Linux Pro Exam 3

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

1. type ip addr show and press Enter Type cd /etc/sysconfig/network-scripts and press Enter. Type ls and press Enter 2. Type nano ifcfg-enp2s0 and press Enter to edit the first adapter.Using the keyboard and arrow keys, configure the IP settings as follows: IPADDR: 192.168.0.254 NETMASK: 255.255.255.0 BROADCAST: 192.168.0.255 GATEWAY: 192.168.0.5 Type Ctrl + x Type y to save the modified buffer to the disk. Press Enter to save the file using the default name. 3. type nano /etc/resolv.conf Type nameserver 163.128.78.93 and press Enter to start a new line. Type nameserver 163.128.80.93 Type Ctrl + x to exit the editor. Type y to save the modified buffer to the disk. Press Enter 4. type ping -c4 192.168.0.5 type ping -c4 163.128.80.93 Type ping -c4 www.corpnet.xyz

1. Configure the IP version 4 TCP/IP settings for the enp2s0 network connections as follows: IP address: 192.168.0.254 Subnet mask: 255.255.255.0 Broadcast: 192.168.0.255 Default gateway: 192.168.0.5 2.Configure DNS using the following addresses: 163.128.78.93 163.128.80.93 3. Use the following steps to test the corrections to the enp2s0 interface card: Ping the gateway to confirm that the workstation is properly connected to the small network. Ping the external DNS server to confirm that the workstation is properly connect to the internet. Ping an external web server (www.corpnet.xyz) to confirm that DNS is configured properly.

1. type ip addr 2. type ip link set enp2s1 up type ip addr show enp2s1

1. Determine which network interface went down when it was unplugged. 2. Start the network interface from the command line.

1. Type journalctl -k Type q 2. Type journal ctl -r Type q

1. Display the kernel message log from the current boot. 2.Display the system log in reverse order with the newest entries first.

1. From the Favorites bar, select Terminal. At the prompt, type cd projects/repo1 and press Enter. Type ls -la and press Enter to verify that repo1 is a valid repository.A folder named .git is shown. This confirms that this is a Git repository. Type git pull and press Enter.The updated repo content is pulled down to your system. Type ls -l and press Enter to verify that the new content was pulled down from the Git server. 2. At the prompt, type cd .. and press Enter. Type git clone repo2 and press Enter.The new repo is cloned. Type ls -l and press Enter to verify that the repo2 repository was cloned to your system.A directory named repo2 is shown. This directory contains the new repository.

1. Pull updates from the remote Git server to your local repo1 repository 2. Clone the repo2 repository to your /home/vedwards/projects folder.

1. ip link set enp2s1 down 2. ip addr show enp2s1

1. Stop the enp2s1 NIC as the first step to isolating the problem. 2. Verify that enp2s1 is down

1. From the Favorites bar, select Terminal. At the prompt, type su - and press Enter to change to the root user. Type 1worm4b8 as the root password and press Enter. 2. Type usermod -l bcassini bcasini and press Enter to change the account name. 3. Type usermod -d /home/bcassini bcassini and press Enter to change bcassini's home directory. Use cat /etc/passwd and press Enter to verify the changes.

1. Switch to the root user. 2. Change the login name from bcasini to bcassini. 3. Change the home directory to /home/bcassini.

1. type ss -lt and press Enter Type netstat -a and press Enter 2. nano /etc/apache2/ports.conf and press Enter Change 80 to 81. Change 8080 to 8081. Press ctrl + x type y and press enter 3. Type systemctl restart apache2 and press Enter 4. Type ss -lt and press Enter. Type netstat -a and press Enter

1. Use ss -lt and netstat -a to determine which ports the web server is running on. 2. Modify the ports.conf file to change port 80 to 81 and port 8080 to 8081. 3. Restart the web server to implement the port change. 4. Use netstat -a and ss -lt to verify that the server is listening on the new ports

1. type top 2. kthreadd 3. 0

1. Use top to see the running processes 2. What is the name of the process consuming the most CPU time? 3. What percentage of the overall utilization is being used by the CPU?

1. From the Favorites bar, select Terminal. From the prompt, type visudo and press Enter. Select 1 to use the nano editor. Press Enter to add a new line. Press the Up arrow to move to the new line added. Type wadams ALL=(ALL) ALL to add wadams as a regular user. Press Ctrl + X to exit the editor. Type y to save your changes. Press Enter to use the default name. 2. Type su - wadams and press Enter. Type touch /etc/hosts to try and edit the file. 3. Type sudo touch /etc/hosts to edit the file. Type 6or7en for the password and then press Enter. Notice that you were able to change the modified date of the file. Type ls -l /etc/hosts and then press Enter to verify that the file modified date was changed.

1. Use visudo to edit the /etc/sudoers file. 2. Verify that wadams does not have rights to create the /etc/hosts file. 3. Verify that wadams now has sudo rights.

1.From the Favorites bar, select Terminal. From the prompt, type sudo nano /etc/hosts and then press Enter. Enter 6or7en as the password for wadams and then press Enter. Using your arrow keys and keyboard, add the following hosts to the end of the hosts file: 192.168.122.84 potato.corpnet.local potato 192.168.122.85 radish.corpnet.local radish 192.168.122.86 lettuce.corpnet.local lettuce 2.Press Ctrl + x to save the modified buffer. Press y to confirm your choice. Press Enter to save the name using the default file name. 3.From the prompt, type cat /etc/hosts and then press Enter. Verify that the new hosts have been added.

1.Add the additional hosts to the /etc/hosts file. 2.Save the changes to the file and exit 3.Verify the changes.

1. select Support Select Terminal type ping -c4 192.168.0.5 Type ping -c4 192.168.0.30 Type ip addr type nano /etc/sysconfig/network-scripts/ifcfg-enp2s0 Change these values: IPADDR: 192.168.0.32 BROADCAST: 192.168.0.255 GATEWAY: 192.168.0.5 ctrl + x Press y Type ip link set enp2s0 down Type ip link set enp2s0 up Type ip addr Type ping -c4 192.168.0.5 Type ping -c4 163.128.80.93 2. From the top left, select Floor 1 Overview. select Office2 select Terminal type ping -c4 192.168.0.5 Type ping -c4 192.168.0.30 Type ping -c4 163.128.80.93 Type route Type nano /etc/sysconfig/network-scripts/ifcfg-enp2s0 Update the GATEWAY line: 192.168.0.5 Ctrl + x Press y Type ip link set enp2s0 down Type ip link set enp2s0 up Type ping -c4 163.128.80.93 3. From the top left, select Floor 1 Overview. select ITAdmin select Terminal. type ping -c4 192.168.0.5 Type ping -c4 192.168.0.30 Type ip addr type nano /etc/sysconfig/network-scripts/ifcfg-enp2s0 Update the NETMASK line: 255.255.255.0 Ctrl + x type y Type ip link set enp2s0 down Type ip link set enp2s0 up Type ping -c4 192.168.0.30

1.The employee in the Support Office reports that their workstation cannot communicate with any other computers on the network and cannot connect to the internet. 2.The employee in Office 2 reports that their workstation can communicate with some computers on the network, but cannot access the internet. 3. In addition to these two issues, you have just set up your workstation in the IT Administration office, and the workstation does not connect to any computers on the network.

1a. type iptables -L and press Enter. 1b. SSH and HTTP

1a. 1b. Which two TCP services have been allowed through the firewall

1a. type nslookup corpnet.xyz 1b. 198.28.1.1 2a. type nslookup -type=mx corpnet.xyz 2b. 198.28.1.3 3a. type nslookup -type=mx corpnet.xyz ns1.nethost.net 3b. Yes

1a. Query the default DNS server for the primary IP address of the corpnet.xyz domain. 1b. What is the primary IP address for the corpnet.xyz domain? 2a. Query the default DNS server for the corpnet.xyz mail server and determine its IP address 2b. What is the IP address of the server that receives mail for corpnet.xyz? 3a. Confirm the corpnet.xyz mail server information by querying the external DNS server (ns1.nethost.net). 3b. Does the external DNS server match the internal DNS server regarding the corpnet.xyz mail server?

