RHCE 1
Quiz-summary
0 of 14 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
Information
This is a sample RHCE exam. You’ve got 2 hours.
Prerequisites:
– the ability to create 2 physical or virtual servers called respectively Client and Server with at least 1GB of available disk space and 1GB of memory.
One precision: nobody checks your answers but a solution is provided!
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 14 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- Answered
- Review
-
Question 1 of 14
1. Question
Configure a NTP server on Server.
Hint
# yum install -y ntp
# chkconfig ntpd on
# iptables -I INPUT -m state –state NEW -m udp -p udp –dport 123 -j ACCEPT
# service iptables save
# service ntpd start
# ntpq -p -
Question 2 of 14
2. Question
Configure Client to use Server as NTP server.
Hint
# yum install -y ntp
Edit the /etc/ntp.conf file and comment the following lines:
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
Still in the /etc/ntp.conf file, add the following line:
server Server.example.com
Activate the ntp service at boot, start it and test the configuration:
# chkconfig ntpd on
# service ntpd start
# ntpq -p -
Question 3 of 14
3. Question
Configure Server to receive Syslog messages from others.
Hint
Edit the /etc/rsyslog.conf file and uncomment the following lines:
#$ModLoad imtcp
#$InputTCPServerRun 514
Then, start the service and set up the firewall configuration:
# service rsyslog restart
# iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 514 -j ACCEPT
# service iptables save -
Question 4 of 14
4. Question
Configure Client to send Syslog messages to Server.
Hint
Edit the /etc/rsyslog.conf file and uncomment the following lines:
#$WorkDirectory /var/lib/rsyslog
#$ActionQueueFileName fwdRule1
#$ActionQueueMaxDiskSpace 1g
#$ActionQueueSaveOnShutdown on
#$ActionQueueType LinkedList
#$ActionResumeRetryCount -1
Still in the /etc/rsyslog.conf file, replace the following line as specified:
#*.* @@remote-host:514
by: *.* @@Server.example.com:514
Restart the service and test the configuration:
# service rsyslog restart
# logger -p local0.notice -t TEST “Test”
# grep “TEST” /var/log/messages -
Question 5 of 14
5. Question
Configure Server as a Samba server with a workgroup called MYGROUP and a netbios name MYSERVER.
Create the /opt/samba directory.
Create a user called sam with the password redhat.
Only allow this user to connect to the share named samba.Hint
# yum groupinstall -y “CIFS file server”
Create a new /etc/samba/smb.conf file and add the following lines:
workgroup = MYGROUP
netbios name = MYSERVER
security = user
passdb backend = tdbsam
[samba]
browseable = yes
path = /opt/samba
valid users = sam
writable = yes
Check the syntax of the configuration file:
# testparm
# mkdir /opt/samba; yum install -y setroubleshoot-server
# semanage fcontext -a -t samba_share_t “/opt/samba(/.*)?”; restorecon -r /opt/samba
# iptables -I INPUT -m state –state NEW -m udp -p udp –dport 137 -j ACCEPT
# iptables -I INPUT -m state –state NEW -m udp -p udp –dport 138 -j ACCEPT
# iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 139 -j ACCEPT
# iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 445 -j ACCEPT
# service iptables save
# chkconfig smb on; chkconfig nmb on; chkconfig winbind on; service smb start; service nmb start; service winbind start
Create the samba user sam with the password redhat:
# useradd -s /sbin/nologin sam; smbpasswd -a sam
Check the configuration:
# yum install -y samba-client; smbclient //localhost/samba -U sam%redhat -
Question 6 of 14
6. Question
Configure Client to mount Server’s share (samba) permanently.
Hint
# yum install -y cifs-utils
Test the connection to the server
mount -t cifs //Server/samba -o rw,username=sam,password=redhat /mnt
Edit the /etc/fstab file and add the following line:
//Server/samba /mnt cifs rw,username=sam,password=redhat 0 0 -
Question 7 of 14
7. Question
Configure Apache on the Server. Create a directory called secret under the document root.
Create a file called index.html in this directory with the string TEST inside.
Restrict the access to this directory to the user tom with password redhat.Hint
# yum install -y httpd
# mkdir -p /var/www/html/secret; echo “TEST” > /var/www/html/secret/index.html
# restorecon -R /var/www/html/secret
Edit the /etc/httpd/conf/httpd.conf file and add the following lines:
<Directory “/var/www/html/secret”>
AuthType Basic
AuthName “Password protected area”
AuthUserFile /etc/httpd/conf/passwd
Require user tom
<Directory />
Check the configuration:
# service httpd configtest
# htpasswd -c /etc/httpd/conf/passwd tom
# iptables -I INPUT -p tcp -m state –state NEW -m tcp –dport 80 -j ACCEPT
# service iptables save
# chkconfig httpd on; service httpd start
Test the configuration:
# yum install -y elinks; elinks http://localhost/secret -
Question 8 of 14
8. Question
Configure a NFS server on Server. Create a directory called /opt/tools.
Export this directory with restricted access to Client in read-write mode.Hint
# yum groupinstall -y “NFS file server”
# mkdir -p /opt/tools
# iptables -I INPUT -m state –state NEW -m udp -p udp –dport 111 -j ACCEPT
# iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 111 -j ACCEPT
# iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 2049 -j ACCEPT
# service iptables save
# chkconfig rpcbind on
# chkconfig nfs on
# chkconfig nfslock on
# service rpcbind start
# service nfs start
# service nfslock start
Edit the /etc/exports file and add the following line:
/opt/tools Client(rw,no_root_squash)
# exportfs -avr -
Question 9 of 14
9. Question
Configure Client to mount the Server directory (/opt/tools) permanently.
Hint
# yum install -y nfs-utils
Edit the /etc/fstab file and add the following line:
Server:/opt/tools /mnt nfs defaults 0 0 -
Question 10 of 14
10. Question
Configure no direct root access through ssh on Server.
Hint
Edit the /etc/ssh/sshd_config file and add the following line:
PermitRootLogin no
Reload the ssh configuration
# service sshd reload
PS: don’t forget to create a user account or set up a console access before, otherwise you will have to reinstall the server (it happens to me!) 😉 -
Question 11 of 14
11. Question
Permanently disable pings on Server.
Hint
Edit the /etc/sysctl.conf file and add the following line:
net.ipv4.conf.icmp_echo_ignore_all = 1
# sysctl -p -
Question 12 of 14
12. Question
Configure SSH on Server to forbid access from the blackhat.org domain.
Hint
Edit the /etc/hosts.deny file and add the following line:
sshd: .blackhat.org
# service sshd reload -
Question 13 of 14
13. Question
Configure a FTP server on Server.
Configure anonymous-only download restricted to the local network (example.com).Hint
# yum install -y vsftpd
# iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 20 -j ACCEPT
# iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 21 -j ACCEPT
# service iptables save
Edit the /etc/sysconfig/iptables-config file and change the IPTABLES_MODULES directive:
IPTABLES_MODULES=”nf_conntrack_ftp nf_nat_ftp”
# service iptables restart
# chkconfig vsftpd on
Edit the /etc/vsftpd.conf file and replace “local_enable=YES” with “local_enable=NO”.
# service vsftpd start
Edit the /etc/hosts.deny file and add the following line:
vsftpd: ALL EXCEPT .example.com -
Question 14 of 14
14. Question
Configure an email alias such that all mail sent to root go to the user joe.
Hint
Edit the /etc/aliases file and add the following line:
root: joe
# useradd joe
# newaliases
Leave a Reply
You must be logged in to post a comment.