Untitled Quiz

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson
Download our mobile app to listen on the go
Get App

Questions and Answers

What characterizes a partition on a physical hard drive?

  • It contains only system files.
  • It is a fixed division of the hard drive. (correct)
  • It requires advanced management systems like LVM.
  • It can be resized easily without data loss.

Which command is used to modify an existing user account in Linux?

  • useradd
  • userdel
  • userchange
  • usermod (correct)

What is a primary advantage of using logical volumes over partitions?

  • They require physical volumes to be fixed in size.
  • They offer a way to organize data more simply.
  • They can only be used on Linux systems.
  • They can be easily resized without data loss. (correct)

Which of the following correctly describes the useradd command?

<p>It is used to create new user accounts. (D)</p> Signup and view all the answers

What does the userdel command do in Linux?

<p>Deletes a user account from the system. (D)</p> Signup and view all the answers

What is a logical volume's most notable characteristic compared to a partition?

<p>It allows for easier expansion and management. (B)</p> Signup and view all the answers

What is a key feature of partitions on a disk?

<p>They can only exist in a single size. (D)</p> Signup and view all the answers

Which command syntax correctly creates a new user named 'john'?

<p>sudo useradd john (D)</p> Signup and view all the answers

What is the first step in creating an encrypted volume using LUKS?

<p>Install necessary tools (A)</p> Signup and view all the answers

Which command is used to format a partition with LUKS?

<p>sudo cryptsetup luksFormat /dev/sdb1 (D)</p> Signup and view all the answers

What will you need to do after encrypting the disk to access its data?

<p>Open the encrypted volume (D)</p> Signup and view all the answers

Which filesystem is suggested to create on the encrypted volume?

<p>ext4 (D)</p> Signup and view all the answers

Which command can be used to add an entry to /etc/fstab for automatic mounting?

<p>sudo blkid /dev/sdb1 (C)</p> Signup and view all the answers

What is the purpose of the command 'sudo umount /mnt/encrypted'?

<p>To unmount the encrypted volume (B)</p> Signup and view all the answers

What should be done first after successfully encrypting a volume?

<p>Open the volume with a passphrase (D)</p> Signup and view all the answers

Which command is used to close the encrypted volume after use?

<p>sudo cryptsetup luksClose my_encrypted_volume (A)</p> Signup and view all the answers

What is the primary function of a DNS server?

<p>To translate domain names into IP addresses (D)</p> Signup and view all the answers

Which type of DNS server acts as an intermediary between the user and other DNS servers?

<p>Recursive DNS Server (A)</p> Signup and view all the answers

What role does a Root DNS Server play in the DNS query process?

<p>It directs queries to the appropriate TLD server. (C)</p> Signup and view all the answers

What type of DNS server is responsible for handling specific domain extensions like .com or .org?

<p>TLD DNS Server (A)</p> Signup and view all the answers

Which DNS server type temporarily stores results to improve response times for repeated queries?

<p>Caching DNS Server (D)</p> Signup and view all the answers

What command is used to install BIND on Debian-based systems?

<p>sudo apt-get install bind9 (D)</p> Signup and view all the answers

Which file needs to be edited to configure a DNS server in Linux using BIND?

<p>/etc/bind/named.conf (B)</p> Signup and view all the answers

In a DNS zone file, what does the SOA record indicate?

<p>Start of Authority (B)</p> Signup and view all the answers

What command is used to allow SSH packets through the firewall?

<p>sudo firewall-cmd --permanent --add-service=ssh (B)</p> Signup and view all the answers

What is the purpose of the command 'sudo firewall-cmd --reload'?

<p>To apply changes made to the firewall configuration (D)</p> Signup and view all the answers

How can you verify if the SSH rule has been successfully added to the firewall?

<p>By executing 'sudo firewall-cmd --list-all' (B)</p> Signup and view all the answers

What does IP masquerading achieve in a private network?

<p>It hides the private IPs behind a single public IP (A)</p> Signup and view all the answers

To permanently enable IP forwarding in Linux, which file must be edited?

<p>/etc/sysctl.conf (B)</p> Signup and view all the answers

What command would you use to set up masquerading on a specific network interface?

<p>sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE (B)</p> Signup and view all the answers

What is the optional step to ensure the firewall starts automatically after a reboot?

<p>sudo systemctl enable firewalld (C)</p> Signup and view all the answers

What is the main function of a firewall?

<p>To allow only trusted users to access the server (B)</p> Signup and view all the answers

What command is used to create a Certificate Signing Request (CSR)?

