"RHCSA / RHCE Red Hat Linux Certification Study Guide (6th Edition): EX200 & EX300"
Basic Information
Original title: RHCSA / RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition
Author: (US) Michael Jang
Translator: Wu Wenguo Li Zengmin Qu Wei
Publisher: Tsinghua University Press
ISBN: 9780071765657
Added time: 2013-5-30
Publication date: May 2013
Folio: 16
Page number: 683
Edition: 1-1
Product category: Computers> Operating System> Linux
More About "" "RHCSA / RHCE Red Hat Linux Certification Study Guide (6th Edition): EX200 & EX300"
brief introduction
books
Computer books
"Rhcsa / rhce red hat linux certification study guide (6th edition): ex200 & ex300" not only contains hundreds of review questions, completely covering all the requirements based on performance, but also everything you want to know-details how Prepare for these two challenging exams. 100% complete coverage of all official target exam preparation checklists for ex200 and ex300-how to complete all the objectives on this list, the exam is okay. The exam part of each chapter highlights the main exam topics for quick review. Over 100 small exercises. Experimental questions-two complete sets of experimental rhcsa-based exam questions and two complete sets of experimental-based rhce exam questions-consistent with the format, style, theme, and difficulty of the real exam. Contains all exam topics:
Virtual machines and automatic installation
Basic command line skills
Rhcsa-level security options
Guide the process
Linux file system management
Package management
User Management
Rhcsa level system management
Rhce safety
System services and selinux
Rhce management
Mail Server
Apache
Samba
File Sharing
Dn dns, ftp and logs
The CD with the book contains:
Complete lab-based exam preparation, including:
Two complete rhcsa questions
. Two complete rhce questions
Self-tested chapters based on experiments
Detailed answers for all experiments
Glossary of rhcsa and rhce
Portable copy in pdf format
table of Contents
"Rhcsa / rhce red hat linux certification study guide (6th edition): ex200 & ex300"