1a.From the Favorites bar, select Terminal. From the top right, select Exhibits. 1b. 163.128.78.93 2a. type traceroute 163.128.78.93 2b. 192.168.0.5 2c. 198.28.56.1 2d. 198.28.56.18 2e. 198.28.2.254 3a. type traceroute 10.10.20.10 and press Enter. 3b. 6 3c. 73.44.216.7

1a. Use the exhibits to locate the IP address of the external DNS server. 1b. What is the IP address of the enternal DNS Server? 2a.Use the command necessary to find the route used to access the external DNS server. 2b. What is the IP address of the default gateway (hop 1)? 2c. What is the IP address of the CorpNet main router (hop 2)? 2d. What is the IP address of the network security appliance (hop 3)? 2e. What is the IP address of the ISP internet router (hop 4) 3a.Use the command necessary to find the route used to access the remote computer using the 10.10.20.10 IP address. 3b. How many routers are in the path between Support and the remote computer? 3c. What is the IP address of the last router in the path between support and the remote computer?

Private key

A digital signature uses an asymmetric key pair to allow a sender's identity to be verified by a recipient. What does the sender use to create a digital signature that is then decrypted by the recipient?

/etc/rc.d/init.d/sshd start

A number of remote users call to say that they cannot connect via SSH today. When you look at the processes, you see that the daemon is not running. Which command would you use to solve this problem?

A timeout value that identifies when the route expires. The interface or next hop router used to reach the destination network.

A routing table typically contains which of the following information? (Select two.)

git branch

A script developer is working on some new features for administering Linux servers and wants to add the features without changing the master branch. Which of the following is the BEST command to use?

dog cat bird

A script named myscript contains the following command line: echo $1 $2 $3 The following command is typed in an interactive shell. myscript dog cat bird frog Which of the following will be displayed in the interactive shell?

sar

A technician executes a command that collects various OS usage statistics, provides report capability, and saves system activity information. Which of the following commands displays this information?

load balancing

A technician is configuring a server with four network interface cards to use a round-robin scheduling algorithm for bonding. This algorithm transmits packets on the first available network interface. Which of the following is provided by this configuration?

git clone [email protected]:abrt/abrt.git

A technician wants to obtain the ABRT repository from a git online service. Which of the following commands should be used?

Use the traceroute command to traceroute the FQDN and IP address of the website you are trying to reach. Use the ping command to ping the FQDN and IP address of the website you are trying to reach.

After arriving at work in the morning, you turn on your Linux workstation and attempt to visit an internet news site. After a few minutes, your web browser times out nd tells you that the website is unavailable. Which of the following troubleshooting steps would help you determine the cause of this issue? (Select two.)

git config

After installing Git and before the first commit is made, the user.name and user.email properties need to be configured. Which of the following commands can you use to configure these properties?

route add -net 11.12.13.14/24 gw 201.12.3.4 ip route add 11.12.13.14/24 via 201.12.3.4

After the acquisition of another company, you need to add another network to the existing routing tables. Which of the following commands could you use to accomplish this task? (Select two.)

git pull

Alberto, a system administrator, is working with another system administrator, Leroy, to update the bash scripts used on various servers. The bash scripts are stored in a Git repository. Alberto updated a script that may have also been updated by Leroy. Which of the following commands SHOULD Alberto execute before he commits his changes to the repository?

systemctl restart firewalld

Alex, a webmaster, recently deployed a new web server. After checking external access to the new web server, he was unable to communicate on port 80. Alex verified that the host-based firewall's configuration had been changed and that the httpd service is running. Which of the following commands will most likely resolve the communication issue?

Employee ID Title

An orchestration workflow that creates a user might need which of the following data? (Select two.)

Hostname Network configuration

An orchestration workflow that creates computers might need which of the following data? (Select two.)

Provides a user interface with guided installation steps. Creates a file system. Identifies the computer's hardware.

Anaconda is an installation program used by Fedora, RHEL, and other distributions. Which of the following does Anaconda do? (Select three.)

OVF

Anna, a system administrator, created a new virtual machine to provision additional hypervisors. Which of the following will provide a VM template that is open and can be used by hypervisors from different vendors?

echo $?

Anna, a technician, executes a command to display the contents of a file and receives the following output: [user@linux ~]$ cat myfile.txtat: myfile.txt: No such file or directory Which of the following commands would Anna enter to find out the exit code that was returned by this command?

/etc/apparmor.d/

AppArmor has been installed on your computer. Which of the following directories contain your AppArmor profiles?

cat /var/log/audit/audit.log.1 | grep type=AVC

As a system administrator, you are experiencing SELinux violations and want to search through the audit.log.1 file to display any of these violations. Which of the following commands would you use to search for and display these violations?

route add -net 195.157.66.0 netmask 255.255.255.0 gw 192.168.7.1 ip route add 195.157.66.0/24 via 192.168.7.1

As a system administrator, you are going to add a static route for host 195.157.66.221, 255.255.255.0. Your default gateway is 192.168.5.1, but you want this route to use gateway 192.168.7.1. Which of the following commands could you use to accomplish this task? (Select two.)

route add -net 195.156.76.0 netmask 255.255.255.0 dev eno32 ip route add 195.156.76.0/24 dev eno32

As a system administrator, you need to add a static route so that you can reach host 195.156.76.122, 255.255.255.0, and the device eno32 to find the target network. Which of the following commands could you use to accomplish this task? (Select two.)

route add 170.122.0.0 netmask 255.255.0.0 reject

As a system administrator, you want to block (reject) any packets from 170.122.0.0, 255.255.0.0. What command will block those packets?

1. while troubleshooting problems 2. While responding to a security event

As an IT administrator, which of the following are the MOST likely reasons you would want to prevent users from logging in to a Linux system? (Select two.)

nc -zv DHCP_03 53

As the IT System Administrator, you recently set up a new DHCP server, DHCP_03. You want to test connectivity on port 53 from other servers on the network. Which of the following commands will accomplish that task?

Podman

As the network administrator for a financial corporation, you've been asked to find a solution for running an older, company-produced application independently on various Linux distributions. You've decided to use container technology to run the company application and are looking for a container management software package that meets the following requirements: The software can run rootless. The software is modular. In addition, the software only needs to be run from the command line, and creating images is not important. Which of the following software packages BEST meets these requirements?

Docker

As the network administrator for a financial corporation, you've been asked to find a solution for running an older, company-produced application independently on various Linux distributions. You've decided to use container technology to run the company application and are looking for a container management software package that meets the following requirements: The software must be able to build and manage images. The software must run only as the root user. Which of the following software packages BEST meets these requirements?

/var/log/audit

As the network administrator, one of your responsibilities is to analyze and troubleshoot SELinux context violations. In which directory are the SELinux violations recorded?

ssh-add ~/.ssh/id_dsa

As you configure your client for public key authentication, you decide to generate the DSA key pair. You would like to configure the client to automatically provide the private key passphrase when needed so that you do not need to type the passphrase for every new SSH connection to a server. Which command should you use in conjunction with the ssh-agent bash command? (Enter the command and options as if you are at the command prompt.)

free

Below is an illustration of information you displayed by entering a command at the root command prompt. Which of the following commands displayed this information?

IPSec

Carlos, a system administrator, needs to set up a VPN tunnel from a branch office to the main office. Data security is a high priority. Which of the following will allow the IP packets to be encrypted and encapsulated in a new IP header that is sent through the VPN tunnel?

git commit -m "Adding server-info.pl script"

Cindy, a technician, created a Perl script named server-info.pl that is used for gathering server information. Cindy wants to add the file to the repository and has executed the command git add server-info.pl. Which of the following commands should Cindy execute NEXT?

Ports to other operating systems and hypervisors. Operating system and applications are added to one system

Containers and virtual machines have benefits and shortcomings. Which of the following are benefits of using a virtual machine for running applications?

