is signal 9?
This is the sigterm signal, which is used by the "kill" command. This is the sigkill signal.
What is meant by "sourcing" a script?
This is using the source directive to include an external script file in the current script so that its variables and functions can be referenced.
What is the purpose of rotating the log files?
This prevents the logs from becoming too large to parse or archive, and it assists with searching the logs for entries if each log file encompasses a smaller time frame.
In the following octal notation, what are the effective permissions on this file: 0644
This represents read/write for the owner, read for the group, and read for other with no setuid, setgid or sticky bit set.
What is accomplished by the command: usermod -a -G wheel example
This will append the wheel group to the list of groups that example is a member of. The command will append (-a) the indicated group (-G wheel) to the groups that the user, in this case example, is a member of.
When issuing the userdel command, what is the function of the -r flag?
This will remove the user's home directory in addition to removing the users account.
What are the two ways a connection can get an IP address?
Through DHCP and static IP assignment
What port does NTP use?
UDP 123
What are the ports for SNMP?
UDP 161,162
What is the port for syslog?
UDP 514
Which of the following are firewall configuration tools? Choose three.
UFW, iptables, firewalld
In which section of the timer file do you put the corresponding .target file?
Under the [Install] section, you'd put it equal to the parameter "WantedBy"
What are the 3 sections that need to be present inside of a .timer file?
Unit, Timer, Install
What are the three sections of a systemd timer file?
Unit, Timer, and Install
How does upstart differ from init?
Upstart offers asynchoronous starting of services, which decreases bootup time.
After creating a physical volume group and mounting some directory to the physical drive, how would we update everything?
Use partprobe
What does init level 4 do?
Used in the case the admin wants to set up a custom environment.
What does "xargs" do?
Used to take the standard output of one command and use it as standard input on another.
What is DNS and what is the associated port?
Used to translate domain names into IP addresses; UDP/TCP 53
How can you create positional parameters inside of a script?
Using "set", for example, "set -- first1 second1 third1"
What 3 methods can we use to partition and isolate services?
Using a chroot jail for services, enforcing context permissions, ensuring logging is enabled.
How can we manage ACLs?
Using iptables
What is fgrep?
Utility that searches based on strings rather than patterns and uses file globbing instead of regular expressions.
What are server access issues typically caused by?
VPN
What does the free command do?
View used and available memory and swap space.
What is VNC?
Virtual Network Computing, enables remote computer to control the graphical display of a remote system.
How can we utilize ports to make a system more secure?
We can make sure that services are not running on their default ports.
How to we send TCP packets via the traceroute command?
We specify the -T flag
What file would we edit to allow only cloud_user to remotely login to a system?
We'd edit sshd_config and add the following: AllowUsers cloud_user
Which file would we edit to enable IP forwarding for IPv4?
We'd uncomment the line "net.ipv4.ip_forward=1" in sysctl.conf
How do you know you're using a stateful firewall?
When you see: RELATED,ESTABLISHED
What is a mount point?
When you take a partition or disk and mount it to a specific directory.
What does the dracut command do?
Will ceate a new initramfs for kernals on the system and can be used to add and remove modules and drivers from initramfs builds
If you try creating a file and get an error "disk quota exceeded", what might this mean?
You've exceeded the limit of files that can reside on the disk.
List the 5 states that a process can be in.
Zombie, Uninterruptible sleep, interruptible sleep, running, stopped/paused (T)
What would we use to search for some file that begins with either a capital or lowercase "p" and ends in an extension .csv?
[Pp]*.csv
In a bash script, what do we enclose conditionals inside of?
[]
What file globbing regex would match and of the characters of a file except these: a,b,c ?
[^abc]
What file globbing expression would we use to search for a file that has any of the three characters: a,b,c ?
[abc]
Which command shows us hardware addresses associated with certain IPs?
arp
How can we specify an "at" job that runs a script /root/program.sh at 10:15PM on October 8?
at -f /root/program.sh 10:15 PM Oct 8
How do we set up an "at" job with a specific time, say 4:00 AM tomorrow?
at 4:00 AM tomorrow rm /root/notes.txt
How would we make an "at" job that will run 5 minutes from now?
at now +5 minutes > echo "notes" > /root/notes.txt
What is the timer unit file meant to be a replacement for?
atd and cron systems
Once a set of procedures has been identified, what is the term for executing the procedures in a logical order?
automation is the logical ordering of procedures. Orchestration is the management of automated tasks.
