Self Test

1. 

You are setting up a Red Hat Enterprise Linux system and are adding several new services. What can you do to make sure your system is more secure from outside attack?

1. Create individual accounts for each service.

2. Pick a really secure password for the root account.

3. Run services under their own accounts, or alternatively, the nobody account.

4. Make sure the system is stored in a secure room.

1. 

þ A and C. You should run network services under their own accounts or the nobody account. If a cracker does find a security hole, the damage will be limited to that service.
ý B and D are incorrect. B is a good idea, but most outside crackers get root account privileges through security holes they find in programs or services. D is always a good idea but does nothing to protect your system from attacks from the outside, such as from the Internet.

2. 

You've just issued the following command: chown nobody.developgrp /home/developer. How would you set the SGID bit on this directory?

1. chmod 2775 /home/developer

2. chgrp 2775 /home/developer

3. chmod 775 /home/developer

4. chmod g+s /home/developer

2. 

þ A and D. Both commands will set the SGID bit. Answer D is sometimes more appropriate, as it does not affect the permissions for the owner or others.
ý B is incorrect, as chgrp does not modify SGID bits, and C is incorrect because it does not include the proper value for the SGID bit (2xyz).

3. 

What are the normal uses of the tmpwatch command script?

1. To monitor the system for break-in attempts

2. To clean up unused user account directories

3. To scan system-wide temporary directories and clean up old temporary files

4. To monitor the /tmp directory for the appearance of certain files

3. 

þ C. The tmpwatch command is usually run periodically by the cron daemon. It recursively searches through temporary directories and removes files that have not been accessed for a fixed amount of time.
ý A, B, and D are incorrect. While tmpwatch does not monitor break-in attempts, you may be able to do this by creating /var/log/tmp using the system logging service (A). While it is a good idea to clean up unused account directories (B), you may not want to delete directories of people who are just on vacation. The tmpwatch command utility (D) does not monitor any directory for the appearance of specific files.

4. 

The junior system administrator at your site has just come to you to report a suspected bad hard drive on the system he was working on. Whenever he tries to boot the system, he gets a kernel panic with a message saying the root partition cannot be found. What is the most likely cause?

1. The hard drive has crashed.

2. The I/O bus is going bad.

3. Intermittent RAM problems are masquerading as disk problems.

4. The junior system administrator was modifying a system configuration file and has managed to configure the system so that it will not boot.

5. 

How can you boot a damaged Linux system in order to perform repairs?

1. Boot from your system's custom boot floppy.

2. Boot into the linux rescue environment.

3. Boot into single-user mode. To do so, add the word single to the end of the kernel command line in GRUB.

4. Boot into runlevel 4.

6. 

You are a consultant and are helping a client who has managed to render his system unbootable. You have booted into rescue mode, but the client doesn't have any documentation on the partition layout on his disk drive. What can you do?

1. Use the fdisk -l command to display the partition table for installed drives.

2. Reinstall Linux.

3. Use the fsck command and look for the superblock.

4. Use the fdisk command in interactive mode.

7. 

You are trying to boot a system and keep receiving a message about a corrupted partition. You manage to boot into rescue mode. From this point, what might you do to fix the problem?

1. Use fdisk and delete the partition, then add it back.

2. Use the fdisk -l command.

3. Run grub-install to rebuild the boot block on the BIOS.

4. Run the command fsck -b 8193.

8. 

Where are some likely places for configuration errors that can prevent your system from booting? (Choose all that apply.)

1. /boot/grub/grub.conf

2. /etc/fstab

3. /etc/passwd

4. /boot

4. 

þ D. In a situation like this, the cause is most likely human error.
ý A, B, and C are incorrect. If you have a kernel panic, then you know that your PC has checked its hardware and run through its initial BIOS checks. Therefore, you know that the hard disk is not bad (A), the I/O bus still works (B), and RAM was detected (C).

5. 

þ A, B, and C are correct procedures to boot a damaged Linux system in order to perform repairs.
ý D is incorrect. By default, Red Hat Enterprise Linux does not use runlevel 4.

6. 

þ A is a good starting point, which will allow you to determine what partitions are available. Alternatively, D will give you some clues as to partition sizes. In addition, you could then try the e2label command; if you're fortunate, you'll see the labels associated with actual mounted partitions such as /boot or /home. One other approach is to just mount each partition, look at the file contents, and deduce what filesystem it represents.
ý B and C are incorrect. Reinstallation is a last resort (B), would take too much time, and isn't allowed on either Red Hat troubleshooting exams. The fsck command might tell you the name of the partition (C), but you may end up waiting a long time.

7. 

þ D. Try running the fsck command with an alternative superblock, such as 8193, 16385, and so on. You can use the dumpe2fs command to help determine the appropriate superblock size.
ý A might fix the problem but would have the unfortunate side effect of deleting all the data on the partition. B would just list the configured partitions, and C does not do anything to fix your existing partitions.

8. 

þ A, B, and D. Any typo in the /boot/grub/grub.conf or /etc/fstab files can make a good system unbootable. Any time you make changes that affect the files in /boot, you should make sure grub.conf reflects these changes.
ý C is incorrect. The /etc/passwd file contains user authentication information and does not affect how Linux boots on your computer.

9. 

When you set up a set of secure RSA keys for Secure Shell access, what should you do?

1. Run ssh-keygen -t dsa1, and then enter a passphrase for your public key.

2. Run ssh-keygen -t rsa, and then enter a passphrase for your private key.

3. Run ssh-keygen -t dsa1, and then enter a passphrase for your private key.

4. Run ssh-keygen -t rsa1, and then enter a passphrase for your private key.

9. 

þ D. RSA keys are configured by the ssh-keygen -t rsa1 command. A passphrase can be used to protect your private key.
ý A, B, and D are incorrect. As of this writing, there are no dsa1 key options for the ssh-keygen command; even if there are, it would work with Digital Signature Algorithm keys (A, C). The rsa option is currently obsolete (D).

10. 

If you already have added PEs to your VG and want to add room to your LV with your /var directory, what command would you use to increase the size of that LV? Assume that you've backed up any essential data from /var, and the volume names stated in the answers are correct.

1. vgextend Volume00 /dev/hdd1

2. lvcreate -L2000M /dev/Volume00/LogVol00

3. lvextend -L2000M /dev/Volume00/LogVol00

4. vgcreate Volume00 /dev/hdc1 /dev/hdd1

10. 

þ C. The lvextend command extends the scope of the LV to the size specified with the -L switch, in this case, 2000MB.
ý A, B, and D are incorrect. The vgextend command adds more PEs from a newly configured partition to a current VG. It may be required before you increase the size of the LV, but does not address the question. The lvcreate command creates a new LV. It does not increase the size of an LV, as stated in the question. The vgcreate command creates a new VG, which is not directly related to the question.