Untitled Quiz

Questions and Answers

What characterizes a partition on a physical hard drive?

It contains only system files.

It is a fixed division of the hard drive. (correct)

It requires advanced management systems like LVM.

It can be resized easily without data loss.

Which command is used to modify an existing user account in Linux?

useradd

userdel

userchange

usermod (correct)

What is a primary advantage of using logical volumes over partitions?

They require physical volumes to be fixed in size.

They offer a way to organize data more simply.

They can only be used on Linux systems.

They can be easily resized without data loss. (correct)

Which of the following correctly describes the useradd command?

It is used to create new user accounts.

What does the userdel command do in Linux?

Deletes a user account from the system.

What is a logical volume's most notable characteristic compared to a partition?

It allows for easier expansion and management.

What is a key feature of partitions on a disk?

They can only exist in a single size.

Which command syntax correctly creates a new user named 'john'?

sudo useradd john

What is the first step in creating an encrypted volume using LUKS?

Install necessary tools

Which command is used to format a partition with LUKS?

sudo cryptsetup luksFormat /dev/sdb1

What will you need to do after encrypting the disk to access its data?

Open the encrypted volume

Which filesystem is suggested to create on the encrypted volume?

ext4

Which command can be used to add an entry to /etc/fstab for automatic mounting?

sudo blkid /dev/sdb1

What is the purpose of the command 'sudo umount /mnt/encrypted'?

To unmount the encrypted volume

What should be done first after successfully encrypting a volume?

Open the volume with a passphrase

Which command is used to close the encrypted volume after use?

sudo cryptsetup luksClose my_encrypted_volume

What is the primary function of a DNS server?

To translate domain names into IP addresses

Which type of DNS server acts as an intermediary between the user and other DNS servers?

Recursive DNS Server

What role does a Root DNS Server play in the DNS query process?

It directs queries to the appropriate TLD server.

What type of DNS server is responsible for handling specific domain extensions like .com or .org?

TLD DNS Server

Which DNS server type temporarily stores results to improve response times for repeated queries?

Caching DNS Server

What command is used to install BIND on Debian-based systems?

sudo apt-get install bind9

Which file needs to be edited to configure a DNS server in Linux using BIND?

/etc/bind/named.conf

In a DNS zone file, what does the SOA record indicate?

Start of Authority

What command is used to allow SSH packets through the firewall?

sudo firewall-cmd --permanent --add-service=ssh

What is the purpose of the command 'sudo firewall-cmd --reload'?

To apply changes made to the firewall configuration

How can you verify if the SSH rule has been successfully added to the firewall?

By executing 'sudo firewall-cmd --list-all'

What does IP masquerading achieve in a private network?

It hides the private IPs behind a single public IP

To permanently enable IP forwarding in Linux, which file must be edited?

/etc/sysctl.conf

What command would you use to set up masquerading on a specific network interface?

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

What is the optional step to ensure the firewall starts automatically after a reboot?

sudo systemctl enable firewalld

What is the main function of a firewall?

To allow only trusted users to access the server

What command is used to create a Certificate Signing Request (CSR)?

openssl req -new -key private.key -out request.csr

What information must be provided when generating a CSR using OpenSSL?

Country, State, Organization, Common Name

Which command is used to check the details of a certificate?

openssl x509 -in certificate.crt -text -noout

What is the primary purpose of the limit module in a firewall?

To control the rate of incoming or outgoing packets

How can you renew a certificate according to the content provided?

Generate a new CSR and submit it to your Certificate Authority

What command do you use to revoke a certificate using OpenSSL?

openssl revoke -CAfile certificate.crt

What is the function of the verify command in OpenSSL?

To check the validity of a certificate against CA certificates

What does the command 'openssl genrsa -out private.key 2048' accomplish?

Generates a new private key of 2048 bits

Which Apache mode provides the best scalability for handling increased traffic?

Event

What is a key disadvantage of the Prefork Apache mode?

It has higher resource consumption.

Which of the following is an example of a Mail User Agent (MUA)?

Gmail

What protocol does a Message Transfer Agent (MTA) commonly use to send emails?

SMTP

Which Apache mode is particularly suited for modern applications requiring low latency?

Event

What is the primary function of a Mail Delivery Agent (MDA)?

To deliver emails to the recipient's mailbox.

In what scenario is the Worker mode of Apache generally preferred?

For high traffic applications needing efficient resource use.

Which of the following statements is true about the Prefork mode?

It is simple but resource-heavy.

