LPIC 202-450
When using iptables, what policy setting allows the communication and places an entry in the log file?
LOG
When using apache, what command do you need to enter into the configuration file so that the system responds to the IP address 10.1.1.1?
Listen 10.1.1.1
What do need to enter into the apache configuration file in order to have the server listen on the https port?
Listen 443
When using iptables, what table is used to apply changes to the features of the packets?
MANGLE
When using iptables, what policy setting changes the packet so that it appears as though it is coming from the sending interface?
MASQUERADE
What Courier configuration setting determines how many remote clients can connect at the same time?
MAXDAEMONS
What is it called that allows an email to be kept in a format that can be viewed with either GUI or CLI?
MIME
What is an open source Network Vulnerability Test (NST) tool that you can install and use?
OpenVAS
When using iptables, what chain handles all packets heading for a remote system that have already been processed?
POSTROUTING
When using iptables, what chain handles all packet handling before the routing process starts?
PREROUTING
When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to allow authentication using text passwords?
PasswordAuthentication
When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to allow the root user to login?
PermitRootLogin
What alternative to BIND provides a robust modular system with a SQL backend?
PowerDNS
What is a special Procmail recipe condition that reverses the condition being asked for (NOT)?
!
What is the special Procmail recipe action condition that forwards a message to a following address?
!
When creating a new zone database file in BIND, what directive might you place in the file to add an include statement?
$INCLUDE
When creating a new zone database file in BIND, what directive might you place in the file so that it assumes a domain name is associated with all records?
$ORIGIN
When creating a new zone database file in BIND, what directive might you place in the file so that all records have a default TTL?
$TTL
When using Samba logging, what variable is used to create a different log file for each session?
%m
When using iptables, what switch can you use to specify a particular destination port?
--dport
When using iptables, what switch can you use to show the index number of the rules you are listing?
--list-numbers
When using iptables, what switch can you use to specify a particular source port?
--sport
When using iptables, what switch do you use to add a new rule to a chain?
-A
When using nmap, what switch can you use to fingerprint the operating system version?
-A
When using the Pure-FTPd program, it uses command line arguments to dictate the services settings. What short setting is used to daemonize the program?
-B
When using LDAP client tools, what switch do you use to specify a username by DN?
-D
When using iptables, what switch do you use to delete a rule from a chain?
-D
When using the Pure-FTPd program, it uses command line arguments to dictate the services settings. What short setting is used to deny anonymous access?
-E
When using iptables, what switch do you use remove all the rules from a chain or table?
-F
When using LDAP client tools, what switch do you use to specify a host by URI?
-H
When using iptables, what switch do you use to list the items in a table or chain?
-L
When using the ldapsearch client tool, what switch do you use to specify that the output be presented in LDIF format without the comments or version showing?
-LLL
When using ip tables, what switch can you use to list the rules of a specific chain in detail?
-S
When using ldappasswd, what switch do you use to specify a user and then be prompted for a new password?
-S
When using LDAP client tools, what switch do you use to specify prompt for password?
-W
When using iptables, what switch can you use to specify a destination address?
-a
When using LDAP client tools, what switch do you use to specify a base DN for test.com?
-b dc=test,dc=com
When using the LDAP client to import an LDIF file, what switch do you use to specify the file name and path?
-f
When using LDAP client tools, what switch do you use to specify a hostname?
-h
When using iptables, what switch can you use to specify an input interface?
-i
When using iptables, what switch can you use to specify a target that you wish to apply to a rule?
-j
When using netcat, what switch do you use to make the server side?
-l
What switch would you enter to the dnssec-keygen command to specify that you want to generate DNSSEC key?
-n ZONE
When using iptables, what switch can you use to specify an output interface?
-o
When using iptables, what switch can you use to specify a particular protocol like TCP, UDP or ICMP?
-p
When using nmap, what switch can you use to specify a port range?
-p
When using dhclient, what switch do you use to renew your IP address?
-r
When using iptables, what switch can you use to specify a source address?
-s
When using nmap, what switch can you use to scan TCP ports?
-sT
When using nmap, what switch can you use to scan UDP ports?
-sU
When using iptables, what switch can you use to specify a particular table?
-t
What switch would you use with exportfs to unmount a temporary export?
-u
When using slaptest to validate a slapd.conf file, what switch do you use to indicate a dry-run?
-u
What switch would you use with exportfs to display detailed information about the current client exports?
-v
When using LDAP client tools, what switch do you use to specify the password in clear text?
-w
When using LDAP client tools, what switch do you use to specify simple authentication?
-x
When using the ssh client, what switch do you need to use to enable X11 forwarding?
-x
When using netcat, what switches can you use to perform a portscan?
-zv
When using apache, what file do you place in the Document Root to decentralize authentication parameters?
.htaccess
When using fail2ban, what is the file extension that they recommend you use in the /etc/fail2ban directory to make any changes to the file?
.local
When using Samba, what would you enter into an fstab file to mount an smb share //1.1.1.1/share to /mnt/local using credentials from the file /etc/samba/pass.txt and UID 201?
//1.1.1.1/share /mnt/local cifs credentials=/etc/samba/pass.txt,noperm,uid=201 0 0
What file and path do you edit to create email aliases?
/etc/aliases
When using Debian apache, what is the default path and file to the primary configuration file for apache?
/etc/apache2/apache2.conf
When using Debian apache, what is the file and path to the ssl configuration file?
/etc/apache2/mods-available/ssl.conf
When using Debian where would you symbolically link an available module that you want to make active in apache?
/etc/apache2/mods-enabled/
When using Debian apache, what folder contains symbolic links to the individual sites?
/etc/apache2/sites-available/
What would the correct name and file path be for a BIND zone named 'myhome' on an Ubuntu system?
/etc/bind/db.myhome
On a Debian system, what is the path and file to the main BIND configuration file?
/etc/bind/named.conf
When using BIND on Ubuntu, what file should you modify to add a new zone directive?
/etc/bind/named.conf.local
Where are the Courier configuration files stored?
/etc/courier/
When using Ubuntu, what file do you need to modify to have a BIND server start in a chroot jail?
/etc/default/bind9
When using Debian, where is the configuration file located to configure a DHCP relay?
/etc/default/isc-dhcp-relay
When using Debian, what file and path do you need to edit to enable an interface for the DHCP server?
/etc/default/isc-dhcp-server
What is the Debian client configuration file for NFS?
/etc/default/nfs-common
What is the Debian server configuration file for NFS?
/etc/default/nfs-kernel-server
When using Debian, what is the main configuration file and path for DHCP?
/etc/dhcp/dhcpd.conf
If you want to used IPv6 with DHCPd, what configuration file do you need to create and modify?
/etc/dhcp/dhcpd6.conf
When using RHEL, what is the main configuration file and path for DHCP?
/etc/dhcpd.conf
Where can you edit the settings for SSL with Dovecot?
