Q1. CORRECT TEXT

There are more then 400 Computers in your Office. You are appointed as a System Administrator.

But you don't have Router. So, you are going to use your One Linux Server as a Router. How will you enable IP packets forward?

Answer and Explanation:

1. /proc is the virtual filesystem, we use /proc to modify the kernel parameters at running time.

# echo "1" >/proc/sys/net/ipv4/ip_forward

2. /etc/sysctl.conf à when System Reboot on next time, /etc/rc.d/rc.sysinit scripts reads the file /etc/sysctl.conf. To enable the IP forwarding on next reboot also you need to set the parameter.

net.ipv4.ip_forward=1

Here 0 means disable, 1 means enable.

Q2. CORRECT TEXT

Create the group named sysadmin.

Answer and Explanation:

1. groupadd sysadmin

groupadd command is used to create the group and all group information is stored in /etc/group file.

Q3. CORRECT TEXT

You want to deny to user1 and user2 users to access files via ftp. Configure to deny these users to access via ftp.

Answer and Explanation:

1. vi /etc/vsftpd/ftpusers

user1

user2

2. service vsftpd start| restart

Using /etc/vsftpd/ftpusers file we can deny to certain users to access files via ftp. As well as there is another file named /etc/vsftpd.user_list can be used to allow or to deny to users.

Q4. CORRECT TEXT

Install the Redhat Linux RHEL 5 through NFS. Where your Server is server1.example.com having IP 172.24.254.254 and shared /var/ftp/pub. The size of the partitions are listed below:

/ à 1048

/home à 1028

/boot à 512

/var à 1028

/usr à 2048

Swap -> 1.5 of RAM Size

/storageà configure the RAID Level 0 of remaining all free space.

After completing the installation through NFS solve the following questions. There are two networks 172.24.0.0/16 and 172.25.0.0/16. As well as there are two domains example.com on 172.24.0.0/16 network and my133t.org on 172.25.0.0/16 network. Your system is based on example.com domain. SELinux should be in enforce mode.

Answer and Explanation:

1. Insert the CD on CD-ROM and start the system.

2. In Boot: Prompt type linux askmethod

3. It will display the language, keyboard selection.

4. It will ask you for the installation method.

5. Select the NFS Image from the list

6. It will ask the IP Address, Net mask, Gateway and Name Server. Select Use

Dynamic IP Configuration: because DHCP Server will be configured in your exam lab.

7. It will ask for the NFS Server Name and Redhat Enterprise Linux Directory.

Specify the NFS Server: 172.24.254.254

Directory: /var/ftp/pub

8. After Connecting to the NFS Server Installation start in GUI. Go up to the partition screen by selecting the different Options.

9. Create the partition According to the Question because Size and what-what partition should you create at installation time is specified in your question

10. Create the two RAID partitions having equal size of remaining all free space.

11. Click on RAID button

12. Type mount point /data

13. Select RAID Level 0

14. Click on ok

15. Then select the MBR Options, time zone and go upto package selections.

It is another Most Important Time of installation. Due to the time limit, you should care about the installation packages. At Exam time you these packages are enough.

X-Window System

GNOME Desktop

(these two packages are generally not required)

Administration Tools.

System Tools

Windows File Server

FTP Servers

Mail Servers

Web Servers

Network Servers

Editors

Text Based Internet

Server Configuration Tools

Base

Printing Supports

When installation will complete, your system will reboot. Jump for another Question.

Q5. CORRECT TEXT

Create the directory /storage and group owner should be the sysusers group.

Answer and Explanation:

1. chgrp sysusers /storage

2. Verify using ls -ld /storage command. You should get like

drwxr-x--- 2 root sysusers 4096 Mar 16 17:59 /storage

chgrp command is used to change the group ownership of particular files or directory.

Another way you can use the chown command.

chown root:sysusers /storage

Q6. CORRECT TEXT

Make Secondary belongs the jackie and curtin users on sysuser group. But david user should not belongs to sysuser group.

Answer and Explanation:

1. usermod -G sysuser jackie

2. usermod -G sysuser curtin

3. Verify by reading /etc/group file

Using usermod command we can make user belongs to different group. There are two types of group one primary and another is secondary. Primary group can be only one but user can belongs to more than one group as secondary.

usermod -g groupname username à To change the primary group of the user

usermod -G groupname username à To make user belongs to secondary group.

Q7. CORRECT TEXT

You are working as a Network Engineer. Due to system processing, you want to limit the number of process to users. If then, configure that user1 and user2 should get one login at a time and all the members of training group can get total 5 logins.

Answer and Explanation:

1. vi /etc/security/limits.conf

user1,user2 - maxlogins 1

@training - maxlogins 5

2. vi /etc/pam.d/system-auth

session required /lib/security/pam_limits.so

To limit the number of process or number of logins, we should configure on /etc/security/limits.conf. First Columns contains the username separated by comma or @group name. Second column either hard or soft limits. Third columns called the item, maxloigns or nproc etc.

To identify the session of users we should call the pam_limits module in /etc/pam.d/system-auth.

Q8. CORRECT TEXT

Eric user should able to write on Document root directory.

Answer and Explanation:

Document directive is used in apache configuration file to specify the directory where all web site related documents are. According to question eric user should able to write into the Document root directory.

Better set the permission using ACL (Access Control List), to apply the permission using acl needs to mount the filesystem with acl options. Example in above answer documentroot is in /var and /var is mounting separate file system so needs to mount the /var file system with acl option.

1. vi /etc/fstab

LABEL=/var /var ext3 defaults 1 1

2. mount -o remount /var

3. setfacl -m u:eric:rwx /var/www/example

4. getfacl /var/www/example

getfacl and setfacl two commands used to maintain the permission through acl. setfacl is used to set the permission on file/directory, getfacl is used to display the permission of file/directory.

Q9. CORRECT TEXT

Configure the DHCP server by matching the following conditions:

Subnet and netmask should be 192.168.0.0 255.255.255.0Gateway Should be 192.168.0.254DNS

Sever Should be 192.168.0.254Domain Name should be example.comRange from 192.168.0.10-50

Answer and Explanation:

1. vi /etc/dhcpd.conf

ddns-update-style none;

option routers 192.168.0.1;

option domain-name "example.com";

option domain-name-servers 192.168.0.254;

default-lease-time 21600;

max-lease-time 43200;

subnet 192.168.0.0 netmask 255.255.255.0

{

range 192.168.0.10 192.168.0.50;

}

/etc/dhcpd.conf file is used to configure the DHCP. Some global options i.e Gateway,

domainname, DNS server specified using option keyword.

2. Check the SELinux Context, should be like this:

-rw-r--r-- root root system_u:object_r:dhcp_etc_t /etc/dhcpd.conf

3. If not use the restorecon -R /etc command to restore the selinux context of the file.

4. service dhcpd start | restart

Q10. CORRECT TEXT

Create the group named sysuser.

Answer and Explanation:

1. groupadd sysuser

groupadd command is used to create the group and all group information is stored in /etc/group file.