Chapter 1 Prepare for the Red Hat Operational Certification Exam 1
Certification target 1.01 rhcsa and rhce certification exams3
1.1.1 Exam experience 4
1.1.2 rhcsa certification exam 4
1.1.3 rhce certification exam 5
1.1.4 If you are only preparing to take the rhcsa exam 5
1.1.5 Evolving Requirements 5
Certification target 1.02 Basic hardware requirementsFive
1.2.1 Hardware compatibility 5
1.2.2 Architecture 6
1.2.3 Memory requirements 7
1.2.4 Hard Disk Option 7
1.2.5 Network Connection 8
1.2.6 Virtual Machine Options 8
Certification target 1.03 Acquired Red Hat Enterprise Linux9
1.3.1 Purchase a subscription version (subscription) 9
1.3.2 Get Evaluation Version 9
1.3.3 Third-party refactoring version 10
1.3.4 Checking Downloaded Files 10
.Certification target 1.04 Installation requirements 11
1.4.1 No need to start from scratch 11
1.4.2 Advantages of Network Installation 11
1.4.3 Red Hat and Virtual Machines 12
1.4.4 Virtual and Physical Systems 12
1.4.5 Pre-installation environment for practice 12
1.4.6 System Role 13
Certification Target 1.05 Installation Option 14
1.5.1 Boot Media 14
1.5.2 Starting Installation with cd / dvd or Booting USB 15
1.5.3 Basic installation steps 15
1.5.4 Preparing to Install on a Partition 21
1.5.5 Partition Creation Exercise 23
1.5.6 Exercise 1-1: Partitioning During Installation 24
1.5.7 Configuring the Boot Loader 25
1.5.8 All packages in rhel 6
1.5.9 Baseline Packages
1.5.10 Package Group 28
1.5.11 System Restart
Certification Target 1.06 System Setting Option 31
1.6.1 The First Boot Process 31
1.6.2 Default Security Settings
1.6.3 Special Settings Options for Virtual Machines 33
Authentication target 1.07 Configuring the default file sharing service 34
1.7.1 Mounting and Copying a DVD Disk
1.7.2 Setting Up an Apache Server with Default Configuration
1.7.3 Exercise 1-2: Configuring the Apache Server as an Installation Server
1.7.4 Copying Files Through FTP Server Sharing
1.8 Certification Summary
1.9 Small Exercises
1.10 Self-Test Questions 40
1.11 Experiment Questions 41
1.12 Answers to Self-Test Questions 43
1.13 Experiment Question Answers 44
Chapter 2 Virtual Machines and Automatic Installations 47
Authentication target 2.01 configuration red hat kvm48
Reasons for choosing a virtual machine
2.1.2 Assume that kvm49 must be installed
2.1.3 Selecting the correct kvm module 51
2.1.4 Configuring the Hypervisor 51
2.1.5 Exercise 2-1: Creating a Second Virtual Network
Authentication target 2.02 Configuring virtual machines on kvm 56
2.2.1 Configuring Virtual Machines on the KVM
2.2.2 Exercise 2-2: Adding a Virtual Hard Drive 61
2.2.3 kvm configuration files
2.2.4 Controlling a Virtual Machine from the Command Line
Certification Target 2.03 Auto Install Option 66
2.3.1 Basic Principles of Kickstart
2.3.2 Setting Local Access to kickstart
2.3.3 Establishing kickstart network access
2.3.4 Example kickstart file
2.3.5 Exercise 2-3: Creating and Using a Sample Kickstart File
2.3.6 Kickstart Configuration Program
Authentication target 2.04 ssh management system 77
2.4.1 Configuring the ssh Client
2.4.2 Command Line Access
2.4.3 Other Command Line Tools for ssh
2.4.4 ssh Graphical Access
Certification target 2.05 Consider adding command line tools 80
2.5.1 Check port 80 with telnet
2.5.2 Checking port 81 with nmap
2.5.3 Configuring the e-mail Client