Uses fewer hardware and software resources Provides a quick startup time

Containers and virtual machines have benefits and shortcomings. Which of the following are the benefits of using a container for running applications?

Transport

Diagram of an IPsec type of IP packet with only the Data payload being encrypted. In the following IPsec diagram, only the payload of the IP packet is encrypted, and the original IP headers are left intact. Which IPsec mode is being illustrated?

docker exec

Docker is a container management software package that uses the docker command at the shell prompt to manage containers. From the list on the left, drag each command to its correct description on the right. Connect to running containers

docker inspect

docker ps

docker log

-N

Ensures that SSH does not execute a remote command.

Set a bootloader password

For Linux systems where physical access could be compromised, which of the following best practices should be implemented to prevent a user from booting into single-user mode with root access?

SNMP

From the list of IP suite protocols on the left, drag each protocol to the right to match the correct description. Designed for managing complex networks.

LDAP

From the list of IP suite protocols on the left, drag each protocol to the right to match the correct description. Lets you search and update a directory service.

SMTP

From the list of IP suite protocols on the left, drag each protocol to the right to match the correct description. Used to route electronic mail through the internetwork.

SSL

From the list of IP suite protocols on the left, drag each protocol to the right to match the correct description. Uses RSA to secure messages being transmitted on the internet.

ICMP

From the list of IP suite protocols on the left, drag each protocol to the right to match the correct description. Works closely with IP to provide error and control information.

The stdout of the ls command is redirected to the myfiles file.

Given the command ls > myfiles which of the following describes the results?

item: Desktop item: Documents item: Downloads

Given the following bash script, #!/bin/bashfor i in $(ls)doecho item: $idone Which of the following shows a possible output if the script is executed from Bill's home directory?

This is an unknown Linux distribution.

Given the following bash script, what is the output if the user enters Kali? #!/bin/bashecho 'Which Linux distribution do you like? ' read distro case $distro in ubuntu) echo "Ubuntu is based on Debian." ;; centos|rhel) echo "CentOS and RHEL are RPM based distributions." ;; windows)echo "That is not a Linux distribution." ;; *)echo "This is an unknown Linux Distribution." ;; esac

count 5 count 4 count 3

Given the following bash script: #!/bin/bashdeclare -i count=5until [ $count -lt 3 ]doecho count $countcount=count-1done Which of the following shows the output from this script?

Sorry, that is not my number!

Given the following bash script: #!/bin/bashmynumber=5guess=0echo -e "I am thinking of a number from 1 to 10\n"read -p "Enter guess: " guessif (( guess == mynumber ))thenecho "That is correct!"elif (( guess != mynumber )); thenecho "Sorry, that is not my number!"fi Which of the following would be displayed if the number 12 is entered as the guess?

orange green blue brown

Given the following command sequence: echo 'blue orange green brown' | while read a b c d; do echo output: $b $c $a $d; done Which of the following is the correct output?

Stateless autoconfiguration

IPv6 is configured using several methods. In which method do the clients automatically generate the interface ID and learn the subnet prefix and default gateway through Neighbor Discovery Protocol (NDP)?

Static full assignment

IPv6 is configured using several methods. In which method is the entire 128-bit IPv6 address and all other configuration information statically assigned to the host?

Static partial assignment

IPv6 is configured using several methods. In which method is the prefix statically assigned, and the interface ID uses the modified EUI-64 format derived from the MAC address

The prefix The interface ID

IPv6 uses 128-bit addresses. The address contains two 64-bit components. What is the first 64-bit component called? What is the last 64-bit component called?

DTLS adds sequence numbering to the application, allowing it not to be dependent on the underlying transport technology

If a packet arrives out of order and is not reassembled correctly, the packet cannot be decrypted properly. What feature does DTLS provide to help resolve this issue?

/etc/sysconfig/network-scripts/ifcfg-enp2s0 down /etc/init.d/network stop

If you are managing a systemd-based Linux system, which of the following commands cannot be used to bring the enp2s0 interface down? (Select two.)

Incorrectly configured ACLs on the firewall.

In an effort to secure the internal network, you have implemented a host-based firewall and set up ACL rules to accept and reject IP packets for specific ports and services. Some employees are complaining they can no longer access the applications they need. The server is on the internal network connected to an internal router, which is connected to the DMZ, and an external router to the internet. Which of the following is most likely causing problems?

Sandbox

In technology, what do you call a computer application that is contained from other applications or the underlining operating system?

Tunnel

In the following IPsec diagram, the entire original IP packet is protected by IPsec, meaning that IPsec wraps and encrypts the original packet and then adds a new IP header which is then sent on to the other side of the VPN tunnel.

Stateful autoconfiguration

In which of the following IPv6 configuration methods does the RA message contain configuration information to obtain the interface ID, subnet prefix, default gateway, and other configuration information from a DHCPv6 server?

journald

Linux systems that use SysVinit (init) use the syslogd daemon to manage logging. Which of the following daemons is used on newer system-based distributions to provide a local system log file?

NAT

Linux-based hypervisors, such as Xen, KVM, and QEMU, provide a software-based virtual network switch. Which of the following is an additional feature provided by a Linux bridge?

Type logout at the prompt

Log out of the system while leaving the system powered on.

auth requisite pam_nologin.so

Login blocking is enabled using the Pluggable Authentication Modules (PAM) module. What line needs to be in the /etc/pam.d/login file to configure PAM to check and see if a file named /etc/nologin exists?

git push

Lydia, a developer, recently made changes to some files and wants to update the changes on the master branch. Which of the following is the BEST command to use for this purpose?

An overlay network

Lynda, a network administrator, has been tasked with connecting the VMs on multiple virtual machine hosts in a way that doesn't expose the VMs to the external network. Which of the following should be implemented?

VPN

Maria, a company employee, is working remotely from a hotel while traveling for business. Maria needs to access some sales resources on the company's network. Which of the following would allow Maria to securely access the resources she needs?

/proc/sys/net/ipv6/ip_forward /proc/sys/net/ipv4/ip_forward

Maria, a system administrator, wants to set up IP forwarding on a server for both IPv4 and IPv6. Which of the following files should be modified to enable IP forwarding? (Select two.)

JSON YAML

Mary, a system administrator, would like to deploy virtual machines, storage, and networking in a cloud environment. Which of the following file formats would allow Mary to modularize these items as a template? (Select two).

vmstat

Mary, a technician, is troubleshooting memory and performance issues on a system. Mary executes a command to show information about processes, memory, paging, block IO, traps, disks, and CPU activity. Which of the following commands did Mary use to view this information?

nmtui

NetworkManager provides a graphical user interface used on many Linux desktops. However, it also provides a text user interface that you can launch from a shell prompt that uses hotkeys, arrow keys, and Enter to manage network settings. What is the command you can use to launch this utility?

nmcli

NetworkManager provides a graphical user interface used on many Linux desktops. It also provides a semi-graphical interface that you can launch from a shell prompt that uses hotkeys, arrow keys, and Enter to manage network settings. In addition, there is also a command you can use to perform the same tasks. What is the NetworkManager command you can use to manage network settings?

1. Identify the symptoms and potential causes. 2. Establish what has changed. 3. Create a hypothesis. 4. Create an action plan. 5. Implement the fix. 6. Ensure user satisfaction. 7. Document the solution.

On the left are recommended steps for completing an effective troubleshooting process. Drag each step to the right in its proper troubleshooting order.

Automated builds and code deployments Inventory Configuration management Server provisioning

Orchestration is the automated configuration, coordination, and management of computer systems and software. Orchestration takes advantage of several tasks that are usually automated to create a more complex workflow. Which of the following workflow needs can be satisfied by orchestration? (Select four.)

Out of concern for security, you convinced your IT manager to stop allowing Telnet access to the network. Now remote connections are only made through SSH. Which port must you allow through the firewall for SSH access?