/etc/dovecot/conf.d/10-ssl.conf
Where does Dovecot store its configuration file with path?
/etc/dovecot/dovecot.conf
When using NFS, what subdirectory can you use to add additional export files?
/etc/export.d/
When using NFS, what file do you modify to create permanent exports?
/etc/exports
What is the path and configuration file name for fail2ban?
/etc/fail2ban/jail.conf
When using RHEL apache, what is the file and path to the ssl configuration file?
/etc/httpd/conf.d/ssl.conf
When using RHEL apache, what is the location of the module configuration files?
/etc/httpd/conf.modules.d/
When using RHEL, what is the default path and file to the primary configuration file for apache?
/etc/httpd/conf/httpd.conf
When using RHEL apache, what is the location of the actual module files?
/etc/httpd/modules/
When using iptables on Debian, where can you save the IPv4 iptables configuration file in order to have it load automatically on boot?
/etc/iptables/rules.v4
When using iptables on Debian, where can you save the IPv6 iptables configuration file in order to have it load automatically on boot?
/etc/iptables/rules.v6
When using Debian, what is the configuration path and file that is used to configure the actual LDAP service itself?
/etc/ldap/ldap.conf
What is the name and path to the sendmail configuration file?
/etc/mail/sendmail.cf
On a CentOS system, what is the path and file to the main BIND configuration file?
/etc/named.conf
What file and path would you edit on a modern Ubuntu system to add static DNS?
/etc/network/interfaces
When using Nginx, what sub-directory does RHEL keep individual website configuration files in?
/etc/nginx/conf.d/
Where is the primary configuration file located for Nginx on any distribution?
/etc/nginx/nginx.conf
When using Nginx to setup a a reverse proxy, what additional configuration file should you 'include' under the appropriate location block?
/etc/nginx/proxy_params
When using Samba AD integration, what file do you need to modify to have the server use the winbindd daemon?
/etc/nsswitch
When using PAM, what file and path is used to adjust the order of mechanisms used to authenticate?
/etc/nsswitch.conf
When using RHEL, what is the configuration path and file that is used to configure the actual LDAP service itself?
/etc/openldap/ldap.conf
When using OpenVPN, where will you normally find the scripts used to create and sign the public and private keys?
/etc/openvpn/
When using OpenVPN, where will you normally find the generated key files?
/etc/openvpn/keys/
When using OpenVPN, at what path would you generally find the server configuration file?
/etc/openvpn/server.conf
When using PAM what directory is often used to hold configuration information for individual services?
/etc/pam.d/
What Postfix folder holds the Postfix lookup tables?
/etc/postfix/
Where are the Postfix configuration files kept?
/etc/postfix/
What is the main configuration file and path for Postfix that controls mail processing?
/etc/postfix/main.cf
When using procmail, what configuration file (including path) does the administrator need to create to build recipes?
/etc/procmailrc
What is the configuration file and path for ProFTPd?
/etc/proftpd/proftpd.conf
When using pure-ftpd, what is the main configuration file for the service itself?
/etc/pure-ftpd/oure-ftpd.conf
What file and path would you edit on older systems to set a static DNS address?
/etc/resolv.conf
What is the file and path that holds the secret key used by BIND's rndc to access the BIND service?
/etc/rndc.key
When using Samba, what is the path and name of the configuration file?
/etc/samba/smb.conf
When using the PAM module pam_limits, what file should you modify to set the limitations?
/etc/security/limits.conf
What file and path contains a list of all the protocols and ports recognized by Linux?
/etc/services
When using older versions of linux, what file do you use to "setup" the ldap server database for starting?
/etc/slapd.conf
What is the file and path to the configuration file for snort?
/etc/snort/snort.conf
What is the default path and configuration file used by squid on most linux distributions?
/etc/squid/squid.conf
When using an SSH server daemon, what folder holds the encryption certificates?
/etc/ssh/
When using the SSH client, what file and path do you modify to make changes to the configuration?
/etc/ssh/ssh_config
When using the SSH server, what file and path do you modify to make changes to the configuration?
/etc/ssh/sshd_config
Where might you look on a distribution to find the current SSL certificates?
/etc/ssl/
When using PAM, what is the configuration file and path for the sssd service?
/etc/sssd/sssd.conf
When using RHEL, where is the configuration file located to configure a DHCP relay?
/etc/sysconfig/dhcrelay
When using iptables on RHEL, where can you save the iptables configuration file in order to have it load automatically on boot?
/etc/sysconfig/iptables
What is the RHEL client and server configuration file for NFS?
/etc/sysconfig/nfs
What file and path do you place a username in if you want that user to never be allowed access to vsftp?
/etc/vsftpd/ftpusers
What is the path and configuration file for vsftpd?
/etc/vsftpd/vsfptd.conf
By default, what folder holds the mail for user cnelson when using Procmail for the MDA?
/home/cnelson/mail/
When an individual, ted, using procmail wants to build a personal recipe, what configuration file (including path) does he need to create?
/home/ted/.procmailrc
What folder holds the module files used by PAM on a 32-bit system?
/lib/security/
What folder holds the module files used by PAM on a 64-bit system?
/lib64/security/
What file and path in the /proc directory shows the current NFS exports and clients that are using them?
/proc/fs/nfs/exports
What file and path do you need to modify to the number '1' to permit linux to route IP4 packets?
/proc/sys/net/ipv4/ip_forward
What file and path do you need to modify to the number '1' to permit linux to route IP6 packets?
/proc/sys/net/ipv6/conf/all/forwarding
When using the pid directive to store the Nginx current running pid, what is the default location?
/run/nginx.pid
When using NFS, what command would you enter into /etc/exports to create a Read/Write export of /srv/share to the client network 1.1.1.0/24?
/srv/share 1.1.1.*(rw)
What file and path do you place a username in if you want to either allow or deny a group of users with the userlist_deny directive for vsftp?
/tc/vsftp/user_file
After you install bind-9.11.4 on a CentOS system, where would you find the documentation files?
/usr//share/doc/bind-9.11.4/
After you install the BIND documentation on an Ubuntu system, where are the files located?
/usr/share/doc/bind9/
After Samba is installed, what is the path you would look in for extra documentation for version 4.9.1?
/usr/share/doc/samba-4.9.1/
When using Nginx, what is the default document root in RHEL?
/usr/share/nginx/html/
What is the default directory setting for BIND on an Ubuntu system?
/var/cache/bind/
When using DHCPd, what file and path stores the list of issued leases in log format?
/var/lib/dhcp/dhcpd.leases
When using ldap, what folder holds the actual database?
/var/lib/ldap/
What file and path in the /var directory shows the current NFS exports and clients that are using them?
/var/lib/nfs/rmtab
What file do you look in to see the mail log file for postfix on Debian?
/var/log/mail.log
What file do you look in to see the mail log file for postfix on CentOS?
/var/log/maillog
What log file and path does Postfix use to store system messages?