2.5.4 Command Line Email
2.5.5 Reading Mail Messages
2.5.6 Use of Text and Graphic Browsers
2.5.7 accessing url84 with lftp
2.6 Certification Summary
2.7 Small Exercises
2.8 Self-Test Questions 87
2.9 Experiment Questions 88
2.10 Self-Test Answers
2.11 Answers to Experiments
Chapter 3 Basic Command Line Techniques
Authentication target 3.01 shell96
3.1.1 Other shell96
3.1.2 Terminal Console
3.1.3 gui shell interface
3.1.4 The difference between ordinary users and administrator users
3.1.5 Text Streams and Command Redirection
Certification Target 3.02 Standard Command Line Tool 99
3.2.1 File and Directory Concepts
3.2.2 File List and ls Command
3.2.3 File Creation Commands
3.2.4 Wildcards
3.2.5 File Search
Certification Objective 3.03 Management of Text Files 105
3.3.1 Read Commands for Text Streams
3.3.2 Commands for Processing Text Streams
3.3.3 Editing Text Files in the Console
3.3.4 Exercise 3-1: Creating a New User with vi
3.3.5 If you don't like vi111
3.3.6 Editing Text Files with the gui Tool
Certification target 3.04 Local online documentation 112
3.4.1 When Do I Need Help Documentation?
3.4.2 Various man pages
3.4.3 info manual
3.4.4 Document Details in the / usr / share / doc Directory
Certification Target 3.05 Network Primer 115
3.5.1 IPv4 Number and Address Classes
3.5.2 Basic IPv6 Addressing
3.5.3 How to Define a Network with an IP Address
3.5.4 Tools, Commands, and Gateways
Certification Target 3.06 Network Configuration and Troubleshooting 121
3.6.1 Network Configuration File
3.6.2 Network Configuration Tool
3.6.3 Exercise 3-2: Configuring a Network Card
3.6.4 Host Name Configuration File
3.6.5 Host Name Configuration Options
3.6.6 Network Manager Applets
3.7 Certification Summary
3.8 Exercises 131
3.9 Self-Test Questions 133
3.10 Experiment Questions 134
3.11 Self-Test Answers 134
3.12 Experiment Question Answers
4.Rhcsa-Class Security Options
Basic permissions for authentication target 4.01 files 139
4.1.1 File Permissions and Ownership
4.1.2 Basic Concepts of Users and Groups
4.1.3 umask141
4.1.4 The default umask value
4.1.5 Commands to modify permissions and ownership
4.1.6 Properties of Special Files
Authentication target 4.02 access control list and other 145
4.2.1 Each file has an acl145
4.2.2 Making the file system acl-friendly
4.2.3 control file acl146
4.2.4 Configuring the acl Directory
4.2.5 Implementing Special Restrictions with acl
4.2.6 acl and mask bits
4.2.7 Exercise 4-1: Denying a User's Access with acl
4.2.8 nfs sharing with acl150
Authentication target 4.03 Basic firewall control 151
4.3.1 Standard Ports
4.3.2 Highlighted iptables Commands
4.3.3 Making sure the firewall is running
4.3.4 rhel 6 default firewall 154
4.3.5 Firewall Configuration Tool
4.3.6 Exercise 4-2: Adjusting the Firewall Configuration
Certification Objective 4.04 Security-Enhanced Linux Primer 161
4.4.1 Basic Functions of selinux
4.4.2 Status of selinux
4.4.3 Configuring selinux162 from the command line
4.4.4 Configuring Basic Selinux Settings
4.4.5 Configuring ordinary users for selinux
4.4.6 Managing selinux Boolean Settings
4.4.7 Displaying and Recognizing the Selinux File Context
4.4.8 Restoring the Selinux File Context
4.4.9 Identifying the Selinux Process Context
4.4.10 Diagnosing and Handling Events that Violate the Selinux Policy
4.4.11 gui selinux management tools 169