-g

Overrides configuration file settings and creates a tunnel (if needed).

touch /etc/nologin

PAM is configured on your system to look for the presence of the nologin file in the /etc directory. If the nologin file exists, user login is disabled, and only the root user can log in. If your current working directory is root's home directory, which command would you enter to quickly create an empty nologin file in the /etc directory?

IMAP FTP

Protocols define basic rules for exchanging information and can become unsecure. Older protocols may lack encryption, making it easy to sniff credentials on the network. You should avoid using these protocols for services that share sensitive data. Which of the following are older protocols that lack encryption and should be avoided for sensitive data? (Select two.)

dnf list installed

Removing unnecessary software increases the security of your Linux system. If your system uses RPM for package management, what can you enter at the command prompt to look for unnecessary software that might be installed on your system?

-f

Runs SSH in the background after the password prompt.

/etc/sestatus.conf

SELinux uses a security context to classify resources, such as processes and files. This context specifies how and by whom a given resource can be accessed. What file lists the security context of files and processes for SELinux?

Enforcing mode

SELinux uses modes to control how policies are applied and how access is granted or denied. What SELinux mode allows or denies access based on policy rules?

/etc/sysctl.conf

Sam, a system administrator, is implementing measures to harden the Linux systems on the network. Sam wants to modify kernel parameters at runtime to protect the system from syn flood attacks using the sysctl command. Which file would Sam modify to implement the following changes? # TCP SYN Flood Protection net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 2048 net.ipv4.tcp_synack_retries = 3

Cmnd_Alias

Specifies a set of commands that users can execute using the sudo command.

User_Alias

Specifies a set of users who are allowed to execute a specific set of commands using the sudo command.

Runas_Alias

Specifies a username that is used when running commands with sudo. Usually, this is just root.

-nodes

Specifies that openssl should skip the option to secure your certificate with a passphrase

-x509

Specifies that the certificate being created will be a self-signed instead of a signed certificate.

-newkey

Specifies that the new certificate and new key will be created at the same time.

-keyout

Specifies the directory and filename for the private key being created

-out

Specifies the directory and filename for the self-signed key being created.

-L

Specifies the port numbers and server address.

server

Specifies the server running the SSH daemon

Config stage Final stage Init stage

The /etc/cloud/cloud.cfg file controls the cloud-init modules that are run. The modules represent configuration stages. Which of the following are the three configuration stages used by cloud-init? (Select three.)

VNC

The /etc/ssh/sshd_config file configures the SSH daemon on the server. Which of the following commonly used options for configuring an SSH tunnel allows any computer to act as a graphical terminal server?

kinit

The Kerberos protocol is based on tickets that allow nodes to communicate over a non-secure network to prove their identity for security purposes. What is the command you can enter to authenticate with a Kerberos server?

ifup enp2s0

The enp2s0 interface is currently down. What can you enter at the command-line to start the enp2s0 interface?

ip addr add 192.168.0.123/24 dev enp2s0

The enp2s0 network interface has already been assigned the IP configuration 172.16.1.123/16. What command would you use to temporarily configure a second IP address of 192.168.0.123/24 for this network interface?

/home/gshant/.ssh/config

The gshant user is attempting to connect to a remote SSH server; however, you need to override the default SSH configurations for the client system when gshant establishes an SSH session. Which of the following files should you edit?

The list of characters on the left are special parameters that are set and maintained by the Bash shell. From the list on the left, drag the special parameter to the correct description on the right. The exit status of the last executed command.

A) -host B) reject C) default gw D) -net

The route add command adds a static route in the routing table and includes several options. Drag a route add option on the left to the correct description on the right. A) Specifies a single host on the network. B) Installs a blocking route. C) Creates a route for the default router. D) Specifies a network address.

logger

There are several Linux commands available that let you view and manage binary log files. From the list of these commands on the left, drag a command to the correct description on the right. Changes the message severity and where logged messages are sent.

sar

lastlog

There are several Linux commands available that let you view and manage binary log files. From the list of these commands on the left, drag a command to the correct description on the right. Displays a list of the dates and times for the last login for each user.

dmsg

There are several Linux commands available that let you view and manage binary log files. From the list of these commands on the left, drag a command to the correct description on the right. Displays information about all the hardware controlled by the kernel.

logrotate

There are several Linux commands available that let you view and manage binary log files. From the list of these commands on the left, drag a command to the correct description on the right. Manages, compresses, renames, and deletes log files based on specific criteria (such as size or date).

cat

There are several Linux commands available that let you view and manage text-based log files. From the list of these commands on the left, drag a command to the correct description on the right. Displays the entire contents of a text-based log file.

head

tail

grep

less

There are several Linux commands available that let you view and manage text-based log files. From the list of these commands on the left, drag a command to the correct description on the right. Lets you scroll through individual pages of a text-based log file.

create

There are several commands available that you can use with the Linux logrotate utility. Several of these commands are listed on the left. Drag a command from the left to match it with the correct definition on the right. Creates a log file with a name identical to the one just rotated.

missingok

There are several commands available that you can use with the Linux logrotate utility. Several of these commands are listed on the left. Drag a command from the left to match it with the correct definition on the right. Prevents errors from being displayed for missing log files.

notifempty

maxage

There are several commands available that you can use with the Linux logrotate utility. Several of these commands are listed on the left. Drag a command from the left to match it with the correct definition on the right. Removes rotated logs that are older than the specified number of days.

rotate

There are several commands available that you can use with the Linux logrotate utility. Several of these commands are listed on the left. Drag a command from the left to match it with the correct definition on the right. Specifies the number of times to rotate the log before deleting it.

Host_Alias

There are several sections in the /etc/sudoers file that allow you to make configuration changes for the sudo command. Drag the sudoers section on the right to the correct definition on the left. Specifies a list of computers on which sudo users can perform commands.

Hardware-Assisted Virtualization

There are three types of virtualization environments. Match the virtualization type on the left with the description on the right. Virtualization types may be used more than once. Handles some of the virtualization processing the hypervisor would normally perform.

Partial virtualization

There are three types of virtualization environments. Match the virtualization type on the left with the description on the right. Virtualization types may be used more than once. Only some of the components of a virtual machine are virtualized

Full virtualization

There are three types of virtualization environments. Match the virtualization type on the left with the description on the right. Virtualization types may be used more than once. Operating systems do not need modification to run within virtual machines.

Full virtualization

There are three types of virtualization environments. Match the virtualization type on the left with the description on the right. Virtualization types may be used more than once. The virtual machine completely simulates a physical computer system.

A type 2 hypervisor runs on an operating system. A type 1 hypervisor runs on bare metal hardware and is referred to as a native hypervisor.

There are two types of hypervisors, Type 1 and Type 2. Which of the following accurately describes those two types? (Select two.)

20 21

To transfer files to your company's internal network from home, you use FTP. The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible. Now you can no longer make the FTP connection. You suspect the firewall is causing the issue. Which ports need to remain open so you can still transfer the files using the FTP protocol? (Select two.)

chmod u=rwx,go=rx /scripts/dailytasks

Troy, a system administrator, created a script to automate some daily administrative tasks. Which of the following commands would make Troy's script, /scripts/dailytasks, executable by everyone but writable only by its owner?

systemctl list-units

Unnecessary network services might provide attackers with an entry point for an attack. To view a list of services, or units, installed or running on a systemd-based system, what could you enter at the command prompt?

1a. uptime -s 1b. 2022-09-21 2b. 02:20:00

Use the applicable command to determine: 1a. The date on which the server was last started and the time the server was last started. Answer the questions. 1b. 2b.

nmcli hostname

What NetworkManager nmcli command can you enter to display a hostname?

nmcli con show

What NetworkManager nmcli command can you enter to list all the available network connections? (Select the correct answer from the drop-down list.)

nmcli general

What NetworkManager nmcli command can you use to display the state of the current network connections?