/var/log/maillog
What directory might you check to see if there are any service errors when using NFS?
/var/log/messages
What is the file and directory that BIND uses to log system/service events?
/var/log/messages
When using DHCPd, what file and path contains log information about the general daemon activities?
/var/log/messges
When using Samba, what is the usual location used for log files?
/var/log/samba/
Where are the log files for PAM kept?
/var/log/secure/
In what folder does the squid program keep its log files?
/var/log/squid/
When using Debian apache, where are the access logs stored by default?
/var/logs/apache2/access.log
When using RHEL apache, where are the access logs stored by default?
/var/logs/httpd/access_log
What is the default directory setting for BIND on a CentOS system?
/var/named/
What would the correct name and file path be for a BIND zone named 'myhome' on a CentOS system?
/var/named/named.myhome
By default, what folder holds the mail for user cnelson when using Postfix for the MDA?
/var/spool/mail/cnelson
Where is the postfix mail queue located?
/var/spool/postfix/
When using Nginx, what is the default document root in Ubuntu?
/var/www/html/
When using apache, what is the default Document root directory?
/var/www/html/
When creating a Samba credential file, what should the permission numbers be?
0400
When using an NFS client, what line would you enter into the fstab file to automount /srv/share from the server 1.1.1.2 to the local directory /local/share using NFS version 3 and ensuring that the TCP protocol is used.
1.1.1.2:/srv/share /local/share nfs nfsvers=3,tcp 0 0
What would the reverse lookup zone be called for the network 192.168.1.0/24?
1.168.192.in-addr.arpa
When using FTP in passive mode, what is the minimum port the server will use for FTP Data sessions?
1025
What port is used for NetBIOS sessions?
139
What TCP port does NFSv4 use?
2049
When using FTP what is the command port for the server?
21
What HTTP server response means permanent redirect?
301
What is the default TCP port used by a squid proxy server?
3128
What TCP port does unencrypted LDAP use?
389
What version of NFS adds the Kerberos authentication protocol?
4
What HTTP server response means unauthorized?
403
What HTTP server response means proxy authentication required?
407
What port is used for SMB?
445
What TCP port does TLS encrypted LDAP use?
636
What udp port does DHCP operate on?
67
What is the default port for OpenVAS?
9392
When using apache, what would you enter in the configuration file to start a name based virtual hosting block for 10.1.1.1?
<VirtualHost 10.1.1.1>
When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to specify the Encryption protocol to be used?
Protocol
When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to allow authentication using client keys?
PubKeyAuthentication
What FTP server allows for the feature, virtual chroot and virtual accounts?
Pure-FTPd
When using iptables, what policy setting is used to manipulate the traffic ports etc.?
REDIRECT
When using iptables, what policy setting denies the communication and does send an error?
REJECT
What kind of name server goes and finds the IP information from root servers?
Recursive
What would you enter into an apache configuration file to create a temporary redirect from /apache to http://test.com?
Redirect /apache http://test.com
What directive would you use in an apache configuration file to create a redirect using regex?
RedirectMatch
When using apache, what directive do you use in a directory block to tell it to require authentication?
Require valid-user
What is another name for the DNS client that keeps the local cache?
Resolver
When using SSL with apache, what extension do you need to use if you wish to use name-based virtual hosts?
SNI
When creating a zone database file, what should the first record always be?
SOA
When using apache, what directive would you enter in the ssl.conf file to tell the system what path to look in for CA certificates used for validating client certificates?
SSLCACertificatePath
When using apache, what directive would you enter into the virtual host configuration file to direct the server to the public key?
SSLCertificateFile
When using apache, what directive would you enter into the virtual host configuration file to direct the server to the private key?
SSLCertificateKeyFile
When using SSL with apache, what directive should you use to control what encryption algorithms are excepted?
SSLCipherSuite
When using apache, what directive would you enter into the virtual host configuration file to enabled SSL?
SSLEngine on
When using apache, what ssl directive would you use to specify what versions of SSL or TLS are supported?
SSLProtocol
What SMTP command does a client issue to use TLS?
STARTTLS
What type of name server contains a read-only copy of a zone database?
Secondary
When using apache, what directive do you place in the configuration file to specify the email address of the system administrator?
ServerAdmin
When using apache, what would you enter into the configuration file in the virtual host block so that the virtual host responds to the name www.example.com?
ServerName www.example.com
When using apache, what ssl directive would you use to specify whether or not the server sends a brief footer in its responses?
ServerSignature
When using apache, what ssl directive would you use to specify whether or not the server sends information about its OS in its responses?
ServerTokens
When using MPM in apache, what setting in the configuration file dictates the starting number or processes that are allowed to be spawned?
StartServers
Does BIND use TCP or UDP for messages that exceed 512 bytes?
TCP
When using iptables, what policy setting allows the communication?
ACCEPT
What directive do you add to an apache configuration file to allow the server to interact with other application extensions like .pl?
AddHandler
What security program can you use to control access to vsftp?
TCP wrappers
When using NFS, what security feature do you use to control who can access the RPC services?
TCP wrappers
What part of the Domain Name Space is '.com'?
TLD
What setting do you need to change in the configuration file to allow for anonymous user uploads on pure-ftpd?
AnonymousCantUpload
When using DANE, what kind of resource records aids in the transaction?
TSLA
When using apache, what directive do you use to name the username and password dialog box during the authentication process?
AuthName
When using apache, what directive do you use to enable an authentication method that uses a username and password dialog box during the authentication process?
AuthType basic
When using apache, what directive do you use to specify a location for a basic authentication file?
AuthUserFile
When using apache authentication, you can use groups by creating a file with the following format and linking it via what directive in the apache configuration file? groupname: user1 user2
AuthuserGroup
What is an alternative name for BIND10?
Bundy
When using apache what conditional block would you setup in a configuration file if you only want it to run only in a particular folder?
Directory
When using apache, what would you enter into the configuration file in the virtual host block so that the virtual host looks in the directory /var/www/html/testsite for its default file?
DocumentRoot /var/www/html/testsite
What SMTP command does the client issue to use ESMTP?
EHLO
What ESMTP command reverses the roles of client and server?
ETRN
What setting in the snort configuration file defines the external hosts to monitor?
EXTERNAL_NET
What command do you use in an apache configuration file to specify the error log location?
ErrorLog
When using iptables, what table is used to control what traffic is allowed and denied to a particular thread?
FILTER
When using iptables, what chain handles all packets heading to a remote machine?
FORWARD
What part of the Domain Name Space is 'google'?
First level domain
When configuring an ssh client for X11 forwarding, what directive do you need to enter the 'yes' value in on the client?
ForwardX11
What command does the client send during an HTTP session to retrieve a web page?
GET
What setting in the snort configuration file defines the internal hosts to monitor?
HOME_NET
When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to show the path to the keys used to encrypt traffic?
HostKey
When using iptables, what chain handles all packets heading to the local machine?