<p>openssl req -new -key private.key -out request.csr (D)</p> Signup and view all the answers

What information must be provided when generating a CSR using OpenSSL?

<p>Country, State, Organization, Common Name (B)</p> Signup and view all the answers

Which command is used to check the details of a certificate?

<p>openssl x509 -in certificate.crt -text -noout (C)</p> Signup and view all the answers

What is the primary purpose of the limit module in a firewall?

<p>To control the rate of incoming or outgoing packets (C)</p> Signup and view all the answers

How can you renew a certificate according to the content provided?

<p>Generate a new CSR and submit it to your Certificate Authority (D)</p> Signup and view all the answers

What command do you use to revoke a certificate using OpenSSL?

<p>openssl revoke -CAfile certificate.crt (B)</p> Signup and view all the answers

What is the function of the verify command in OpenSSL?

<p>To check the validity of a certificate against CA certificates (D)</p> Signup and view all the answers

What does the command 'openssl genrsa -out private.key 2048' accomplish?

<p>Generates a new private key of 2048 bits (D)</p> Signup and view all the answers

Which Apache mode provides the best scalability for handling increased traffic?

<p>Event (D)</p> Signup and view all the answers

What is a key disadvantage of the Prefork Apache mode?

<p>It has higher resource consumption. (C)</p> Signup and view all the answers

Which of the following is an example of a Mail User Agent (MUA)?

<p>Gmail (C)</p> Signup and view all the answers

What protocol does a Message Transfer Agent (MTA) commonly use to send emails?

<p>SMTP (D)</p> Signup and view all the answers

Which Apache mode is particularly suited for modern applications requiring low latency?

<p>Event (D)</p> Signup and view all the answers

What is the primary function of a Mail Delivery Agent (MDA)?

<p>To deliver emails to the recipient's mailbox. (C)</p> Signup and view all the answers

In what scenario is the Worker mode of Apache generally preferred?

<p>For high traffic applications needing efficient resource use. (A)</p> Signup and view all the answers

Which of the following statements is true about the Prefork mode?

<p>It is simple but resource-heavy. (D)</p> Signup and view all the answers

Flashcards

Partition

A fixed division of a physical storage device, like a hard drive, creating separate storage areas.

Logical Volume (LV)

A flexible, resizable storage unit managed by LVM. It can combine multiple physical devices, like multiple hard drives, and easily resize.

LVM

Logical Volume Manager. A system allowing advanced management of storage devices by grouping multiple physical devices into a single pool.

useradd

A Linux command for creating new user accounts.

Signup and view all the flashcards

usermod

A Linux command for modifying existing user accounts, like changing a password or shell.

Signup and view all the flashcards

userdel

A Linux command for deleting an existing user account.

Signup and view all the flashcards

Encrypted volume

A storage area where data is protected using encryption, making it unreadable without a password or key.

Signup and view all the flashcards

Disk setup

The process of configuring a hard drive or storage device, such as creating partitions. Often done at the start.

Signup and view all the flashcards

Encrypting a partition with LUKS

Using cryptsetup to encrypt a disk partition using the Linux Unified Key Setup (LUKS) system.

Signup and view all the flashcards

cryptsetup luksFormat

The command to initialize a disk partition for LUKS encryption. Asks for confirmation and passphrase.

Signup and view all the flashcards

cryptsetup luksOpen

The command to open/mount an encrypted volume with a passphrase.

Signup and view all the flashcards

mkfs.ext4

Creates a filesystem (ext4) on the encrypted volume.

Signup and view all the flashcards

Mapped device

A temporary virtual device that allows access to encrypted data housed in the encrypted partition.

Signup and view all the flashcards

/dev/mapper

A directory location containing the device paths for encrypted devices, making them accessible.

Signup and view all the flashcards

UUID

Unique Identifier (UUID) for the mapped volume, essential for automatic mounting.

Signup and view all the flashcards

fstab

Configuration file that automatically mounts encrypted volumes, allowing access at boot

Signup and view all the flashcards

SSH Firewall Rule

A rule that allows Secure Shell (SSH) connections through a firewall.

Signup and view all the flashcards

Firewalld Reload

Applying changes to the firewall configuration.

Signup and view all the flashcards

Firewall

A network security system that controls network traffic.

Signup and view all the flashcards

IP Masquerade

A technique using one public IP address to represent multiple private network devices.

Signup and view all the flashcards

iptables

A command-line utility for controlling network traffic (Linux firewall tool).

Signup and view all the flashcards

IP Forwarding

A network function allowing a device to route traffic for other devices.