Flatpak

What application allows you to create sandboxed applications with libraries that can be shared between apps? (Select the correct answer from the drop-down list.)

systemctl enable apparmor

What command can you enter to configure AppArmor to start each time your system is booted?

systemctl status apparmor

What command can you enter to determine if AppArmor is enabled on boot?

ulimit

What command do you enter at the command prompt to prevent the shell from using too many system resources?

Snapcraft

What command line tool can you use to package your programs to run as a snap? (Select the correct answer from the drop-down list.)

chkconfig

What command should you use on an init-based Linux system to check for issues with network services?

firstmonday=$(date --date="first Monday")

What command would you enter to assign the "first Monday" output of the date command to the firstmonday variable?

visudo

What do you enter at the command prompt to edit the /etc/sudoers file?

All listening and non-listening sockets

What does the netstat -a command display?

Limits CPU time for a process to ten minutes

What effect does the ulimit -t 600 command have on a Linux system?

bridge-utils

What is the Linux software package you need to install to implement Linux bridging?

Sets the password for jsmith to expire after 60 days and gives a warning 10 days before it expires.

What is the effect of the following command? chage -M 60 -W 10 jsmith

/var/log/security

What is the file that the sudo command uses to log information about users and the commands they run, as well as failed attempts to use sudo?

/etc/nologin

What is the full path and filename of the file you should create to disable user login on a Linux system?

/etc/nsswitch.conf

What is the full path and filename of the file you should edit to determine the order in which name resolution is completed?

/etc/security/limits.conf

What is the full path and filename of the file you should edit to limit the amount of concurrent logins for a specific user?

/var/log

What is the full path to the directory that contains log files, including secure, messages, [application], and kern.log?

MD5

What is the name of the hash function used to verify the public key for an SSH connection?

To ensure that SSH does not execute a remote command.

What is the purpose of the -N option in the following command? ssh -f -N -L 2345:mail.mydomain.com:110 [email protected]

Audits files in the root directory that have execute permissions for others.

What is the purpose of the find / type f -perm -o=x -ls command?

Enable BootP requests through the router.

What should you do to enable DHCP across subnets?

netstat -a

What should you enter at the command prompt to display both listening and non-listening sockets on your Linux system?

OpenSSL

What tool can you use to create and view certificates, as well as test SSL/TLS connections?

host xyzcomp.com

What would you enter at the command prompt to find the IP address for the xyzcomp.com domain?

./listdocs

What would you enter at the command prompt to run a listdocs script stored in the current directory?

hooks

When a Git repository is created using git init, Git creates a directory named .git. This directory contains all the information necessary for that repository to work correctly. Which of the following directories contain the scripts that are run during each Git phase?

If the key is known to the server, it encrypts a random number with the public key and sends the encrypted number to the client.

When authenticating with a public key, the client specifies which public key the server uses for authentication, and then the server checks to ensure the key has previously been authenticated. What happens next in the authentication process?

active-backup, or mode 1

When configuring bonding on two network interfaces, the technician wants to configure one interface to take over if the other interface fails. Which of the following bonding modes should be used to provide a hot standby?

X11Forwarding ForwardX11Trusted

When configuring the SSH daemon using the /etc/ssh/sshd_config file, which options can be set to prevent or allow unrestricted access to all GUI features on the client? (Select two.)

# This is a Bash script

When creating a Bash script, it is important to document the purpose of the script. Which of the following is a valid comment?

AppImage

When creating and managing sandboxed apps, which of the following allows you to create packages that require no installation?

Multi-homed NICs

When implementing a network gateway, implementing a firewall, or increasing performance, multiple NICs can be added to a computer. Which of the following can be implemented on VMs to provide this capability?

ssh_host_dsa_key.pub

When using DSA to establish an SSH session, what is the name of the key that the SSH server sends to the client? (Enter the name of the key only.)

Bootstrapping

When using templates to deploy virtual machines, one challenge is to make sure that all VMs have the same settings, such as hostname, security identifiers, and even the same IP address. Which of the following allows a VM to be provisioned with unique settings and configurations?

~/.ssh/known_hosts /etc/ssh/ssh_known_hosts

Where does the client store SSH keys used to establish an SSH session? (Select two.)

SSH2

Which SSH version supports the Rivest, Shamir Adleman (RSA), and Digital Signature Algorithm (DSA) encryption standards?

/etc/pam.d/login

Which configuration file should you edit to enable Pluggable Authentication Modules (PAM) to check for a file named /etc/nologin?

ssh

Which daemon, or service, provides port tunneling to encrypt non-secure protocols such as email and X server traffic?

id_rsa.pub id_rsa

Which keys are generated when you execute the ssh-keygen command with no options? (Select two.)

DNS

Which network service would you use to get the IP address from the Fully Qualified Domain Name (FQDN) hostname?

The process of managing and provisioning computer datacenters.

Which of the following BEST describes Infrastructure as Code (IaC)?

A text file with instructions that tell Docker what to do when creating an image

Which of the following BEST describes a Dockerfile?

It lets you encrypt communication between your server and a client but is not signed by any trusted certificate authorities.

Which of the following BEST describes a self-signed certificate?

Data encrypted with the public key can only be decrypted using the private key. A public key is made available to anyone; a private key is kept secret.

Which of the following BEST describes an asymmetric type of encryption? (Select two.)

191.168.2.15 129.0.0.1 168.16.5.1

Which of the following IP addresses have a default subnet mask of 255.255.0.0? (Select three.)

Container image

Which of the following JSON file format templates can be copied and used to create multiple containers that run the same applications?

NAT

Which of the following Linux bridge modes is the default?

nmcli general hostname <newhostname>

Which of the following NetworkManager nmcli commands can you use to update the hostname?

Container registries

Which of the following are Docker Hub, Amazon ECR, and Harbor all examples of?

Protocols Source address Ports

Which of the following are IP packet characteristics that ACL rules look at to determine how to filter a packet? (Select three.)

Fail2ban DenyHosts

Which of the following are Python scripts classified as intrusion prevention software and provide dynamic rule sets to automate the rules IPTables use to filter network traffic? (Select two.)

An environment for software development Software testing

Which of the following are common uses of sandboxing? (Select two.)

It does not need root access to the system. It does not depend on any libraries that are not part of the package.

Which of the following are facts about the AppImage utility? (Select two.)

Repositories called remotes are used to host applications that can be installed. The apps typically use a graphical interface.

Which of the following are facts about the Flatpak utility? (Select two.)

It runs in the background. You can use a command line tool to package your programs to run as a snap.

Which of the following are facts about the snapd daemon? (Select two.)

Agent-based requires that proprietary software is installed on each device you wish to monitor. Agentless orchestration does not require a proprietary software agent to be installed on the managed hosts.

Which of the following are key differences between agent-based orchestration and agentless orchestration? (Select two.)

Fingerprint One-time password (OTP) Iris pattern

Which of the following are multifactor authentications supported by Linux? (Select three.)

145.8.260.7 45.22.156.256 257.0.122.55

Which of the following are not valid IP addresses? (Select three.)

Close each case with two semi-colons Case structures must be closed using esac

Which of the following are required when creating a case construct?

Must be on the same subnet as the host computer. Must be configured on each host to allow inter-network communication.

Which of the following are requirements for the default router IP address? (Select two.)

Change the hostname configuration Configure IPv4 and IPv6 addresses

Which of the following are tasks you can perform with the NetworkManager Text User Interface (nmtui)? (Select two.)

libvirt vmm virsh

Which of the following are three popular toolsets Linux-based hypervisors used to manage virtual machines? (Select three.)

A proprietary software application is installed on each device. The agent can be programmed to monitor systems.

Which of the following are unique characteristics of using an agent for orchestration implementation? (Select two.)

It uses zones and services instead of chains and rules. You can apply a zone to different network interfaces.

Which of the following are unique features of the firewalld firewall? (Select two.)

6384:1319:7700:7631:446A:5511:8940:2552 141:0:0:0:15:0:0:1

Which of the following are valid IPv6 addresses? (Select two.)

declare -i num1=4 variable1=Hello

Which of the following are valid ways to assign a variable a value in a bash script? (Select two.)