How do we display a filesystem's UUID?
blkid
Which command extracts .bz2 compressed files?
bunzip2
Which command lists and modifies the aging parameters of a user's password?
chage
Using the chage command, which flag is used for setting the expiration?
chage -E 2019-01-01 bcalhoun
How can we change a directory attribute from immutable to mutable?
chattr -i ../example/
How would we use the chkconfig command to prevent the bluetooth command from starting at runlevel 3?
chkconfig --level 3 bluetooth off
How would you set the stuck bit on /srv/sticky with rwx permissions on all 3 sections?
chmod 1777 /srv/sticky
What does the "modprobe" command do?
command used to dynamically load and unload kernal modules at runtime. -r removes a module, no argument when adding a module
What does /etc/resolv.conf contain?
contains the IP address of DNS name servers that the host will use for name resolution. For example, if you go to google.com. linux first checks if it's in /etc/hosts or /etc/hostname, and then since it's not in there, it uses DNS name server.
How do we view and edit a user's cron table file?
crontab
How do we remove a crontab file for the user Kenny?
crontab -r -u Kenny
How would we use the "dd" command to back up the master boot record /dev/xvda of size 512 bytes?
dd if=/dev/xvda of=/tmp/mbr.img bs=512 count=1
How would we use the "dd" command to put boot.img on /dev/sdc?
dd if=boot.img of=/dev/sdc
Which of the following are archive and restore utilities? Select three.
dd, cpio, tar
If something you're using on your machine has a TCP wrapper, where will it look to deny certain hosts?
deny.hosts
In the nmcli tool, what is meant by dev and what is meant by con?
dev is short for device and refers to the hardware that is on the computer. con refers to a network connection.
Which command shows us how much drive space there is?
df -h
Which services provide DHCP?
dhcpd, dnsmasq
Which command is used to query DNS servers for particular types of DNS records?
dig
What two command could we use to look at the A-record for google.com ?
dig or nslookup
What does the "uname" command do?
displays info about the currently running kernal. -m option is machine type and -a prints out all info about kernal
What does the "lsmod" command do?
displays listing of all currently loaded kernal modules
Using dpkg, how do we list out files installed for a specific package?
dpkg -L
What command is used for checking ext2, ext3, and ext4 filesystems? What command is used for creating ext2, ext3, and ext4 filesystems?
e2fsck, mke2fs
Describe the adaptive transmit load balancing policy policy network bonding mode.
ensures the outgoing traffic distribution is according to the load on each interface and that the current interface receives all incoming traffic. One interface receives all of the data.
Which command displays current environment variables?
env
What line would we add in the /etc/sudoers file so that user "example" could run "sudoedit" on "/etc/pam.d/password-auth-ac" ?
example ALL = sudoedit /etc/pam.d/password-auth-ac
What monitors servers and updates firewall rules to reject certain IP addresses?
fail2ban
Which legacy command is used to create partitions of MBR DOS type?
fdisk
Which 3 commands can be used to create a swap partition?
fdisk, gdisk, parted
What commands are used to put a job in the foreground or background?
fg, bg
What does /var contain?
files that vary in size, like log files and printer files
How would we find a file that has been modified within the last 24 hours?
find . -ctime 1
How would we use the "find" command to get rid of empty files?
find . -empty -type f -exec rm -f {};
Which of the following commands will search for the file exmaple.sh in the current directory, recursively?
find . -name example.sh The -name searches recursively
How do we look for a file called "mc.sh" in our current directory?
find . -name mc.sh
How would we use the "find" command to remove empty test files for us?
find test/ -empty | xargs rm -f
What would a "for" statement look like in a bash script if we wanted to iterate from 1 to 5?
for i in {1..5} do {SOMETHING} done
Which command is used to create the newer GPT partitions on a disk?
gdisk
What command would we use if we wanted to see which group has an id of 100?
getent group 100
Which command shows you the file access control list?
getfacl
Which grep regex searches the beginning of a line? How would we use this to return lines where the first 3 letters of 'rpc'?
grep ^rpc passwd
Which character searches the end of the line in a regex expression? How would we use this to print out any lines that contain "bash" at the end?
grep bash$ passwd
How would you use grep to search for a file where the first letter is g, the second is any character, and the third letter is m?
grep g.m
How would be change the "engineering" group ID from 1004 to 1100 ?
groupmod -g 1100 engineering
Which command is used to extract .gz files?
gunzip
In git, where do you store any scripts that need to be run when a commit is made?
hooks/
Which utility is used to convert files from one character encoding to another?
iconv
Which command shows you the TX and RX totals and the rates for each of them.
iftop
What does /sys contain?
information about the system's hardware and kernel modules. no process info listed here.
