EX300 EXAM TRAINING * Configure selinux. - Configure your systems that should be running in Enforcing. * Configure repository. - Create a Repository for your virtual machines. The URI is http://classroom.example.com/content/rhel7.0/x86_64/dvd * SSH configuration. - Configure SSH access on your virtual hosts as follows. - Clients within my22ilt.org should NOT have access to ssh on your systems * Configure port forwarding. - Configure serverX.example.com to forward traffic incoming on port 22/tcp from desktopX.example.com to port on 5243/tcp. * Simple Command. - Create a command called qstat on both serverX and desktopX. - It should able to execute the following command (ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm) - The command shoud be executable by all users. * Configure ipv6 network. - Configure eth0 with a static ipv6 addresses as follows. - Configure a Static IPv6 address in serverX as fddb:fe2a:ab1e::c0a8:64/64. - Configure a Static IPv6 address in desktopX as fddb:fe2a:ab1e::c0a8:02/64. * Link aggregation - Configure serverX system which watches for link changes and selects an active port for data transfers. - serverX should have the address as 192.168.0.10/255.255.255.0. * SMTP Configuration. - Configure the SMTP mail service on serverX and desktopX which only relay mail from local system through classroom.example.com, all outgoing mail have their sender domain as example.com. Ensure that mail should not store locally. - Verify the mail server is working by sending mail to a natasha user. - Check the mail on both serverX and desktopX with the below URL http://station.network0.example.com/serverX http://station.network0.example.com/desktopX * NFS server. - Configure serverX with the following requirements. - Share the /common directory with the example.com domain clients only, share must be writable. - Share the /restricted/protected, enable krb5p security to secure access to the NFS share from URL http://classroom.example.com/pub/keytabs/serverX.keytab The exported directory should have read/write access from all sub-domains of the example.com domain. Ensure the directory /restricted/protected should be owned by the user ldapuserX with read/write permission. * Configure nfs mount. - Mount /common directory on desktopX under /public directory persistently at system boot time. - Mount /restricted/protected with krb5p secured share on desktopX beneath /secure provided with keytab http://classroom.example.com/pub/keytabs/desktopX.keytab * Configure smb access on serverX. - Share the /common directory via SMB: – Your SMB server must be a member of the SMBGROUP workgroup – The share’s name must be common – The common share must be available to example.com domain clients only – The common share must be browseable – susan must have read access to the share, authenticating with the same password password, if necessary - Configure the serverX to share /cloudshare with SMB share name must be OPENGROUP. - The user frankenstein has read/write acces to the /cloudshare SMB share. - The user martin has read access to the /cloudshare SMB share. - Both users should have the SMB passwd "SaniTago". * Mount the smb share. - Mount the samba share /cloudshare permanently beneath /mnt/smbspace on desktopX as a multiuser mount. - the samba share should be mounted with the credentials of frankenstein. * Webserver. - Implement a webserver for the site http://serverX.example.com - Download the webpage from http://classroom.example.com/pub/rhce/rhce.html - rename the downloaded file in to index.html. - copy the file into the document root. - Do not make any modification with the content of the index.html. * secured webserver. - configure the website https://serverX.example.com with TLS - SSLCertificate file http://classroom.example.com/pub/tls/certs/serverX.crt - SSLCertificatekeyfile http://classroom.example.co/pub/tls/private/serverX.key - SSL CA certificate file http://classroom.example.com/pub/example-ca.crt * Secure directory. - Implement website for http://serverX.example.com/owndir – Create a directory named as "owndir" under the document root of webserver. – Download http://classroom.example.com/pub/rhce/restrict.html. – rename the file into index.html. – The content of the restricted should be visible to everyone browsing from your local system but should not be accessible from other location. * Virtual Web Hosting. - Setup a virtual host with an alternate document root.Extend your web to include a virtual for the site http://wwwX.example.com – Set the document root as /var/www/vhosts – Download http://classroom.example.com/pub/rhce/vhost.html – rename it as index.html – place this document root of the virtual host - Note: The other websites configures for your server must still accessible. wwwX.example.com is already provide by the name server on example.com * Dynamic Webpage Configuration. - configure website http://webappX.example.com:8961 on serverX system with the documentroot /var/www/dynamic/ - Site should executes webapp.wsgi. - Page is already provided on http://classroom.example.com/pub/webapp.wsgi - Content of the script should not be modified. * Script1 - create a script called /root/conditional with following details. - When run as /root/conditional postconf, should bring the output as "postroll" - When run as /root/conditional postroll, should bring the output as "postconf" - When run with any other argument or without argument, should bring as "/root/condition postconf|postroll" * Script2 - Create a script called /root/makeusers - When this script is called with the testfile argument, it should add all the users from the file - Download the file from http://classroom.example.com/pub/testfile - All users should have the login shell as /bin/false, password not required. - When this script is called with anyother argument, it should print the message as "Input File Not Found" - When this script is run without any argument, it should display "Usage: /root/makeusers" - NOTE: If the users are added no need to delete. * Configure SCSI storage. - Create a new 3GB iscsi_block target on your systemX.example.com. - The server should export an iscsi disk called iqn.2014-08.com.example:systemX. - This target should only be allowed to clients with an IQN of iqn.2014-08.com.example:desktopX. * ISCSI Initiator - The serverX.example.com provides an iscsi port(3260). connect the disk with desktopX.example.com and configure filesystem with the following requirements. - Create 800MB partition on ISCSI block device and assign the filesystem as xfs. - Mount the volume under /mnt/initiator at the system boot time. - The filesystem should contains the copy of . - The file sould be owned by root with 0644 permission. - NOTE: content of the file should not be modified. * Mariadb - Configure mariadb on system1, - On system1, mariadb has corrupted due to some issues. anyhow you have the logical backup file http://classroom.example.com/pub/mariadb.mdb - Install a new mariadb server and restore the database from the above provided file with a root password of "redhat". - Create a database called student - A new ticket has been assigned to you to create new local access accounts with the following information.
User Accepts connection from host Password Privileges andrew localhost Redhat Read access for student database
Thursday, March 18, 2021
EX300 EXAM TRAINING - sample questions
Subscribe to:
Post Comments (Atom)
0 Comments:
Post a Comment