INPUT
When using apache what conditional block would you setup in a configuration file if you only want it to run if the variable home is set?
IfDefine home
When using apache what conditional block would you setup in a configuration file if you only want it to run if a module is present?
IfModule
When configuring an ssh Server for X11 forwarding, what directive do you need to enter the 'yes' value in on the server?
X11Forwarding
When using Samba, what would the block name be for a share that was named private?
[private]
When creating an NFS export, what directive should you use to have the system treat all users as anonymous?
all_squash
When editting the DHCP configuration file, what command do you need to enter to enable BOOTP?
allow bootp;
What command should you enter into a BIND configuration file to limit the servers that a slave will except NOTIFY requests from to 10.1.1.1?
allow-notify { 10.1.1.1; };
What BIND configuration option would you use to control what systems can query data?
allow-query
What configuration entry should you place in a BIND zone configuration file to allow a master server to transfer zones to only 1.1.1.1?
allow-transfer { 1.1.1.1; };
What would you enter into a BIND master server configuation file to have a zone transfer use a key named 'mykey'?
allow-transfer { key "mykey"; };
What command should you enter into a BIND configuration file to limit the servers that you will except updates from to none?
allow-update { none; };
When configuring vsftp, what directive would you set to specify that anonymous users can create new directories?
anon_mkdir_write_enable
When configuring vsftpd, what directive needs to be set to change the anonymous root directory to a new location?
anon_root
When configuring vsftp, what directive would you set to specify upload access is possible for anonymous users?
anon_upload_enable
When using vsftp, what directive setting would you change to deny anonymous access?
anonymous_enable
When using Debian, what package would you install to enabled apache?
apache2
When using Debian apache, what package would you install to enabled the apache manual website?
apache2-doc
When using Debian apache, what package to you need installed to use htpasswd?
apache2-utils
When using Debian apache, what command and switch can be entered to see the current MPM type?
apache2ctl -V
When using apache, what command can you use to check the configuration files?
apache2ctl configtest
When using apache, what command can you use to display the server statistics in a verbose fashion?
apache2ctl fullstatus
When using apache, what command can you use to gracefully restart the server?
apache2ctl graceful
In Ubuntu, what command would you run to install Nginx?
apt-get install nginx
When creating an NFS export, what directive should you only use with Read-Only due to its nature to corrupt files?
async
When using LDAP, what component links a name to a data field?
attribute
When using PAM, what 'type' is used to validate usernames and passwords?
auth
When using squid, what directive is used to manage user authentication?
auth_param
When using squid, what directive would you add to the configuration file to enable basic authentication using the program /usr/lib/squid/basic_ncsa_auth and the password file /etc/squid/passwords?
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
What is the name of the BIND service user id on an Ubuntu system?
bind
What two packages would you install for BIND on a CentOS system?
bind bind-utils
What package would you use to on a BIND system running on CentOS to implement a chroot jail?
bind-chroot
What is the BIND service called on an Ubuntu system?
bind9
What two packages would you install for BIND on an Ubuntu system?
bind9 bind9utils
What package do you install on an Ubuntu system to get the BIND documentation?
bind9-doc
What is a simple MDA that is an alternative to procmail?
binmail
What command should you enter into a BIND configuration file to ban the server 10.1.1.1 from making queries?
blackhole { 10.1.1.1; };
When using Samba, what would you put in the smb.conf file to make a share able to be browsed?
browseable = yes
When using OpenVPN, what script will you run to generate the public and private key for the client?
build-key
When using OpenVPN, what script will you run to generate the public and private key for the server?
build-key-server
When using squid, what would you enter into the configuration file to enable disk caching to /var/spool/squid3/ with 100MB, 10 level 1 folders and 200 level two folders and using the ufs file system type?
cache_dir ufs /var/spool/squid3 100 10 200
When using squid, what directive would you enter into the configuration file to use 256MB of memory as cache?
cache_mem 256 MB
What statement do you enter into an LDIF file if you want to update a field that already exists?
changetype: modify
When on a RHEL system, what package might you have to install to have the smbclient utility succesfully authenticate?
cifs-utils
What Postfix helper process checks inbound email headers and places them in the incoming queues?
cleanup
When using a more modern version of linux, what LDAP database holds the configurations for the other LDAP databases?
cn=config
When using PAM, what is the third field in a configuration line?
control
What does the following Procmail recipe do to incoming messages? :0: c messages
copy to messages
What MUA can use an MySQL or LDAP for its database?
courier
What MUA is modular and has different programs installed for IMAP and POP3?
courier
When editting the DHCP configuration file, what global directive do you need to set to change the default lease time to 1000 seconds?
default-lease-time 1000;
When using logging in BIND, what is the default channel used by most systems?
default_debug
When using squid, if your last ACL is an allow statement, what will the implied default be (allow/deny)?
deny
When modifying the fail2ban configuration file, what option specifies the destination email address for alerts?
destemail:
When using RHEL, what package do you install for a DHCP server?
dhcp
When using older Ubuntu systems (pre-12.04), what package did you install to enable a DHCP server?
dhcp3-server
What command can you use to test a DHCPd configuration file for syntax errors?
dhcpd -t -cf
If you want to use the CLI utility to run a DHCP relay server and to point it to the server 1.1.1.1, what command would you run?
dhcrelay 1.1.1.1
What command would you use with the dig command to perform a reverse lookup on 192.168.1.1?
dig -x 192.168.1.1
What BIND option setting specifies the default directory used by the BIND service?
directory
When creating a Sieve script, what action command silently ignores the message?
discard
When using LDAP, what is it called when different parts of the database reside on different LDAP servers?
distributed
What alternative to BIND provides a very secure DNS platform that we used by tinydns and dbndns?
djbdns
When is the abbreviation for the full chain and name of an LDAP object?
dn
When creating an LDIF file, what would the first line of the cn object server1 in the test.com domain be?
dn: cn=server1,dc=test,dc=com
What alternative to BIND provides a lightweight DNS forwarding daemon that also provides TFTP and DHCP?
dnsmasq
When deploying TSIG on a BIND DNS server, what command would you enter to create an HMAC-MD5 128-bit key named 'mykey'?
dnssec-keygen -a HMAC-MD5 -b 128 -r /dev/urandom -n HOST mykey
If you are using DNSSEC without automatic signing, what command can you run to manually sign a zone?
dnssec-signzone
When using Samba, what security mode should you use if you want to join an older NT domain?
domain
What is the main application for controlling dovecot?
doveadm
What command is used to display the current configuration for dovecot?
doveconf
What is it called when Dovecot supports the Sieve programming language for handling incoming settings.
dovecot vacation extension
When using an acl element in squid, what 'acl type' would you use to specifiy a destination domain name?
dstdomain
What command would you enter in the aliases file to forward emails from ed to root?
ed: root
When running CentOS, what package do you need to install prior to installing the nginx package?
epel-release
When using apache, what is generally the default MPM?