The temporary file system that is loaded at boot is called?
initrd or initial ramdisk / initial file system
What is ICMP? What uses it?
intended for networking equipment such as routers, network switches, firewalls, and other devices to send error messages between themselves. It's used by ping and traceroute
How would we redirect standard error from the script internet.sh to error.log?
internet.sh 2> error.log
How would we send standard error from internet.sh to standard out?
internet.sh 2>&1 | less
Which command is used to test disk latency?
ioping
How would we use the ip command to add the IP address 192.168.122.76/24 to the device ens11?
ip addr add 192.168.122.76/24 dev ens11
How can we take an interface called "ens11" down with the IP command?
ip link set ens11 down
How would we add ourselves to the IP set called 80_allow?
ipset add 80_allow <MY_IP>
Which command lets you look at the firewalls on linux?
iptables -nL
Which command is used to view the logs collected by systemd?
journalctl
List 4 common kerberos commands.
kinit (generates ticket), kpassword (sets kerberos password), klist (lists tickets user has), kdestroy (destroys current ticket)
Which command shows you who's logged in?
last
What is the purpose of the ldd command?
ldd prints the shared objects (shared libraries) required by each program or shared object specified on the command line.
How do you create a soft link?
ln -s
Which command searches a local database of files and folders looking for items that match the search criteria?
locate
How do we view all print queues?
lpq -a
What 3 commands can we use to display inode information?
ls -i; df -i; du --inodes
What command would be used to determine if a file is immutable?
lsattr
Which command do we use to view the contents of an initramfs file?
lsinitrd
Which command can tell us which process has which files open?
lsof
What command can we use to get information about our ethernet card?
lspci | grep -i ethernet
What commands do we use to display the following info: PCI devices, USB devices, system processor info, block devices?
lspci, lsusb, lscpu, lsblk
How would we greate a 9G logical colume on the volume group vg1?
lvcreate -n combined_vol -L 9G vg1
What command would we use to get the MD5 hash for some file?
md5sum
How would we create an ext4 file system with label SRV on /dev/sda1?
mkfs.ext4 -L SRV /dev/sda1
Which command is used to format a partition to be used as swap space? How do you create a label with it?
mkswap; use the -L flag
Which command is used to inspect packet drop/timeout?
mtr
What is the daemon that monitors paths, marks fails, and reactivates paths?
multipathd
How would we use the netstat command to see if a server is listening to the ssh port?
netstat -an | grep ssh
Which command shows us all of the TCP ports listening on the machine?
netstat -plnt
What command can we use to see if there are ports that are open that we can use?
nmap
What command would be used to configure the network interfaces via from the command line.
nmcli
Which services provide NTP?
ntpd, chronyd, systemd-timesyncd
What is the redhat textual user interface for managing services based on runlevel?
ntsysv
Where are commits stored in git?
objects/
Which legacy command is used to create partitions of either MBR or GPT types?
parted
Which switch on ps shows processes running for all users?
ps -e
What command is used to see ALL processes?
ps ax
What command would we use to initialize the physical volumes /dev/sdb and /dev/sdc?
pvcreate /dev/sdb /dev/sdc
Which command shows us the routing table that our kernel is using?
route
What does init level 0 do?
runs scripts that stops and powers off the system
If we wanted to recover a lost password, what would we enter after root=UUID info?
rw init=/bin/bash
What command would we use to get Access Vector Cache denies from the SELinux audit log?
sealert -a /var/log/audit/audit.log
Which command displays shell settings or or shell variables for the session?
set
How would we use the "setfacl" so that jimmy is the only user who can read file1 ?
setfacl -m u:jimmy:r file1
What command replaced netstat?
ss
What is the modern equivalent of the netstat tool?
ss, or socket statistics
How would we copy a generated ssh id into [email protected] ?
ssh-copy-id [email protected]
How do we create a private/public ssh key?
ssh-keygen
Which command will generate SSH keys for use when connecting to a computer via SSH?
ssh_keygen
How would we change the AppArmor profile to complain mode?
