Self Test

1. 

Which of the following Apache directives give you the base directory for configuration and log files?

1. ServerRoot

2. DocumentRoot

3. Options

4. UserDir

2. 

How would you configure a virtual host as a secure server?

1. Set up password protection on the DocumentRoot.

2. Configure security in /etc/httpd/conf/httpd.conf.

3. Create a Virtual Host container in /etc/httpd/conf.d/ssl.conf.

4. Add the contents of the ssl.conf file to the httpd.conf configuration file.

3. 

Once you've modified httpd.conf, which of the following commands should you use to reread this file?

1. service httpd restart

2. service apache reload

3. apachectl reload

4. apachectl restart

4. 

Which of the following commands creates a password file and configures a password for user elizabeth?

1. .htpasswd elizabeth

2. htpasswd -c /etc/httpd/passwords elizabeth

3. passwd elizabeth

4. service htpasswd elizabeth /etc/httpd/passwords

1. 

þ A is correct. The ServerRoot directive sets the default directory for the Apache server. Any files and directories not otherwise configured-or configured as a relative directory-are set relative to ServerRoot.
ý B, C, and D are incorrect. The DocumentRoot is the root directory for each Web site. The Options directive is used to set exceptions to document permissions. The UserDir directive supports access to Web sites from users' home directories.

2. 

þ C is correct. The Red Hat Apache configuration supports the creation of secure servers in /etc/httpd/conf.d/ssl.conf. You can configure virtual hosts for your secure Web site in the same way as you can in /etc/httpd/conf/httpd.conf.
ý A, B, and D are incorrect. Password protection on a Web site is unrelated to a secure Web site using the HTTPS protocol. While you can configure a secure Web site in httpd.conf, the configuration file designed for this purpose is ssl.conf. For the same reason, you should not add the contents of ssl.conf to httpd.conf.

3. 

þ D is correct. The apachectl command is the preferred method to control the Apache service.
ý A, B, and C are incorrect. While the service command is generally used to control Linux services, it does not control Apache gracefully. The name of the Apache service is httpd. And there is no apachectl reload command.

4. 

þ B is correct. The htpasswd command sets up passwords. The -c switch is required to create a new file to store passwords.
ý A, C, and D are incorrect. The .htpasswd file is not a command. The passwd command isn't used for Web server usernames or passwords. The service command has nothing to do with passwords.

5. 

Which of the following commands in the squid.conf file is used to point to the network IP address served by Squid?

1. visible_hostname

2. http_access allow

3. acl

4. squid -z

6. 

Which of the following commands should you use before starting Squid for the first time? This command configures the Squid cache directories.

1. visible_hostname

2. http_access allow

3. acl

4. squid -z

5. 

þ C is correct. The acl command in squid.conf can be used to specify the network to be served by Squid.ý A, B, and D are incorrect. The visible_hostname command is used to identify the local computer. The http_access command can be used to actually configure Squid for the network of your choice. The squid -z command sets up the directories for the Squid cache.

6. 

þ D. See answer 5 for the reasons.
ý A, B, and C are incorrect. See answer 5 for the explanation.

7. 

Which of the following commands should you disable if you don't want users logging into their accounts through the vsFTP server?

1. local_enable = yes

2. anonymous_enable = yes

3. nopriv_user = ftpsecure

4. chroot_local_user = yes

8. 

Which of the following commands should you enable if you want to keep regular users from getting to the top-level root directory (/) on your computer?

1. local_enable = yes

2. anonymous_enable = yes

3. nopriv_user = ftpsecure

4. chroot_local_user = yes

7. 

þ A is correct. The local_enable command allows local users to log in remotely to their home directories. Disabling this command disables this functionality.
ý B, C, and D are incorrect. The anonymous_enable = yes command supports access by the anonymous user. The nopriv_user = ftpsecure command is already disabled in the default version of vsftpd.conf; it defines an unprivileged user. The chroot_local_user = yes command does not keep users with local accounts from logging in, it just keeps them from accessing the root directory of your computer.

8. 

þ D is correct. See answer 7 for the reasons.
ý A, B, and C are incorrect. See answer 7 for the explanation.

9. 

Which of the following directives would you disable in /etc/mail/sendmail.mc to allow your sendmail server to serve more than just the local computer?

1. FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl

2. FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl

3. LOCAL_DOMAIN(`localhost.localdomain')dnl

4. DAEMON_OPTIONS(`port=smtp,Addr=127.0.0.1, Name=MTA')dnl

10. 

Which of the following commands should you add to /etc/mail/access if you want to set up service to the 10.11.12.0 network?

1. 10.11.12.0/24                         RELAY

2. 10.11.12                                 RELAY

3. 10.11.12.                                RELAY

4. 10.11.12.0/255.255.255.0      RELAY

9. 

þ D is correct. The DAEMON_OPTIONS directive in the default sendmail.mc file prevents access to anything but the local computer.
ý A, B, and C are incorrect. Answers A and B refer to database files which allow you to configure access to other computers, therefore you should not disable these commands. Answer C just identifies the domain name of the local computer.

10. 

þ B is correct. This is the required format in the /etc/mail/access configuration file.
ý A, C, and D are incorrect. These options do not conform to the required format in /etc/mail/access.