event
When using NFS, what is a share called?
export
When using NFS, what command would you use to reload the NFS export settings without restarting the service?
exportfs -r
What command would you use on an NFS server to export the share named /nfsshare to client 1.1.1.1?
exportfs 1.1.1.1:/nfsshare
What program can you use to disable an account that has missed its login consecutive times?
fail2ban
In CentOS, Nginx is automatically enabled and started (true/false)?
false
When using postconf -e to change a Postfix option, the daemon must be restarted in order to activate the changes (true or false).
false
When using IPv6, what does a link local address start with?
fe80
When editting the DHCP configuration file, what BOOTP directive do you need to set for the provided file to be /etc/testfile.img?
file "/etc/testfile.img";
When creating a Sieve script, what action command saves the message into the the specified location?
fileinto
When editting the DHCP configuration file, what directive do you use to assign the IP address 10.1.1.10 to a host?
fixed-address 10.1.1.10;
When configuring vsftp, what directive would you set to specify a specific user account for anonymous ftp?
ftp_username
When using DHCPd, what command must you start a configuration block with if you want to share common options on static host objects?
group
When editting the DHCP configuration file, what directive do you use to assign a fixed address to 11:22:33:44:55:66?
hardware address 11:22:33:44:55:66;
What zone type is used to query the Root Servers with BIND?
hint
What quick command can be used to get a quick resolution for a domain name using the DNS servers that are listed in your /etc/resolv.conf file?
host
When editting the DHCP configuration file, what do you start a clause with for a static host mapping?
host
What using Samba, what global configuration directive would you use to deny the system 1.1.1.1 from access?
host deny = 1.1.1.1
When using ncsa authentication, what command string would you enter to create a new password file at /etc/apache/pass with a new user jsmith?
htpasswd -c /etc/apache/pass cnelson
When using squid, what command would you enter in a terminal to add the user jsmith to a new password file located at /etc/squid/passwords in the basic_ncsa_auth format?
htpasswd -c /etc/squid/passwords cnelson
When using squid, what would you enter into the configuration file to tell the system to use the authentication acl element named TEST on all traffic?
http_access allow TEST
When using squid, what directive would you enter ino the configuration file to control the communication port?
http_port
When using RHEL, what package would you install to enabled apache?
httpd
When using RHEL apache, what command and switch can be entered to see the current MPM type?
httpd -V
When using RHEL apache, what package to you need installed to use htpasswd?
httpd-tools
When using NFSv4, what daemon can be used to map UIDs and GIDs to usernames?
idmapd
What command would you enter on a Linux system to add a second IP address of 10.1.1.1 to eth0?
ifconfig eth0:0 10.1.1.1
What command would you use to include the following file in the BIND configuration: /var/named/extra.config ?
include "/var/named/extra.config";
When using Nginx, what directive line would you enter to set the default webpage looked for to index.htm?
index index.htm;
What LDAP object class is also known as the whitepages?
inetOrgPerson
What command can you use to make modifications to the IPv6 iptables?
ip6tables
When using iptables what command would you enter to add a rule to the INPUT chain stating that any traffic coming from the source IP address of 1.1.1.1 would be rejected?
iptables -A INPUT -s 1.1.1.1 -j REJECT
When using iptables, what would you enter into the command line to make the default policy for the INPUT chain the target REJECT?
iptables -P INPUT REJECT
When using iptables on Debian, what package do you need to install to load the iptables configuration automatically on boot?
iptables-persistent
When using iptables, what command would you use to restore the firewall configuraiton to a file in the current directory named myrules.txt?
iptables-restore < myrules.txt
When using iptables, what command would you use to save the firewall configuraiton to a file in the current directory named myrules.txt?
iptables-save > myrules.txt
When using Debian, what package do you need to install to enable a DHCP relay server?
isc-dhcp-relay
When using Debian, what is the service name for the DHCP server?
isc-dhcp-server
When using Debian, what package do you install for a DHCP server?
isc-dhcp-server
When creating a Sieve script, what action command saves the message into the default file location for the user?
keep
What alternate method can be used to increase the log level of a Samba system by one if its PID is 10?
kill SIGUSR1 10
What alternate method can be used to decrease the log level of a Samba system by one if its PID is 10?
kill SIGUSR2 10
When using an ftp client, what command can you use to change your local ftp directory?
lcd
What is the LDAP service name on an LDAP server?
ldap
When using Debian, what package do you need to install to enable the LDAP client?
ldap-utils
When using the LDAP client, what command can you use to import a LDIF file?
ldapadd
When using the LDAP client, what command do you need to use delete an object?
ldapdelete
When using the LDAP client, what tool can be used to change the settings of an object?
ldapmodify
When using the LDAP client, what tool do you use to change the encrypted password of a user?
ldappasswd
What using an LDAP client, what tool can you use to query ldap information?
ldapsearch
What is an enhance version of the client ftp program for the CLI?
lftp
When using the lftp program, what command would you enter to connect to server 1.1.1.1 with the user jsmith?
lftp -u jsmith 1.1.1.1
When using Debian apache, what package would you need to install to get the perl module?
libapache2-mod-perl
When using Debian apache, what package would you need to install to get the php module?
libapache2-mod-php5
When using Nginx, what directive in the server block dictates what IPs and ports to use?
listen
What BIND configuration option would you use to configure a server so the service listens on port 53 on all interfaces?
listen-on port 53 { any; };
When using vsftp, what directive do you need to have set to allow regular linux users to authenticate to the server?
local_enable
When creating a BIND ACL, what word can be used to represent the local subnets to the server?
localnets
When using Nginx, what directive would you use to adjust settings for a particular folder?
location
When using Samba, what global configuration directive would you use to set the logging to the maximum level?
log level = 10
When using ldap, what directive is used to enable logging?
loglevel
What tool is used to help generate the monolithic sendmail configuration file?
m4 preprocessor
What parameter must you enter into the Postfix configuration file in order to process local deliver with Procmail?
mailbox_command
Which mailbox method is used to store all the emails for a user as individual files in their mail folder?
maildir
What Postfix utility program checks the Postfix mail queue?
mailq
What sendmail emulation command allows you to check on the number of messages in the queue waiting to be delivered?
mailq
What is the name of the main Postfix process?
master
What zone type is used when configuring a primary server with BIND?
master
What is the Postfix configuration file that manages when Postfix processes start and stop?
master.cf
What entry would you put in a BIND zone configuration file on a secondary server to dictate that the zone database files be kept in text format and not binary
masterfile-format text
What configuration entry should you place in a BIND zone configuration file to allow a secondary server to accept transfers from a master server at 1.1.1.1?
masters { 1.1.1.1; };
When using squid, what directive would you enter into the configuration file to control the maximum size of a file in memory?
maximum_object_size_in_memory
Which mailbox method is used to store all the emails for a user in a single file?
mbox
What part of the modular linux email system is responsible for local delivery?