Signup and view all the flashcards

POSTROUTING

A chain in iptables that is used to modify packets after they are routed.

Signup and view all the flashcards

Firewalld startup

Automatically starting the firewall service on system boot.

Signup and view all the flashcards

DNS server

A server that translates domain names (like www.google.com) into IP addresses (like 142.250.190.78) for computers to connect to websites over the internet.

Signup and view all the flashcards

Recursive DNS server

Acts as a middleman between the user and other DNS servers. It looks up requested domain names by querying other DNS servers and provides the IP to the user.

Signup and view all the flashcards

Authoritative DNS server

Stores information about specific domain names and their associated IP addresses. When someone queries a domain, it provides the correct IP address.

Signup and view all the flashcards

Root DNS server

The top-level server directing queries to the correct Top-Level Domain (TLD) server.

Signup and view all the flashcards

TLD DNS server

Handles specific domain extensions like .com, .org, .net, etc. It directs queries to the appropriate authoritative DNS server for the domain.

Signup and view all the flashcards

Caching DNS server

Temporarily stores (caches) DNS query results to speed up future requests for the same domain.

Signup and view all the flashcards

What is the purpose of DNS?

DNS (Domain Name System) translates domain names (like www.google.com) into IP addresses (like 142.250.190.78) so that computers can connect to websites or other devices over the internet. It acts like a phonebook for the internet, making it easier to remember and access websites.

Signup and view all the flashcards

What does a DNS server do when you type a website address?

When you type a website address (like www.google.com), a DNS server will look up the corresponding IP address and provide it to your computer, allowing you to connect to that website.

Signup and view all the flashcards

openssl req

A command used in OpenSSL to create a Certificate Signing Request (CSR). It's used to start the process of obtaining a digital certificate.

Signup and view all the flashcards

openssl x509

A command in OpenSSL used to manipulate and examine X.509 certificates. It's used for tasks such as checking certificate details, verifying certificates, and signing certificates.

Signup and view all the flashcards

openssl verify

A command used to validate a digital certificate. This checks if the certificate is trustworthy and hasn't been tampered with.

Signup and view all the flashcards

Firewall modules

Additional features or tools that extend the functionality of a firewall, allowing for more specific and advanced filtering of network traffic.

Signup and view all the flashcards

Limit module

A firewall module that controls the rate of incoming or outgoing network traffic. It prevents overloading the system by setting limits on the number of packets allowed in a specified time.

Signup and view all the flashcards

DoS attack

Denial of Service attack. A malicious attempt to disrupt the normal functioning of a website or network service by sending an excessive amount of traffic.

Signup and view all the flashcards

Prefork Mode

Apache's mode where each request is handled by a separate process. Provides stability, but uses more resources for each process.

Signup and view all the flashcards

Worker Mode

Apache's mode where requests are handled by threads, sharing common resources, making it more efficient for higher traffic.

Signup and view all the flashcards

Event Mode

Apache's mode optimized for high-concurrency and low latency, ideal for modern web applications.

Signup and view all the flashcards

MTA (Message Transfer Agent)

The component responsible for transferring emails between servers. It acts like a post office.

Signup and view all the flashcards

MDA (Mail Delivery Agent)

The component responsible for delivering emails to the recipient's mailbox on the server. It acts like a postman.

Signup and view all the flashcards

MUA (Mail User Agent)

The application you use to read, send, and manage emails. It's like your personal mailbox.

Signup and view all the flashcards

SMTP (Simple Mail Transfer Protocol)

A protocol used by MTAs to send emails.

Signup and view all the flashcards

IMAP or POP3

Protocols used by MUAs to fetch emails from the server.

Signup and view all the flashcards

Study Notes

Linux System Administrator Duties

  • Responsible for keeping the system running efficiently
  • Monitoring system health (CPU, memory, disk usage, network) to prevent overload
  • Identifying issues using tools like top, htop, or vmstat to pinpoint resource-intensive processes
  • Tuning system settings (cache size, scheduling, network) to optimize performance based on workload
  • Reviewing system logs to detect hardware/software errors or security issues
  • Ensuring efficient hardware resource utilization (distributing workloads, cleaning up unused files)
  • Proactively identifying and resolving potential issues to prevent system slowdowns or crashes

Piping and Redirecting

  • Piping connects the output of one command to the input of another for extended functionality.

  • Redirection saves command output to a file (e.g., ls -l > file_list.txt or ls -l >> file_list.txt).