4.4.12 selinux Troubleshooting Browser 172
4.4.13 Exercise 4-3: Testing selinux User Types 172
4.5 Certification Summary
4.6.Small Exercises
4.7 Self-Test
4.8.Experimental Questions
4.9 Self-Test Answers
4.10 Experiment Question Answers
Chapter 5 The Boot Process 181
Certification target 5.01 bios and UEFI182
5.1.1 Basic System Configuration
5.1.2 Startup menu 183
5.1.3 Accessing the Linux Bootstrap
Certification target 5.02 boot program and grub program 185
5.2.1 grand unified boot loader-grub185
5.2.2 Booting to a Different Run Level
5.2.3 Exercise 5-1: Booting the System to a Different Run Level
5.2.4 Modifying the System's Boot Program
5.2.5 More Options
5.2.6 grub security and password protection
5.2.7 How to update grub190
5.2.8 Impact of grub Errors
5.2.9 The grub Command Line
5.2.10 Exercise 5-2: Using the grub Command Line 192
5.2.11 Create your own grub configuration file
5.2.12 An option to boot from grub: rescue mode 193
Certificate target 5.03 grub with login 196
5.3.1 Kernel and Initial Ram Disk
5.3.2 The first process, runlevel, and service
5.3.3 Switching Between Run Levels
5.3.4 Restarting and gracefully shutting down the system
5.3.5 Replace sysvinit199 with upstart
5.3.6 upstart configuration file
5.3.7 Terminal and Login Interface 201
Certification target 5.04 Run-level control 202
5.4.1 Defining Functions by Runlevel
5.4.2 Internal Structure of Run-Level Scripts
5.4.3 Command Line Service Configuration
5.4.4 Text Console Service Configuration Tool 205
5.4.5 GUI Service Configuration Tool
Authentication target 5.05 Network configuration 207
5.5.1 Network Configuration Commands
5.5.2 Network Configuration Files
5.5.3etc / sysconfig / network-scripts file 211
5.5.4 Red Hat Configuration Tool
5.5.5 Exercise 5-3: Modifying Network Interfaces with Network Connection Tools
5.5.6 Configuring Name Resolution
5.5.7 Exercise 5-4: Modifying the Network Interface of a Clone System 215
Certification target 5.06 Time synchronization 217
5.6.1 ntp client 217
5.6.2 Date / Time Properties
5.7 Certification Summary
5.8 Exercise 219
5.9 Self-Test
5.10 Experiment Questions 222
5.11 Self-Test Answers 222
5.12 Experiment Question Answers 223
6.Linux File System Management
Certification target 6.01 Storage management and partitioning 231
6.1.1 The current state of the system
6.1.2 The fdisk Utility
6.1.3 Parted Utilities
6.1.4 Graphics Options
6.1.5 Exercise 6-1: Use of fdisk and parted Commands
Certification target 6.02 file system format 244
6.2.1 The Standard Format File System
6.2.2 Journaled File System
6.2.3 File System Format Commands
6.2.4 Exchange Volume
6.2.5 File System Check Commands
6.2.6 Mutual Conversion of File Systems
6.2.7 Exercise 6-2: Format, Check, and Mount Different File Systems
Certification Target 6.03 Basic Linux File System and Directory 248
6.3.1 Various File Systems of Linux
6.3.2 Directories That Can Be Mounted Separately
Certification target 6.04 Logical Volume Manager (lvm) 250
6.4.1 Definitions Related to LVM
6.4.2 Creating Physical Volumes
6.4.3 Creating Volume Groups
6.4.4 Creating Logical Volumes
6.4.5 Use of Logical Volumes
6.4.6 Other LVM Commands
6.4.7 Deleting Logical Volumes
6.4.8 Resizing a Logical Volume
6.4.9 GUI Logical Volume Management Tool
Authentication target 6.05 Volume encryption using Linux unified key setting method