mda
What Dovecot settings specifies the authentication methods that the server supports?
mechanisms
When using the lftp client, what command can you use to download all the files in the current directory that end in .temp?
mget *.temp
When using apache what module needs to be installed if you want to use the client's hostname or IP address to restrict access using the order,allow and deny statements?
mod_access_compat
When using apache what module needs to be installed if you want to use downstream authentication systems?
mod_auth_basic
When using apache what module needs to be installed if you want to use the client's hostname or IP address to restrict access using the require statement?
mod_authz_host
When using RHEL apache, what package would you need to install to get the perl module?
mod_perl
When using apache, what module package do you need to install to support SSL?
mod_ssl
When using a Samba client system, what command would you enter to mount //1.1.1.1/share to /mnt/local using the user jsmith?
mount -o username=jsmith,noperm //1.1.1.1/share /mnt/local
When using an NFS client, what command would you use to mount the NFS export /srv/share from the server IP 1.1.1.2 using NFSv3 to /local/share?
mount -o vers=3 1.1.1.2:/srv/share /local/share
What command can be used to mount client samba shares?
mount.cifs
What mount command should you use to mount an NFS share?
mount.nfs
What is the name of the daemon that handles the NFS client mount requests on the server side?
mountd
What command can you use to show per mount statistics?
mountstats
What module configuraton file is deployed in Debian to enable the prefork MPM?
mpm_preform.conf
What part of the modular linux email system is responsible for sending and receiving emails to and from external systems?
mta
What part of the modular linux email system is responsible for allowing the clients see their messages with either CLI or GUI?
mua
When editing the Postfix main.cf file, what parameter is used to identify domains that will be sent for?
mydestination
What is the BIND service called on a CentOS system?
named
What is the name of the BIND service user id on a CentOS system?
named
What command would you run to check a servers named.conf file for syntax errors?
named-checkconf
What command would you use to verify the syntax of a forward lookup zone for example.com located at /var/named/named.example.com
named-checkzone example.com /var/named/named.example.com
What command can you enter to convert a zonefle from binary to text and back again?
named-compilezone
When using Samba, what command would you use to join as a member server using the administrator account cnelson if you are already pointing to the correct DNS?
net ads join -U cnelson
What command can be used to display open samba shares on the network that is similar to a Windows command?
net status shares
When using Samba, what global configuration directive would you use to specify the NetBIOS name?
netbios name
After adding or changing aliases in the /etc/aliases file, it's important to run what command as root?
newaliases
When editting the DHCP configuration file, what command do you need to enter to specify that the secondary server named mainhost should be used to download the file?
next-server "mainhost";
When using NFS on Debian, what is the package that you install to enable the client?
nfs-common
What is the server service name for NFS on Ubuntu?
nfs-kernel-server
When using NFS on Debian, what is the package that you install to enable the server?
nfs-kernel-server
When using NFS on RHEL, what is the package that you install to enabled the server and client?
nfs-utils
What command can you use to display NFS statistics for IO?
nfsiostat
When using NFS, what command can be used to show both RPC protocol stats and NFS protocol stats?
nfsstat
When using Nginx, what is the default user directive on a RHEL system?
nginx
When using Nginx, what command line tool and switch could you use to test and dump the current configuration of Nginx?
nginx -T
When using Nginx, what command line tool and switch could you use to test the current configuration of Nginx?
nginx -t
When using Nginx, what command line tool and switch could you use to display the current version of Nginx?
nginx -v
What mode is the snort program in if it only reports on detected intrusions?
nids
What daemon in the Samba suite is respondsible for NetBIOS?
nmbd
When using Samba, what command can you use to find systems on the network that are members of the workgroup 'WORK' and also display their names?
nmblookup -S WORK
When using LDAP, what defines the available attributes of an object?
object class
When using Postfix as the MDA, how are the emails concatenated into one file or is there one file per email (one / individual)?
one
When using RHEL, what package do you need to install to enable the LDAP client?
openldap-clients
When using RHEL, what package do you need to install to enable the LDAP server?
openldap-servers
When using Debian, what package do you install to enable the SSH client?
openssh-client
When using RHEL, what package do you install to enable the SSH client?
openssh-clients
When using either Debian or RHEL, what package do you install to enable the OpenSSH server?
openssh-server
What package should you install to generate and manage SSL certificates?
openssl
What package do you need to install to have access to OpenVAS?
openvas-server
If you want to run the initial setup of OpenVAS, what script should you run?
openvas-setup
When using either Debian or RHEL, what package do you need to install to enable OpenVPN?
openvpn
When using OpenVPN with static keys, what command would you run to create an encryption key with the name 'mysecret.key'?
openvpn --genkey --secret mysecret.key
When using OpenVPN, what command would you use to start the VPN server with the configuration file server.conf?
openvpn server.conf
When editting the DHCP configuration file, what global directive do you need to set the broadcast address to 10.1.1.255?
option broadcast-address 10.1.1.255;
When editting the DHCP configuration file, what global directive do you need to set the domain name suffix to home.local?
option domain-name home.local;
When editting the DHCP configuration file, what global directive do you need to set to enable a DNS server of 1.1.1.1?
option domain-name-servers 1.1.1.1;
When editting the DHCP configuration file, what global directive do you need to set the default gateway to 10.1.1.1?
option routers 10.1.1.1;
When using PAM, what 'control' is used only when linked to another service module?
optional
What mode is the snort program in if it dumps information to a log file?
packet logger
What PAM module is used to enforce certain password requirements like length and complexity?
pam_cracklib
What PAM module is used to enforce technical limits on uses like how many files they can have open?
pam_limits
What PAM module is used to map to a file that limits the users or groups it contains?
pam_listfile
What PAM module is used to integrate with AD or LDAP?
pam_sss
What PAM module is used to authenticate against the passwd file?
pam_unix
When using Samba, what global configuration directive would you set to indicate the smb password database should use the default type?
passdb backend = tdbsam
When using Samba AD integration, what password line do you need to add if you want it to check local files then active directory for user IDs?
passwd: compat winbind
When using Samba AD integration, what password line do you need to add if you want it to check active directory first for user IDs?
passwd: files winbind
When using PAM, what 'type' is used to change passwords?
password
When creating a Samba credential file to be used by fstab, what is the format for the password of 123?
password=123
When using Samba, what command would you use to list the users that are current set in the smb password database?
pdbedit -L
When using RHEL apache, what package would you need to install to get the php module?
php
What Postfix helper process waits for messages in the maildrop queue and sends them to the cleanup program?
pickup
When configuring a BIND file, what option do you use to specify where the daemon writes the current PID in clear text?
pid-file
In what section of the configuration file are the Dovecot vacation extension stored?
plugin
When using an acl element in squid, what 'acl type' would you use to specifiy a port used?
port
What Postfix utility program and option is used to interact with the alias database?
postalias
What command can be used to show all the settings currently configured in the Postfix main.cf file?