Study Notes

Linux System Administrator Duties

• Responsible for keeping the system running efficiently
• Monitoring system health (CPU, memory, disk usage, network) to prevent overload
• Identifying issues using tools like top, htop, or vmstat to pinpoint resource-intensive processes
• Tuning system settings (cache size, scheduling, network) to optimize performance based on workload
• Reviewing system logs to detect hardware/software errors or security issues
• Ensuring efficient hardware resource utilization (distributing workloads, cleaning up unused files)
• Proactively identifying and resolving potential issues to prevent system slowdowns or crashes

Piping and Redirecting

• Piping connects the output of one command to the input of another for extended functionality.

• Redirection saves command output to a file (e.g., ls -l > file_list.txt or ls -l >> file_list.txt).

Hard Links vs. Symbolic Links

• Hard Link: A direct reference to the original file, sharing the same data. Deleting the original file breaks the hard link.
• Symbolic Link (Soft Link): A shortcut or pointer to the original file. Deleting the original file breaks the symbolic link; it will not work.

Linux Distributions

• Ubuntu: Popular desktop distribution known for user-friendliness and community support. Focuses on regular updates and LTS versions.
• Fedora: Cutting-edge, development-focused distribution.
• Debian: Stable, highly reliable distribution commonly used for servers and desktops. Known for its comprehensive software repositories and robust community support.
• CentOS: Free and community-supported version of Red Hat Enterprise Linux. Focuses on stability.

RPM and YUM

• RPM (Red Hat Package Manager): A tool for managing software packages (installation, updating, removal and querying). It works with pre-compiled .rpm files.
• YUM (Yellowdog Updater Modified): A higher-level tool built on top of RPM that simplifies package management. It handles dependencies automatically and connects to online repositories for downloading and installing packages/updates. Commands are easy to use

Creating a YUM Repository

• Install createrepo: Necessary for creating a repository.

• Establish a directory for the repository (sudo mkdir /var/www/html/myrepo).

• Copy .rpm files to the repository directory (cp /path/to/your/rpm/files/*.rpm /var/www/html/myrepo/).

• Use createrepo to generate metadata for the repository (/var/www/html/myrepo/).

• Create myrepo.repo file in /etc/yum.repos.d/ for clients to recognize repository. Populate the file with baseurl, name,enabled, and gpgcheck parameters

Bash Shell

• A popular and default shell in many Linux systems.
• User-friendly for beginners and advanced users.
• Strong scripting capabilities using loops, conditionals, and functions.
• Offers command history and tab completion for efficiency.

C Shell (csh) and Korn Shell (ksh)

• C Shell: User-friendly, syntax similar to C programming. Designed for ease of job control and command history.
• Korn Shell: Combines features of Bourne Shell and C Shell, offering advanced scripting capabilities (like arrays and floating-point arithmetic). Faster execution compared to other shells.

Mounting a Device

• Plug in the device (USB drive, external hard disk, etc.).

• Find the device name using lsblk or fdisk -l. (e.g. /dev/sdb1).

• Create a mount point (e.g. sudo mkdir /mnt/usb).

• Use mount to attach the device to the mount point (sudo mount /dev/sdb1 /mnt/usb).

• Access the files through the mount point.

• Unmount the device when finished (sudo umount /mnt/usb).

Enabling SSH Server on RHEL

• Install the SSH server package (e.g. sudo yum install openssh-server).

• Start the SSH service (sudo systemctl start sshd).

• Enable SSH to start automatically at boot (sudo systemctl enable sshd).

• Allow SSH traffic through the firewall (sudo firewall-cmd --permanent --add-service=ssh). Reload firewall (sudo firewall-cmd --reload).

• Verify SSH service status (sudo systemctl status sshd).

File Systems Supported by Linux

• EXT4: Default filesystem for most Linux distributions (large files, volumes, fast, reliable).

• NTFS: Developed by Microsoft; commonly used by Windows. Linux can read and write through the ntfs-3g driver.

• FAT32: Simple, widely used but limited (maximum file size)filesystem for devices like USB drives. Supported by most Linux systems.

• Btrfs: Modern Linux filesystem; supports snapshots, versioning, and built-in tools for data integrity and management.

Partition vs. Logical Volume

• Partition: A fixed division of a physical storage device, acts as a basic structure for organizing data. Cannot easily change size without reformatting.
• Logical Volume (LV): A flexible, resizable storage unit managed by LVM. Allows grouping multiple physical devices, resizability, adding/removing LVs without losing data, making them more manageable compared to partitions

User Management Commands

• useradd: Creates new user accounts.

• usermod: Modifies existing user accounts (e.g., password, shell).