Rename the /etc/nologin file Delete the /etc/nologin file

Which of the following can you do to re-enable user logins after configuring login blocking? (Select two.)

Block

Which of the following cloud storage types is accessed through network drives or as a cloud computing resource?

nslookup host dig

Which of the following commands can be used to retrieve the IP address and/or the FQDN or hostname information from a DNS server? (Select three.)

nmcli -t -f RUNNING general

Which of the following commands can you enter to verify that NetworkManager is running? (Select the correct answer from the drop-down list.)

unset

Which of the following commands can you use to delete a variable?

mtr

Which of the following commands combines the functionality of the traceroute and ping commands in a single network diagnostic tool?

read

Which of the following commands creates a variable and prompts the user to type in text?

exit 0

Which of the following commands do you need to enter to end a Bash shell script?

variable2=Farewell echo $variable2 ", Jason"

Which of the following commands in a Bash script will display "Farewell, Jason" on the screen?

logrotate

Which of the following commands manages, compresses, renames, and deletes log files based on specific criteria such as size or date?

ABRT

Which of the following commands or utilities is a suite of tools that can help you detect, report, and resolve application crashes, as well as take steps to resolve the issue?

uptime

Which of the following commands produced the following output? 06:14:11 up 139 days, 24 min, 5 users, load average: 0.12, 0.33, 0.48

/etc/hostname

Which of the following configuration files holds the name of the host?

32 numbers grouped using colons Hexadecimal numbers

Which of the following correctly describes the most common format for expressing IPv6 addresses? (Select two.)

128-bit address Eight hexadecimal quartets

Which of the following describes an IPv6 address? (Select two.)

Provides a single file that archives all the files that make up an OVF using TAR.

Which of the following describes an OVA (open virtual appliance or application) file?

Link-local IPv6 addresses must be assigned to any network interface on a Linux system. Link-local IPv6 addresses begin with FE8, FE9, FEA, or FEB. Link-local IPv6 addresses are not routable.

Which of the following describes link-local IPv6 addresses? (Select three.)

Converts shell variables to environment variables.

Which of the following describes the function of the export command?

Privileged ports

Which of the following features helps provide (by default) confidence in internal networks where only trusted individuals have passwords to the root account?

1. Files that have the write and execute permissions for others. 2.Executable files owned by the root user that have the SUID (Set User ID) permission.

Which of the following file types pose a high-security risk to a Linux computer? (Select two.)

.gitignore

Which of the following files can you configure to ignore certain file types from being committed to the local Git repository?

/etc/hosts /etc/resolv.conf

Which of the following files contains information that enables a Linux system to resolve IP addresses to FQDN/hostnames? (Select two.)

/etc/services

Which of the following files provides a list of services and their port assignments used by many firewall applications?

SSH SNMP WMI and WinRM CIM

Which of the following industry-standard management systems can be used for agentless orchestration? (Select four.)

Connects the VM's virtual NIC and the host's physical NIC.

Which of the following is a function of a virtual network switch?

MOTD

Which of the following is a message presented when a user first connects to a Linux machine informing the user that their actions on the system may be monitored?

pseudo-terminal (pty)

Which of the following is a pair of virtual character devices that provide a bidirectional communication channel? (One end of the channel is called the master; the other end is called the slave.)

CVE

Which of the following is a reference for publicly known security vulnerabilities maintained by the US government?

It frees up time for IT team members to take on more important projects.

Which of the following is a significant benefit of using an orchestration workflow?

With transport mode, only the payload of the IP packet is encrypted, and the original IP headers are left intact

Which of the following is a significant difference between VPN tunnel and transport modes?

Wheel

Which of the following is a special user group found on some Linux systems that control access to the su or sudo command?

FEC0::AB:9007

Which of the following is a valid IPv6 address?

Container

Which of the following is an application that's isolated in a lightweight package and allows you to run a program from one computing environment to another?

libvirt

Which of the following is an open-source application programming interface (API) that's used for creating, monitoring, migrating, starting, and stopping virtual machines?

/dev/tty5

Which of the following is associated with a Linux computer's controlling terminal or the shell's window?

Container engine

Which of the following is installed on top of the host operating system and allows containers to use resources from the host operating system as well?

git log

Which of the following is the BEST command for showing the commit history of a repository?

sealert

Which of the following is the BEST command for viewing SELinux errors?

git merge

Which of the following is the BEST command to use for joining a branch to a master?

Isolating programs on your computer to keep them from interacting with other programs and systems.

Which of the following is the BEST definition of sandboxing?

A set of modules that enables various authentication systems on a Linux computer.

Which of the following is the MOST accurate definition of Pluggable Authentication Modules (PAM)?

3DES is a very secure mode of the DES algorithm encryption method that encrypts data three times using a 168-bit key.

Which of the following is the MOST correct description for 3DES?

Force all users to log out of the system.

Which of the following is the first task you need to do to configure login blocking?

Orchestration

Which of the following is the process of automating, managing, scaling, and networking containers?

The SSH daemon intercepts all traffic sent to that port, encrypts it, and sends it to the SSH client.

Which of the following is the second step in the SSH port tunneling process?

Disable the ability to login to the system

Which of the following is the second task you need to do to configure login blocking?

aa-genprof

Which of the following lets you create new AppArmor profiles?

User name, title, and employee ID for user orchestration Start and stop time

Which of the following orchestration attributes are typically configured? (Select two.)

net.ipv4.conf.default.accept_source_route = 0

Which of the following parameters would you enter in your /etc/sysctl.conf file to not accept source routing?

IPTables firewalld Uncomplicated Firewall (UFW)

Which of the following popular Linux firewalls are based on Netfilter? (Select three.)

TLS

Which of the following protocols ensures that messages being transmitted on the internet are private and tamper-proof, uses TCP, and allows for quick auto-configuration of hosts that are attempting to connect?

Uncomplicated Firewall

Which of the following provides a user-friendly framework for managing the Netfilter firewall?

DTLS

Which of the following provides security for datagram-based applications by allowing them a communication method designed to prevent eavesdropping, tampering, and message forgery?

Containers in a Kubernetes pod that perform a task on behalf of other containers

Which of the following provides the BEST definition of a sidecar in a Kubernetes pod?

ssh_host_key.pub

Which of the following public keys is sent from the SSH server to the SSH client when they are in the process of establishing a session with the SSH1 protocol?

sar -P ALL

Which of the following sar commands can you use to view statistics for each processor and global statistics for all processors?

#!/bin/bash

Which of the following shell declarations should you enter on the first line of a script for a system that uses the Bash shell?

Servers Printers

Which of the following should normally be assigned a static IP address on a network?

It lets you overly a virtual network on another virtual network. It makes a network more complex and decreases network performance.

Which of the following statements are TRUE about an overlay network? (Select two.)

You can connect each NIC to a separate virtual switch or multiple NICs to a single virtual switch.

Which of the following statements is TRUE about using multi-homed NICs?

myscript receives input (stdin) from mydata.txt.

Which of the following statements is true about the command myscript < mydata.txt?

-p

Which of the following sysctl parameters would you use to load sysctl settings from the /etc/sysctl.conf file?

-w

Which of the following sysctrl command switches lets you permanently write a change to the kernel parameter at runtime?

Public key infrastructure (PKI)

Which of the following technologies can you use to set up passwordless SSH logins by distributing a server SSH certificate?

NetworkManager

Which of the following tools has commonly replaced ifcfg-type in most modern Linux distributions?

Blob

Which of the following types of cloud storage is managed from a dashboard or webpage?

ip route show route

Which of the following utilities could you use to view the routing table? (Select two.)

SSL/TLS

Which of the following virtual private networks (VPNs) utilizes digital certificates to ensure that only the intended recipients can view and use the data sent?

orchestration

Which of the following would you use to automate configuration, coordination, and management of your computer systems and software?

default gateway

Which routing component is used to forward packets to remote networks?

ssh -X

Which ssh option should you enter at the command prompt to set up an SSH tunnel for X server traffic?