postconf
Postfix contains a dedicated user account that runs all the services called?
postfix
What Postfix utility program and option is used to stop the Postfix service?
postfix stop
What Postfix utility program is used to create the binary lookup files from the lookup text files?
postmap
When using apache, what type of MPM allows for the PHP pluggin?
prefork
When using Samba, what printers directive would you use to allow the submital of print jobs?
printable = yes
What package would you install to enable the ProFTPd package?
proftpd
When using an acl element in squid, what 'acl type' would you use to specifiy a protocol?
proto
When using Nginx, what directive line would you add to the location block to reverse proxy traffic to http://10.1.1.1/?
proxy_pass http://10.1.1.1/;
When using Samba, what would you put in the smb.conf file to make a share NOT public?
public = no
When using OpenVPN what type of encryption uses certificate keys?
public key
What is an additional package that you can add to snort that includes sample templates?
pulled pork
What package would you use to install pure-ftpd?
pure-ftpd
What Postfix helper process is responsible for central message routing?
qmgr
When you are configuring an IPv6 DHCPd server, what service should you employee if you want to enable Stateless DHCP (or SLAAC)?
radvd
What configuration file do you need to modify to configure the DHCPv6 radvd service?
radvd.conf
When editting the DHCP configuration file, what global directive do you need to set to have a valid IP range of 10.1.1.1-20 provided by DHCP?
range 10.1.1.1 10.1.1.20;
What BIND configuration option would you use to allow a server to be a caching server?
recursion yes
When creating a Sieve script, what action command forwards the message?
redirect
When creating a Sieve script, what action command rejects a message and sends the reason back to the sender?
reject
When editing the Postfix main.cf file, what parameter is used to identify what will be allowed to relay?
relayhost
When configuring an OpenVPN client, what would you enter into the configuration file to point it to the server at 1.1.1.1 on port 1194?
remote 1.1.1.1 1194
When using PAM, what 'control' is used to terminate the service after running through the remaining items when the check is failed?
required
When using PAM, what 'control' is used to terminate the service immediately when the check is failed?
requisite
When using BIND, what command can you use to write all the statistics to the file indicated by the statistics-file setting in the named.conf file?
rndc stats
What command would you issue to the BIND Daemon to receive the status in a nice easy to read format?
rndc status
What command would you run to re-create the rndc key file used to access BIND?
rndc-confgen -r /dev/urandom -a
What is the highest level of the Domain Name Space, often represented by a "."?
root
When creating a Samba credential file, who should the owner be?
root
When using Nginx, what directive line would you enter to set the Document root to /usr/share/nginx/html?
root /usr/share/nginx/html;
When creating an NFS export, what directive should you use to ensure that root users on other systems don't have administrative access to your system?
root_squash
When using a slapd.conf file to configure the LDAP server database, what directive do you use to specify the administrative user?
rootdn
What command do you need to run to see the current routing tables and to add routes to a server?
route
What daemon do you need to install to enable RIP on a linux server?
routed
When using NFSv3, what module is responsible for communicating with with the client machines?
rpcbind
When using NFS, what command and switch can be used to see detailed information about what ports are being used by rpc?
rpcinfo -p
When on a RHEL system, what package would you install to deploy the samba server software?
samba
When on a RHEL system, what package would you install to deploy the samba client software?
samba-client
What program is used to administrate the Samba Active Directory server?
samba-tool
When on a RHEL system, what package would you install to deploy the samba's integration with active directory as a member?
samba-winbind
When using LDAP, what defines the object classes and how they are interrelated?
schema
When using SCP, what command would you enter to copy the file /home/test.txt from the remote server 1.1.1.1 as the user cnelson with the destination folder on the localhost being /home/share/test.txt?
scp [email protected]:/home/test.txt /home/share/test.txt
When configuring an OpenVPN client, what would you enter into the configuration file to tell it to use the secret key at mysecret.key?
secret mysecret.key
When using Samba, what global configuration directive would you use to set the security level to user (the default)?
security = user
What website do you go to in order subscribe to the bugtraq mailing list where they send "full disclosure" information about vulnerbilities and how to exploit them?
securityfocus.com
When modifying the fail2ban configuration file, what option specifies the sending email address for alerts?
sender:
Postfix server comes with what type of emulation layer?
sendmail
What sendmail command is used to run sendmail as a background daemon that will check the mail queue every 5 minutes?
sendmail -bd -q5m
What legacy sendmail command can you type to see the postfix mail queue?
sendmail -bq
When using Nginx, what 'block type' is used to setup how the server responds to requests
server
What would you enter into a BIND secondary server configuation file located at 1.1.1.1 to have a zone transfer use a key named 'mykey'?
server 1.1.1.1 { keys { mykey; }; };
When using Samba, what global configuration directive would you use to create a friendly name for your server?
server string
When editting the DHCP configuration file, what command do you need to enter to specify that the primary server named mainhost should be used to download the file?
server-name "mainhost";
When using Nginx, what directive in the server block is used to set the domain names that virtual host will respond to?
server_name
When using PAM, what 'type' is used to mount directories and perform other staging items?
session
When using Samba, what security mode should you use if you want to have one password for all users?
share
When using DHCPd, what command must you start a configuration block with if you want to share common options on several subnets?
shared-net
When on an NFS client, what command can you use to display the available exports on the server 1.1.1.1?
showmount -e 1.1.1.1
What is a programming language built specifically for email filtering?
sieve
When on an LDAP server, what command is used to directly inject LDIF files into the database?
slapadd
When on an LDAP server, what command is used to export LDIF files from the database?
slapcat
What is the main LDAP process that responds to server requests?
slapd
When using Debian, what package do you need to install to enable the LDAP server?
slapd
When using an LDAP server, what command is used to start and configure the LDAP system through the use of LDIF files?
slapd-config
When on an LDAP server, what command is used to reindex the LDAP database?
slapindex
When using an LDAP server, what command can you use to validate a slapd.conf file?
slaptest
What zone type is used when configuring a secondary server with BIND?
slave
When using multiple LDAP servers, what utility is used to initiate replication?
slurpd
When on a RHEL system, what is the name of the samba service?
smb
When on a Debian system, what package would you install to deploy the samba client software?
smbclient
When using Samba, what command would you use to list the shares available on a server with the IP address 1.1.1.1 using the username jsmith?
smbclient -L //1.1.1.1 -U jsmith
When using Samba printing, what command would you use to send a print job called 'test1.txt' to server 1.1.1.1 and to a printer named 'Print1' as the user jsmith?
smbclient //1.1.1.1/Print1 -U jsmith -c "print test1.txt"
When using Samba, what command would you use to access the share 'awesome' available on a server with the IP address 1.1.1.1 using the username jsmith?
smbclient //1.1.1.1/awesome -U jsmith
When using Samba, what command can you use to reload the smbd daemon configuration?