• userdel: Deletes user accounts.

Encrypted Volume Creation

• Install cryptsetup
• Identify the disk/partition (lsblk).
• Use cryptsetup luksFormat to format the device with LUKS encryption.
• Use cryptsetup luksOpen to open the encrypted volume.
• Create a filesystem (e.g., mkfs.ext4).
• Mount the encrypted volume.
• Configure (optional): add to /etc/fstab
• Close the encrypted volume when finished.

Snapshots in LVM

• Snapshots in LVM freeze the current state of an LVM volume as a new snapshot volume.
• Used for backups, allowing safe rollback to a previous state.
• Significantly easier on resources and operations than traditional backups due to fast snapshot creation.

Samba Server

• A software that allows Linux/Unix systems to share directories and files with Windows (and other systems) over a network.
• Enables cross-platform sharing of files and printers.

Network File System (NFS)

• A protocol for sharing files and directories between systems on a network.

• Client systems mount shared directories from the NFS server to access files remotely; this is similar to local storage.

• Advantages: Easy sharing across platforms; centralized storage for improved data consistency; transparent access.

• Disadvantages: Security concerns without proper configuration (unauthorized access); performance issues; dependence on network availability.

Firewalls

• A security system that controls network traffic based on predefined rules, protecting servers and networks from unauthorized access. Traffic filtering is used to determine whether to allow or block traffic.
• Firewalls block potentially malicious traffic from unauthorized sources (hackers/malware). They restrict access to certain ports and services. They act as a barrier and log traffic.

IP Masquerading

• Method for hiding private IP addresses behind a single public IP used to allow devices in a private network to access the internet.
• Requires IP forwarding enabled. Use to mask private IPs from external networks.
• It essentially masks private devices behind a single public IP for inbound traffic, maintaining security from unauthorized outside connections.

OpenSSL Certificates

• OpenSSL is a tool used for managing SSL/TLS certificates which are used for encrypting communication between servers and clients.
• Uses commands like openssl genrsa, openssl req, openssl x509 to generate private keys, create CSRs, and generate signed certificates.

Firewall Modules

• Firewall modules enhance firewall functionality with specific features (e.g., rate limiting).
• The limit module manages incoming/outgoing traffic rates, protecting against overload.

iptables

• A command-line tool in Linux for configuring a firewall by setting up, managing, and controlling the firewall.

• It filters and directs network traffic based on rules.

• Tables: filter (default), nat, mangle, raw

• Chains: INPUT(incoming), FORWARD(passing through), OUTPUT(outgoing)

• Rules: Specific conditions and actions applied to packets (e.g., allowing or blocking traffic).

DNS Server

• A server that translates domain names (like example.com) into IP addresses.

• Acts like a phonebook for the internet.

• Types of DNS Servers:

  • Recursive: Intermediary between user and other servers
  • Authoritative: Stores information about specific domains
  • Root: Top-level server for directing requests
  • TLD (Top Level Domain): Handles specific domains. (.com,.orgetc.)
  • Caching: Temporarily stores results for faster repeated lookups.

DHCP Server

• Dynamic Host Configuration Protocol server dynamically assigns IP addresses and other network settings (e.g., gateway, DNS server addresses) to devices on a network.
• Automates IP configuration for devices on a network without manual intervention; avoids conflicts and simplifies network administration.

Apache Modes

• Apache Mode: Various Multi-Processing Modules (MPMs) used in handling incoming client requests—ways to execute multiple requests simultaneously.

• Parameters:

  • MaxClients and MaxConnectionsPerChild: Limit to prevent overload or abuse.
  • Memory Usage: prefork uses more RAM than worker/event because processes are independent.
  • Scalability: worker/event modes scale better with increased traffic because of resource efficiency.
  • Response Time: worker/event modes have faster response times than prefork.

Email Protocols (MTA, MDA, MUA)

• MTA (Message Transfer Agent): Transfers emails between servers. Protocols like SMTP are used to send emails.
• MDA (Mail Delivery Agent): Delivers the email to the recipient's mailbox (local storage).
• MUA (Mail User Agent): The client application you use to send and receive emails (e.g., Outlook, Thunderbird).

Shell Scripts

• A script contains a series of commands in a text file; executed in order to automate tasks. Designed to be reusable and to avoid typing individual commands repeatedly.

High Availability (HA)

• Systems are reliable; operational and accessible with minimal downtime.
• Methods including redundancy (backup systems, load balancing), automatic failover protocols, monitoring, and geographic distribution enhance availability through continuous operation.