Taking the storage device offline for a period of time.

While working on a storage device access problem on your company network, you have already created a hypothesis and are ready to create an action plan. Which of the following might be part of that action plan?

declare -i variablename

While writing a shell script, you want to perform some arithmetic operations. Which of the following commands is used to create an integer variable?

Limits the number of maximum logins from the guest group to three.

Within the /etc/security/limits.conf file, you notice the following entry: @guests hard maxlogins 3 What effect does this line have on your Linux system?

setenforce

You are a network administrator for your company. A user calls to complain that their Firefox browser is not working as it did the day before. Knowing that you recently updated the SELinux profile for Firefox, you suspect the change you made is causing the issue. You want to troubleshoot the issue by switching the profile to permissive mode. Which of the following is the BEST command to use in this situation?

TCP

You are an application developer. You are writing a program to exchange video files through a TCP/IP network. You need to select a transport protocol that will guarantee delivery. Which TCP/IP protocol would you implement to provide this capability?

The DNS server is down or not reachable.

You are asked to troubleshoot a problem on an employee's computer. When the employee types the name of any website they receive a message stating, "The page cannot be displayed." You determine that nothing has changed on the computer. What is the MOST likely problem?

Run traceroute on the IP address of the computer on the internet.

You are attempting to ping another computer on the internet by its IP address, but you are not getting a response. You do get a response when you ping a host on your own network. Which of the following options would help you better determine where the problem is?

110 25

You are configuring a network firewall to allow SMTP outbound email traffic and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall? (Select two.)

ssh-keygen

You are configuring public key authentication on your client system. What command creates a key on the client to use when authenticating to a server?

ssh-agent bash

You are configuring public key authentication on your client system. What command enables the passphrase agent?

255.255.0.0

You are configuring the IP address for a host. You have been asked to use the address 192.160.99.110/16. Which subnet mask value would you use?

su -c "cat /etc/inittab" -l

You are currently logged in using the badams account. You want to view the contents of the /etc/inittab file, but you are not allowed to with the badams account. Which command could you use to view the file?

rss

You are limiting the total amount of memory a user can take up when they use the X Windows System. Which of the following limit keywords should you use?

snapd

You are looking for a utility to manage snaps in your Linux sandboxed environment. From the drop-down list, select the utility or service that would BEST meet your needs.

Kubernetes

You are looking for an orchestration engine for your network containers that allows you to do the following: Monitor the health of containers with a notification in the case that they are not running properly. Manage updates, including rolling back updates if necessary. Which of the following gives you the ability to perform these tasks?

aa-unconfined --paranoid

You are running AppArmor on your system. Which of the following commands will show all processes from the /proc filesystem with TCP or UDP ports that are not protected by AppArmor profiles?

192.168.0.34 ENERGY7 #Reception Area

You are the administrator for a small network of Linux hosts. Your network does not communicate with the internet and does not use DNS. When you add a new host named ENERGY7 to the network, which entry should be added to the /etc/hosts files?

You are the only Linux administrator for a very small company. You are constantly asked to fix one problem or another as they occur. Which of the following is the BEST way to log into the system each morning?

Enter the IP addresses and hostnames for all of the lab computers in the /etc/hosts file on each of the machines in the lab.

You are the system administrator of a test lab that uses the Linux operating system. For security reasons, your lab is not connected to the corporate network, and you are not able to resolve hostnames via the corporate DNS server. You want to be able to connect to the lab computers using hostnames, but you do not have the resources to bring up your own DNS server. Which of the following solutions would satisfy your requirements?

netstat -r

You are troubleshooting a connectivity problem on a Linux server. You are able to connect to another system on the local network, but you are not able to connect to a server on a remote network. You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?

Identify the affected area Recreate the problem.

You are troubleshooting a network connection issue for an employee in your company. You are completing step 1 in the troubleshooting process and have already asked the employee to describe the issue and checked for error messages. What else should you do to identify the symptoms and potentials causes of the problem? (Select two.)

nmtui

You are using a tool on your Linux server to change the IPv4 address for a network card. The tool interface looks like the graphic image below. What tool are you using to change the IP address?

MaxLevelStore 5

You are using the journald daemon for logging your system messages. You want to store notice messages but not info or debug messages. Which of the following parameters would you set in the journald.conf file?

journalctl -u firewalld

You are using the journald daemon for logging your system messages. You want to view all messages in the journal related to the Linux firewall. Which of the following commands could you use to view the firewall information?

printenv set

You are working with a bash script, and there are multiple variables being used. Which of the following commands can be used to determine which commands are environment variables and which are shell variables? (Select two.)

cat projects 2> projects.err

You are writing a bash script that lists the contents of a file. You would like to have any stderr messages sent to a file. Which of the following commands will write the error message to a projects.err file?

You modify the /etc/ssh/sshd_config file to include the gateway entry at the end of the file. You modify the /etc/ssh/sshd_config file to include the gateway entry at the end of the file.

You can redirect the console using a local or a remote SSH connection. Which of the following are characteristics of configuring and accessing remote port forwarding? (Select two.)

1.To establish the connection, you enter ssh -L port:hostname:port localhost in a terminal window on your client. 2.You enter your password to authenticate to your machine.

You can redirect the console using a local or remote SSH connection. Which of the following are characteristics of configuring and accessing local port forwarding? (Select two.)

system real user

You can use the time command to determine how long a given command takes to run. The output of the time command displays three values. Which of the following are the time values displayed by the time command? (Select three.)

122.255.255.255

You check the IP address on a host on the network. The address is 122.16.155.71 with a mask of 255.0.0.0. What is the broadcast address?

DHCP

You have a TCP/IP network with 50 hosts. There have been inconsistent communication problems between hosts. You run a protocol analyzer and discover that two hosts are assigned the same IP address. Which protocol can you implement on your network to help prevent problems such as this?

Create and distribute a container with the applications to employees.

You have a company-developed application that is older and runs on an operating system version that is no longer supported by the company. However, the application is still a valuable tool to many company employees. Which of the following is the BEST solution to provide employees with a working copy of the application?

192.168.12.253 172.18.188.67 10.0.12.15

You have a computer that is connected to the internet through a NAT router. You want to use a private addressing scheme for your computer. Which of the following IP addresses could you assign to the computer? (Select three.)

abrt-cli list

You have been experiencing several crashes on your Linux server over the past two days and want to use the ABRT utility to view information about all the crashes. Which of the following ABRT commands would give you the information you need?

echo ${breakfast:11}

You have created a breakfast variable with a value of "yogurt and granola." What command would you enter to only display "granola" from the shell command prompt?

You have created the following Bash script: #!/bin/bash declare -i num1 declare -i num2 declare -i total num1=10 num2=2 total=num1-num2 echo $total exit 0 What will be displayed on the screen after running the script?

echo "Life elevated - $statearray[2]"

You have created the following array in the statearray variable: declare -a statearray=(Nevada Utah California Arizona Texas) Which of the following commands will display the phrase Life elevated - Utah?

Pooling of multiple operating systems on the same physical hardware.

You have decided to virtualize several of your existing Linux hardware servers. Which of the following is a MAJOR benefit you can expect from virtualization?

gdm-session-wor

You have entered the cat /var/log/audit/audit.log | grep type=AVC command as the root user to view any AVC errors (SELinux errors) listed in the audit.log file. The following error is displayed: type=AVC msg=audit (1543359698.852:262): avc: denied { create } for pid=5136 comm="gdm-session-wor" name="gdm" scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tcontext=system_u:object_r:admin_home_t:s0 tclass=dir What is the command issued that was denied by an SELinux policy?