smbcontrol smbd reload-config
When on a Debian system, what is the name of the samba service?
smbd
When using Samba, what command would you use to add a new user to the Samba password file named jsmith?
smbpasswd -a jsmith
When using Samba, what command can be used to check the active sessions?
smbstatus
When using Samba, what command can be used to check the active sessions with the maximum verbosity?
smbstatus -d 10
What Postfix helper process sends messages to external servers?
smpt
What Postfix helper process receives messages from external servers?
smptd
When configuring Postfix's main.cf configuration file, what option do you use to make TLS use mandatory?
smtpd_tls_security_level = encrypt
When configuring Postfix's main.cf configuration file, what option do you use to enable TLS to be used if desired?
smtpd_tls_security_level = may
What mode is the snort program in if it dumps information to the terminal?
sniffer
If you were creating an 'A' record for a server named svr1 at IP address 1.1.1.1, what would the syntax be?
srv1 IN A 1.1.1.1
What linux utility adds new key passphrases to ssh-agent?
ssh-add
What linux utility holds onto the key passphrase for future logins?
ssh-agent
When using SSH keys on a client, what command would you enter to send the public key with the default location and name to the server at 1.1.1.1 as the user jtest?
ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
When using an SSH client, what command would you enter to generate the private and public keys?
ssh-keygen
When using PAM, what is the daemon name for the service that is used to pass authentication to LDAP or AD?
sssd
When configuring DHCP for IPv6, which configuration mode requires that you only configure the options?
stateless
When using OpenVPN what type of encryption uses a common secret on both sides?
static key
When creating a Sieve script, what control command terminates the script?
stop
When using PAM, what 'control' is used to terminate the service immediately when the check is passed?
sufficient
When using a slapd.conf file to configure the LDAP server database, what directive do you use to specify the base DN?
suffix
When using Samba, what command would you use to test the syntax of the smb.conf file?
testparm
Exim is another option for email services (true / false)?
true
When adding a matching user to a Samba client system, the UID should match the UID on the server (true or false)
true
When using Samba, it will allow printing to all printers added through cups (true/false)
true
When using active FTP, both the client and server initialze sessions to open ports (True/False)?
true
When using PAM, what is the second field in a configuration line?
type
When using Samba, what global configuration directive would you use to automatically synchronize a changed smb password to the linux password?
unix password sync = yes
What command would you enter on a linux system to create a user named cnelson with a UID of 201, create the home directory at the path /home/cnelson
useradd --uid 201 -m -d /home/cnelson cnelson
When there are dissimilar usernames between a Samba client and server, what directive would you use to signify a file that contains a static mapping from server to client?
username map
When using Samba, what share configuration directive would you use to allow only members of the group 'cool' to access the share?
valid users = @cool
When on a Linux system, what package do you install to load the Very Secure FTP program?
vsftpd
When using Samba, what command and switch can you enter to see if the server can correctly query usernames from Active Directory?
wbinfo -u
When on a Debian system, what package would you install to deploy the samba's integration with active directory as a member?
winbind
What value would you place in the sshd_config files option of PermitRootLogin to force only key system access for the root account?
without-password
When using apache, what MPM is designed to be memory effecient through the use of child threads?
worker
When using Samba, what global configuration directive would you use to create a browseable domain name called test?
workgroup = TEST
When configuring vsftp, what directive would you set to specify upload access is possible?
write_enable
When using Samba, what would you put in the smb.conf file to make a share both read and write?
writeable = yes
When using Nginx, what is the default user directive on an Ubuntu system?
www-data
When you are installing squid on a Debian system, is in automatically started and enabled (yes/no)?
yes
In CentOS, what command would you run to install Nginx?
yum install nginx
What is the special Procmail recipe action condition that starts a program?
|
When using SSH keys, what file and path on the server holds the valid keys for access?
~/.ssh/authorized_keys
When generating SSH client keys, what is the default name and path of the private key?
~/.ssh/id_rsa
When generating SSH client keys, what is the default name and path of the public key?
~/.ssh/id_rsa.pub
When using SSH keys, what file and path on the client holds the public signature key for the server?
~/.ssh/known_hosts
When using apache, what ssl directive would you use to specify whether or not the server honors http trace requests?
TraceEnable
What web service can you subscribe to for weekly bulletins and technical alerts?
USCERT
When using apache, what directive do you place in the configuration file to change the user name for the service?
User
When using apache, what directive do you place in the configuration file to utilize individual user directories named public_html in each users home directory?
UserDir public_html
When using apache, what is the abbreviation for the interface that allows apache to interact with other programs like Perl and PHP?
CGI
When using iptables, what chain handles all packets heading from the local machine?
OUTPUT
When using decentralized authentication files in apache, what directive do you need to place in virtual host configuration file to tell the system to look for the independted auth file?
AllowOverride AuthConfig
When configuring the /etc/ssh/sshd_config file on a linux SSH server, what option would you enter to allow specific users?
AllowUsers
When configuing a RHEL DHCP client, what do you add to the network configration file to enable DHCP?
BOOTPROTO=dhcp
What script can you use to create your own CA for generating self-signed SSL certificates?
CA.pl
If you have the CA.pl script available what command would you enter to create your own CA?
CA.pl -newca
If you have the CA.pl script available what command would you enter to sign a certificate?
CA.pl -signreq
What technology is used to help mitigate the risks caused by Certificate Authority compromises?
DANE
When configuring dhcrelay, what entry to you need to set in the configuration file to point the relay to the DHCP server located at 1.1.1.1?
DHCPSERVERS=1.1.1.1
When using iptables, what policy setting denies the communication and doesn't send an error?
DROP
When using MPM in apache, what setting in the configuration file dictates the maximum number or processes that are allowed to bespawned?
MaxRequestWorkers
When using iptables, what table is used to apply changes to the addresses of the packets?
NAT
Although it has been deprecated, what command would you enter into an apache configuration file to specify that the IP address 10.1.1.1 was using name based virtual hosting?
NameVirtualHost 10.1.1.1
When using Debian what command would you enter to disable an enabled apache site file named example.conf?
a2dissite example
When using Debian apache, what command could you use to enable a module called php7.0?
a2enmod php7.0
When using Debian apache what command would you enter to enable an available site file named example.conf?
a2ensite example
What Postfix lookup table file is used to create ACLs for SMTP?
access
When configuring LDAP, what directive is used to configure access permissions of objects?
access
When using squid, what would you enter into the configuration file to create an acl element that is named TEST that requires authentication to proxy traffic?
acl TEST proxy_auth REQUIRED
What command would you use to create BIND ACL named 'test' that allows only the subnet '10.0.0.0/24'?
acl test { 10.0.0.0/24; };
When using Samba, what security mode should you use if you want to join an Active Directory as a member?
ads
What would a snort rule syntax be to alert on icmp traffic going from 192.168.1.0/24 on any port destined for any destination on any port
alert icmp 192.168.1.0/24 any -> any any