sudo aa-complain /sbin/dhclient
How would we create a new AppArmor profile for Xtightvnc?
sudo aa-genprof Xtightvnc
What command would you run to change the ownership of files in the directory /opt/myapp to some user?
sudo chown -R cloud_user:cloud_user /opt/myapp
What command would you use to find the files that are owned by some user?
sudo find / -user USER
Which command would we use to identify which zone is the default zone in the firewall?
sudo firewall-cmd --get-default-zone
How would we send a sigkill message to PID 2407?
sudo kill -9 2407
How would we change the "nice" value to 15 for some process with ID 3701?
sudo renice -n -15 3701
In SELinux, how would we change from permissive mode to enforcing mode?
sudo setenforce 1
How would we enable the SE boolean for httpd_enable_homedirs?
sudo setsebool -P httpd_enable_homedirs
How would we use ufw to deny all incoming traffic.
sudo ufw default deny incoming
Which command should be used to edit the sudoers file?
sudo visudo
Which command shows a summary of swap usage on a system?
swapon --summary
What command could we use to see what flags are set and running in the kernel?
sysctl -a | grep kernel
Which packages provide logging services?
syslog-ng, rsyslog, systemd-journald
Which command creates the necessary directory structure etc. for unit files?
systemctl edit --full <unit>
What command enables a service unit to start at system boot up by creating a symbolic link?
systemctl enable <daemon.service>
Using systemctl, how would we change the running state of the system from the current target to a different target?
systemctl isolate <target>
What command can we use to view all unit files on a system?
systemctl list-unit-files
How would we show all the unit files for some target?
systemctl list-unit-files -t <target>
What is /etc/hosts used for?
systems use this file for a computers hostname. the hostnamectl file will write a system's new hostname to this file.
How would we use tar to compress a folder called content-lpic-1/ into the tarball content-bak.tgz ?
tar -czf content-bak.tgz content-lpic-1/
Which command reads data from stdin and writes it to stdout and files?
tee
What is a network gateway?
the destination where network traffic does that has no other matching route or that is not intended for the local network.
In a bash script, what would we put after an "if" statement to execute code if the condition is met?
then
Which command can show you how long a process has been active and how long it takes to run?
time
What is the linux modern terminal manager that is like "screen"? How would we use it to reattach back to some session?
tmux attach-session -t 0
Which command is used to see which process is using the most resources?
top
Which command provides interactive realtime viewing of all processes?
top
What command would we use to get round-trip time?
traceroute
Which command allows you to see which sudo terminal you're in?
tty
What is the linux device manager?
udev
Type the command that uses the uncomplicated firewall tool to allow mysql.
ufw allow mysql
Using the umask command, how would we set the user to have full permissions, but the group to have none?
umask u=rwx,g=,o= which results in umask of 0077
How do we update the database that "locate" uses?
updatedb
Which command let's you view how long the system has been up, how many users are logged in, and CPU load average?
uptime
Which command shows us the load average of a machine in addition to how long it's been running?
uptime
Which command and flag would be used to create a service (non-user) account called projectx?
useradd -r projectx
How can we lock some user's account with the name of bcalhoun? What flag is used to unlock the account?
usermod -L bcalhoun The -U switch is used to unlock the account
How would we add user "example" to the group "passmanagers" ?
usermod -a -G passmanagers example
In a bash script, if we wanted to declare some variable called "var" to be the first argument a user provided when running the script, how would we do this?
var=$1
Which command would we use to create some volume group called vg1 comprised of the physical volumes /dev/sdb and /dev/sdc?
vgcreate vg1 /dev/sdb /dev/sdc
Which command is similar to "free" but gives us processor information as well as free memory space?
vmstat
Which command is used to monitor the output of processes at specified intervals?
watch -n
In the /etc/sudoers file, what is the difference between wheel and %wheel?
wheel is a user and %wheel is a group.
How do we find the location for a particular command?
whereis
Which command gives us registrant information for a domain name?
whois
What command reorganizes data stored in blocks on an XFS filesystem?
xfs_fsr
What utility is used to repair XFS filesystems?
xfs_repair
If we are on CentOS, how can we check the dependencies of some package, such as nginx?
yum deplist nginx
When connecting to a computer via a secure shell, where is the fingerprint stored so that it can be referenced to ensure that the remote machine is not an impersonator?
~/.ssh/known_hosts