@{HOMEDIRS}=/home/ /hr/home/

You have installed and are using AppArmor to protect your Linux systems from untrusted or insecure processes. Your AppArmor home tunable file lists /home as the only directory permitted for all user's home directories. However, Human Resources employees use an /hr/home directory path for their user directories. What entry do you need in the home tunable file to include the /hr/home directory path?

sealert -a /var/log/audit/audit.log

You have installed the semanage tool on your Linux server and want to use it to analyze the audit.log file for any SELinux errors. What would you enter at a command prompt to run the tool and analyze the audit.log file?

/var/log/messages

You have just received an error message on your Linux server console, but you were not able to read all of it before it disappeared from the screen. Which of the following log files would store a copy of the error message?

aa-disable /etc/apparmor.d/usr.bin.firefox

You have just started protecting your computer while running Firefox using AppArmor. After a short time, employees complain that some of the features they use frequently are no longer functioning. After a quick check, you discover that these features should be working and decide not to protect Firefox anymore. Which of the following is the BEST command to quickly stop protecting Firefox?

sudo ABCD

You have logged in as a regular user when a frantic phone call comes in. The ABCD process must be started on the server now but can only be run by root. Which command would you use to start this process?

route del default gw 201.12.3.4

You have replaced the default gateway on your network. The gateway had used the IP address 201.12.3.4, and you must remove it from the routing table. What command would you use to accomplish this task?

Routed

You have several virtual machines located in a DMZ, and want the host machine to act as a gateway. The virtual machines will be configured with IP addresses in a different subnet than the external network. Which of the following Linux bridge modes should you be using?

Isolated

You have several virtual machines that you want disconnected from the external network and from the host computer in order to test the performance of a new system with no external distractions. Which of the following Linux bridge modes should you be using?

Exit

You have used su to switch to the root user account to perform some system administration tasks. Now you want to change back to your regular user account. Which command should you use?

You need to block all users from logging in to the Linux system while you resolve a serious issue. You first need to force all active users to log out. Which command should you enter to display a list of all active users?

ssh -l blake abc.def.com

You need to connect to a remote system whosehostnamee is abc.def.com and execute a shell script called daily-backup.sh that backs up some files. The username that has permissions to execute that script is blake. Which command should you run to make the connection?

/etc/sudoers

You need to edit the commands that are allowed to be used with the sudo command. What is the full path and filename of the file you should edit?

nmap

You need to increase the security of your Linux system by finding and closing open ports. Which of the following commands should you use to locate open ports?

ifconfig enp2s0 192.168.15.2 netmask 255.255.255.0 ip addr add 192.168.15.2/24 dev enp2s0

You need to set an IP address for enp2s0 to 192.168.15.2 with a subnet mask of 255.255.255.0. Which commands are correct? (Select two.)

ifconfig enp2s0 192.168.1.50

You need to temporarily change the IP address of the network interface (enp2s0) to 192.168.1.50. The network interface's IP address is currently set to 10.0.1.50. Which of the following commands would achieve the desired result?

The /etc/hosts file takes precedence over the information obtained from a DNS server when resolving domain names.

You open the /etc/nsswitch.conf file and see the following line: hosts: files dns What is the result of this configuration?

SaaS

You run a small home business and would like to store your files, run applications, and allow customers to run applications from the cloud. You are familiar with running a variety of applications but not experienced in developing apps. Which cloud service model would work BEST for your home business?

%managers ALL = sudoedit /etc/hosts.allow

You want to add a line to the sudoers file that limits users in the managers group to editing the /etc/hosts.allow file. Which of the following would you enter in the sudoers file to meet your requirements?

port 1066

You want to change the port that SSH listens on. You are going to edit the /etc/ssh/sshd_config file. Which line, when added to the file, will change the listening port to 1066?

declare -x marketing=TestOut

You want to create a variable called marketing that has a value of TestOut. You want this variable to be available each time a new shell environment is spawned as a process. Which of the following commands will meet your requirements?

Targeted policy

You want to create an SELinux policy for a specific process and run that process in a confined domain. What is the SELinux policy type you need to create?

PubkeyAuthentication yes

You want to enable public key authentication on the server. What option in the /etc/ssh/sshd_config file needs to be set?

Disable Ctrl+Alt+Delete

You want to ensure that anyone with physical access to the keyboard is prevented from rebooting the server without having to log on. You also want to prevent accidental reboots. What can you do to solve this issue?

/etc/apparmor.d/tunables

You want to fine-tune how AppArmor functions without having to adjust your profiles. What directory stores text-based files that you can use to fine-tune AppArmor?

dmidecode

You want to generate a report that includes a description of each of the hardware components on your Linux server, as well as serial numbers and BIOS revisions. Which of the following utilities or commands can provide this information in a human-readable format?

weekly rotate 4 maxage 240

You want to remove every rotated log older than 240 days. At the same time, you want to rotate the log file every week and ensure that there are no more than four archives. Which of the following logrotate commands would you use in a script to meet these requirements?

complain

You want to test an AppArmor profile to see if any errors occur to help fine-tune the profile. What AppArmor mode should you use for testing the profile?

nmcli -p

You want to use the nmcli command to display information about your Linux servers from NetworkManager. You would like to view the information in an easily-readable format. Which of the following commands would meet your requirement?

setsebool

You were recently asked to manage the SELinux implementation at your company. Since you are still coming up to speed on this technology, you have not yet mastered the process of creating or making major changes to SELinux policies. However, an employee has just called you complaining that they aren't able to accomplish a task with a particular application. After scanning through the SELinux policy for that application, you notice that there is a method that can be used to enable the desired function. Which of the following is the BEST command for enabling that feature without editing the policy?

IaaS

You were recently hired by a small start-up company. The company is in a small office and has several remote employees. You have been asked to find a business service that would accommodate the current size of the company but would also be able to scale as the company grows. The service needs to provide adequate storage as well as additional computing power. Which cloud service model would work BEST for your company?

LUKS disk encryption

You work for a growing small business where the executives are traveling and working remotely. Which of the following would offer the BEST protection for sensitive data on their laptops?

chroot jail SSH

You would like to make it harder for malicious users to gain access to sensitive information. Which of the following techniques can be used to remap the root directory to include only certain directories and files?

AllowTCPForwarding

You would like to use SSH port tunneling to work on a remote system. You also need to ensure that all data that you send to the remote system is encrypted. Which SSH configuration option, in the /etc/ssh/sshd_config file, needs to be set to yes?

Enter the IP addresses of the new DNS servers into the /etc/resolv.conf file.

Your ISP has changed the IP addresses of their DNS servers. What would you need to do on your Linux system to be still able to continue resolving host and fully qualified domain names if you use statically assigned IP address information?

uReports

Your Linux server has just crashed, and you want to use ABRT to generate a report that identifies the operating system and versions of RPM packages running when the system crashed. You don't want any private information included in the report. Which of the following ABRT components can you use to generate this report?

Thin provisioning

Your company is deploying ten new virtual machines. You have planned the disk space for anticipated future growth. However, the hypervisor currently doesn't have enough disk space for all the disks that need to be allocated. You have placed an order for additional storage to be added to the hypervisor. You must have all ten servers operational before your order arrives. You determine that overbooking the storage space will work in the short term. Which of the following storage provisioning options should be selected?

aa-complain

Your computer is using AppArmor. Which of the following commands is BEST to use for troubleshooting an AppArmor profile?

What should you enter at the command prompt to scan for open TCP ports on your Linux system?

Linux Pro Exam 3

Set pelajaran terkait

BUS 101 Test 2

Chapter 5 Quiz Notes

finance chapter 1 hw

Period 4

College Psychology Exam #1

PSCI Exam 4

Bible Test Module 4

Public Speaking Quiz 1 - Rutgers 2019

Mod 13 (Section I): Lesson 1

Antho Questions Choice

Focus on Maternity Exam

Pre Cal Unit 9

Review Exercise #6 (Water Rights)

exam 2 Geol 4L

Chapter 8: Adolescents, Young Adults, and Adults

Science - Physics + Astronomy

Nurs 3100 Iclicker Exam 1

MNG401 Final Study Guide

Pharmacy tech test chapter 4

EMT Final Exam