6.5.1 Passwords, Passphrases, and Others
6.5.2 Encryption during installation
6.5.3 Preparation and Initialization of Encryption
6.5.4 Preparing a New File System
6.5.5 Creating a New File System
Certification target 6.06 File system management 264
6.6.1 / etc / fstab File
6.6.2 Universally Unique Identifiers in the / etd / fstab File
6.6.3 Mount Commands
6.6.4 Other options for file system mounts
6.6.5 Virtual File System
6.6.6 Adding Your Own File System to / etc / fstab
6.6.7 Removable Media and / etc / fstab Files
6.6.8 Networked File Systems
Certification target 6.07 automounter 270
6.7.1 Mounting via an Automount Program
6.7.2 Exercise 6-3: Configuring the Automounter 274
6.8 Certification Summary
6.9.Small Exercises
6.10 Self-Test Questions
6.11.Experimental Questions
6.12 Self-Test Answers
6.13 Experiment Question Answers 280
Chapter 7 Package Management
Authentication target 7.01 red hat package manager 284
7.1.1 The Meaning of Packages
7.1.2 Meaning of the red hat package
7.1.3 Meaning of Libraries
7.1.4 Installing the rpm Package
7.1.5 Uninstalling the rpm package
7.1.6 Install rpm287 from a remote system
7.1.7 RPM Installation Security
7.1.8 Special RPM Process with Kernel
Certification target 7.02 More rpm commands 290
7.2.1 Package Inquiry
7.2.2 Package Signing
7.2.3 File Verification
7.2.4 Different databases for installed packages
Authentication target 7.03 dependencies and yum command 293
7.3.1 Dependency Hell Example
7.3.2 Freeing from Dependency Hell
7.3.3 Yum Basic Configuration
7.3.4 Basic yum configuration file: yum.conf296
7.3.5 Configuration Files in /etc/yum/pluginconf.d
7.3.6 Configuration Files in the /etc/yum.repos.d Directory
7.3.7 Creating Your Own /etc/yum.repos.d Configuration File
7.3.8 Exercise 7-1: Creating a yum library from rhel 6 dvd 302
7.3.9 Third Party Libraries
7.3.10 Basic Yum Commands
7.3.11 Installation Mode
7.3.12 security and yum304
7.3.13 Updates and Security Fixes
7.3.14 Package groups and yum305
7.3.15 More yum commands
Certification Objective 7.04 More Package Management Tools 308
7.4.1 gnome software update tools
7.4.2 Automatic Updates
7.4.3 gnome add / removesoftware tool
7.4.4 Exercise 7-2: Using yum and add / remove software to install multiple packages or package groups 311
7.4.5 The Red Hat Network
7.5 Certification Summary
7.6.Small Exercises
7.7 Self-Test
7.8 Experiment Questions 315
7.9 Self-Test Answers
7.10 Experiment Question Answers
8.User Management
Authentication target 8.01 User account management 322
8.1.1 User Types
8.1.2 Shadow Password Set 323
8.1.3 Command Line Tools
8.1.4 Exercise 8-1: Adding Users Using the Red Hat User Manager
8.1.5 Exercise 8-2: Real and fake shell330
8.1.6 Deleting Users
8.1.7 Modify Account 330
8.1.8 More User and Group Management Commands
Certification target 8.02 Management control 332
8.2.1 Logging In As a Root Management User
8.2.2 Exercise 8-3: Restricting Root Management User Logins
8.2.3 Login 333
8.2.4 Correct Use of the su Command
8.2.5 Restricting access to su334
8.2.6 Correct Use of the sg Command
8.2.7 Customizing Administrators with sudo Commands
8.2.8 Other administrative users
Authentication target 8.03 user and shell configuration 336
8.3.1 Home directory and / etc / skel336
8.3.2 / etc / bashrc337
8.3.3 / etc / profile and /etc/profile.d337
8.3.4 /etc/profile.d338
8.3.5 Exercise 8-4: Another Way to Protect Your System
8.3.6 Shell Configuration Files in the User's Home Directory
8.3.7 Login, Logout, and User Conversion
Authentication Target 8.04 User and Network Authentication 339
8.4.1 ldap client configuration
8.4.2 name service switch file
8.4.3 Red Hat Network Verification Tool
Certification target 8.05 Specific group 344
8.5.1 Standard and red hat groups
8.5.2 Shared Directories
8.5.3 Exercise 8-5: Controlling Group Ownership Using the sgid Bit
8.6 Certification Summary
8.7 Small Exercises
8.8 Self-Test Questions
8.9.Experimental Questions
8.10 Self-Test Answers 350
8.11 Experiment Question Answers 350
Chapter 9 rhcsa-level system management tasks
Authentication target 9.01 Access via vnc configuration 354
9.1.1 Installing and Configuring a TigerVNC Server
9.1.2 Gino-based vino server
9.1.3 Installing and Configuring VNC Clients
9.1.4 Firewall Options
9.1.5 Confirming Access to the VNC Server
9.1.6 Selecting a Route Through a Secure Shell
9.1.7 More vnc configuration
9.1.8 User vnc configuration file