  • Hard Link: A direct reference to the original file, sharing the same data. Deleting the original file breaks the hard link.
  • Symbolic Link (Soft Link): A shortcut or pointer to the original file. Deleting the original file breaks the symbolic link; it will not work.

Linux Distributions

  • Ubuntu: Popular desktop distribution known for user-friendliness and community support. Focuses on regular updates and LTS versions.
  • Fedora: Cutting-edge, development-focused distribution.
  • Debian: Stable, highly reliable distribution commonly used for servers and desktops. Known for its comprehensive software repositories and robust community support.
  • CentOS: Free and community-supported version of Red Hat Enterprise Linux. Focuses on stability.

RPM and YUM

  • RPM (Red Hat Package Manager): A tool for managing software packages (installation, updating, removal and querying). It works with pre-compiled .rpm files.
  • YUM (Yellowdog Updater Modified): A higher-level tool built on top of RPM that simplifies package management. It handles dependencies automatically and connects to online repositories for downloading and installing packages/updates. Commands are easy to use

Creating a YUM Repository

  • Install createrepo: Necessary for creating a repository.

  • Establish a directory for the repository (sudo mkdir /var/www/html/myrepo).

  • Copy .rpm files to the repository directory (cp /path/to/your/rpm/files/*.rpm /var/www/html/myrepo/).

  • Use createrepo to generate metadata for the repository (/var/www/html/myrepo/).

  • Create myrepo.repo file in /etc/yum.repos.d/ for clients to recognize repository. Populate the file with baseurl, name,enabled, and gpgcheck parameters

Bash Shell

  • A popular and default shell in many Linux systems.
  • User-friendly for beginners and advanced users.
  • Strong scripting capabilities using loops, conditionals, and functions.
  • Offers command history and tab completion for efficiency.

C Shell (csh) and Korn Shell (ksh)

  • C Shell: User-friendly, syntax similar to C programming. Designed for ease of job control and command history.
  • Korn Shell: Combines features of Bourne Shell and C Shell, offering advanced scripting capabilities (like arrays and floating-point arithmetic). Faster execution compared to other shells.

Mounting a Device

  • Plug in the device (USB drive, external hard disk, etc.).

  • Find the device name using lsblk or fdisk -l. (e.g. /dev/sdb1).

  • Create a mount point (e.g. sudo mkdir /mnt/usb).

  • Use mount to attach the device to the mount point (sudo mount /dev/sdb1 /mnt/usb).

  • Access the files through the mount point.

  • Unmount the device when finished (sudo umount /mnt/usb).

Enabling SSH Server on RHEL

  • Install the SSH server package (e.g. sudo yum install openssh-server).

  • Start the SSH service (sudo systemctl start sshd).

  • Enable SSH to start automatically at boot (sudo systemctl enable sshd).

  • Allow SSH traffic through the firewall (sudo firewall-cmd --permanent --add-service=ssh). Reload firewall (sudo firewall-cmd --reload).

  • Verify SSH service status (sudo systemctl status sshd).

File Systems Supported by Linux

  • EXT4: Default filesystem for most Linux distributions (large files, volumes, fast, reliable).

  • NTFS: Developed by Microsoft; commonly used by Windows. Linux can read and write through the ntfs-3g driver.

  • FAT32: Simple, widely used but limited (maximum file size)filesystem for devices like USB drives. Supported by most Linux systems.

  • Btrfs: Modern Linux filesystem; supports snapshots, versioning, and built-in tools for data integrity and management.

Partition vs. Logical Volume

  • Partition: A fixed division of a physical storage device, acts as a basic structure for organizing data. Cannot easily change size without reformatting.
  • Logical Volume (LV): A flexible, resizable storage unit managed by LVM. Allows grouping multiple physical devices, resizability, adding/removing LVs without losing data, making them more manageable compared to partitions

User Management Commands

  • useradd: Creates new user accounts.

  • usermod: Modifies existing user accounts (e.g., password, shell).

  • userdel: Deletes user accounts.

Encrypted Volume Creation

  • Install cryptsetup
  • Identify the disk/partition (lsblk).
  • Use cryptsetup luksFormat to format the device with LUKS encryption.
  • Use cryptsetup luksOpen to open the encrypted volume.
  • Create a filesystem (e.g., mkfs.ext4).
  • Mount the encrypted volume.
  • Configure (optional): add to /etc/fstab
  • Close the encrypted volume when finished.

Snapshots in LVM

  • Snapshots in LVM freeze the current state of an LVM volume as a new snapshot volume.
  • Used for backups, allowing safe rollback to a previous state.
  • Significantly easier on resources and operations than traditional backups due to fast snapshot creation.

Samba Server

  • A software that allows Linux/Unix systems to share directories and files with Windows (and other systems) over a network.
  • Enables cross-platform sharing of files and printers.

Network File System (NFS)

  • A protocol for sharing files and directories between systems on a network.

  • Client systems mount shared directories from the NFS server to access files remotely; this is similar to local storage.

  • Advantages: Easy sharing across platforms; centralized storage for improved data consistency; transparent access.

  • Disadvantages: Security concerns without proper configuration (unauthorized access); performance issues; dependence on network availability.

Firewalls

  • A security system that controls network traffic based on predefined rules, protecting servers and networks from unauthorized access. Traffic filtering is used to determine whether to allow or block traffic.
  • Firewalls block potentially malicious traffic from unauthorized sources (hackers/malware). They restrict access to certain ports and services. They act as a barrier and log traffic.

IP Masquerading

  • Method for hiding private IP addresses behind a single public IP used to allow devices in a private network to access the internet.
  • Requires IP forwarding enabled. Use to mask private IPs from external networks.
  • It essentially masks private devices behind a single public IP for inbound traffic, maintaining security from unauthorized outside connections.

OpenSSL Certificates

  • OpenSSL is a tool used for managing SSL/TLS certificates which are used for encrypting communication between servers and clients.
  • Uses commands like openssl genrsa, openssl req, openssl x509 to generate private keys, create CSRs, and generate signed certificates.

Firewall Modules

  • Firewall modules enhance firewall functionality with specific features (e.g., rate limiting).
  • The limit module manages incoming/outgoing traffic rates, protecting against overload.

iptables

  • A command-line tool in Linux for configuring a firewall by setting up, managing, and controlling the firewall.

  • It filters and directs network traffic based on rules.

  • Tables: filter (default), nat, mangle, raw

  • Chains: INPUT(incoming), FORWARD(passing through), OUTPUT(outgoing)

  • Rules: Specific conditions and actions applied to packets (e.g., allowing or blocking traffic).

DNS Server

  • A server that translates domain names (like example.com) into IP addresses.

  • Acts like a phonebook for the internet.

  • Types of DNS Servers:

    • Recursive: Intermediary between user and other servers
    • Authoritative: Stores information about specific domains
    • Root: Top-level server for directing requests
    • TLD (Top Level Domain): Handles specific domains. (.com,.orgetc.)
    • Caching: Temporarily stores results for faster repeated lookups.

DHCP Server

  • Dynamic Host Configuration Protocol server dynamically assigns IP addresses and other network settings (e.g., gateway, DNS server addresses) to devices on a network.
  • Automates IP configuration for devices on a network without manual intervention; avoids conflicts and simplifies network administration.

Apache Modes

  • Apache Mode: Various Multi-Processing Modules (MPMs) used in handling incoming client requests—ways to execute multiple requests simultaneously.

  • Parameters:

    • MaxClients and MaxConnectionsPerChild: Limit to prevent overload or abuse.
    • Memory Usage: prefork uses more RAM than worker/event because processes are independent.
    • Scalability: worker/event modes scale better with increased traffic because of resource efficiency.
    • Response Time: worker/event modes have faster response times than prefork.

Email Protocols (MTA, MDA, MUA)

  • MTA (Message Transfer Agent): Transfers emails between servers. Protocols like SMTP are used to send emails.
  • MDA (Mail Delivery Agent): Delivers the email to the recipient's mailbox (local storage).
  • MUA (Mail User Agent): The client application you use to send and receive emails (e.g., Outlook, Thunderbird).

Shell Scripts

  • A script contains a series of commands in a text file; executed in order to automate tasks. Designed to be reusable and to avoid typing individual commands repeatedly.

High Availability (HA)

  • Systems are reliable; operational and accessible with minimal downtime.
  • Methods including redundancy (backup systems, load balancing), automatic failover protocols, monitoring, and geographic distribution enhance availability through continuous operation.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

Related Documents

More Like This

Untitled Quiz
37 questions

Untitled Quiz

WellReceivedSquirrel7948 avatar
WellReceivedSquirrel7948
Untitled Quiz
55 questions

Untitled Quiz

StatuesquePrimrose avatar
StatuesquePrimrose
Untitled Quiz
18 questions

Untitled Quiz

RighteousIguana avatar
RighteousIguana
Untitled Quiz
50 questions

Untitled Quiz

JoyousSulfur avatar
JoyousSulfur
Use Quizgecko on...
Browser
Browser