Certification Objective 9.02 Basic System Management Commands 361
9.2.1 System Resource Management Commands
9.2.2 Archives and Compression
9.2.3 Controlling Services Through Daemons
Certification target 9.03 System management automation: cron and at369
9.3.1 System crontab and components
9.3.2 cron tasks by hour
9.3.3 Periodic Anacron Work Tasks
9.3.4 Creating cron tasks for users
9.3.5 Exercise 9-1: Creating cron Work Tasks
9.3.6 Running Work Tasks Using the AT System
9.3.7 secure cron and at374
Authentication target 9.04 Local log file analysis 375
9.4.1 System Log Configuration File
9.4.2 Log File Management
9.4.3 Various Log Files
9.4.4 Service-Specific Logs
9.4.5 Exercise 9-2: Learning Log Files
9.5 Certification Summary
9.6 Small Exercises
9.7 Self-Test Questions
9.8 Experiment Questions
9.9 Self-Test Answers
9.10 Experiment Question Answers
10.Getting Started with Security
Certification target 10.01 Linux security layer 386
10.1.1 The bastion system
10.1.2 Best defenses with security updates
10.1.3 Service-specific security
10.1.4 Host-Based Security
10.1.5 User-Based Security
10.1.6 Console Security
10.1.7 National Security Agency Recommendation 390
10.1.8 policykit390
Authentication Target 10.2 Firewall and Network Address Translation 391
10.2.1 Definitions
10.2.2 Structure of the iptables Command
10.2.3 Default Firewall
10.2.4 nsa recommendations
10.2.5 Making sure the firewall is always running
10.2.6 IP Masquerading
10.2.7 IP Forwarding
10.2.8 red hat firewall configuration tool
Authentication target 10.03 Extended internet super server 404
10.3.1 General xinetd configuration
10.3.2 Service-Specific xinetd Configurations
10.3.3 Exercise 10-1: Configuring xinetd406
Authentication target 10.04 tcp wrapper 407
10.4.1 Is the service protected by the TCP wrapper?
10.4.2 The tcp wrapper configuration file
10.4.3 Exercise 10-2: Configuring the tcp wrapper
Authentication target 10.05 Pluggable authentication module 410
10.5.1 Configuration Files
10.5.2 Control Marks
10.5.3 The Format of a Pam File
10.5.4 Exercise 10-3: Configure pam415
10.5.5 pam and user-based security
10.5.6 Exercise 10-4: Using pam to Restrict User Access 416
Certification Target 10.06 Protected files and more information on gpg2 417
10.6.1 The gpg2 Command
10.6.2 The current gpg2 configuration
10.6.3 gpg2 encryption options
10.6.4 Generating a gpg2 Key
10.6.5 Protecting Files with gpg2 Keys
10.7 Certification Summary
10.8.Small Exercises
10.9 Self-Test Questions 422
10.10 Experiment Questions
10.11 Self-Test Answers
10.12 Experiment Question Answers
Chapter 11 System Services and selinux429
Authentication target 11.01 red hat system configuration 430
11.1.1 Service Management
11.1.2 System Services
11.1.3 Introduction to the Configuration Process
11.1.4 Available Configuration Tools
Certification Target 11.02 Security Enhanced Linux434
11.2.1 Options in the selinux Boolean Directory
11.2.2 Selinux Boolean Service Classes
11.2.3 Configuring boolean values with the selinux management tool
11.2.4 Boolean settings
11.2.5 Selinux File Contexts
11.2.6 Exercise 11-1: Configuring a New Directory with the Right Selinux Context
Authentication target 11.03 secure shell server 441
11.3.1 ssh Configuration Commands
11.3.2 The ssh Configuration File
11.3.3 Basic Encrypted Communication
11.3.4 Creating a Private / Public Key Pair for Key-Based Authentication
11.3.5 Configuring the ssh Server
11.3.6 ssh User-Based Security
11.3.7 ssh Host-Based Security
Certification Target 11.04 Safety And configuration checklist 452
11.4.1 Installing Server Services
11.4.2 Basic Configuration
11.4.3 Ensuring Services Live After Restarting
11.4.4 Access through Security Layer Audits
11.4.5 Exercise 11-2: Viewing the Different Effects of iptables and the TCP Packager
11.5 Certification Summary
11.6 Small Exercises
11.7 Self-Test Questions 459
11.8.Experimental Questions
11.9 Answers to Self-Test Questions 461
11.10 Experiment Question Answers
Chapter 12 rhce Management Tasks
Certification target 12.01 System maintenance automation 466
12.1.1 Standard Management Scripts
12.1.2 Script Commands
12.1.3 Creating Your Own Management Script
12.1.4 Exercise 12-1: Creating Scripts
Authentication target 12.02 Kernel runtime parameter 471
12.2.1 How sysctl Works With /etc/sysctl.conf
12.2.2 Settings in the /etc/sysctl.conf File
12.2.3 Exercise 12-2: Disable Response to Ping Commands
Certification target 12.03 Create rpm package 473
12.3.1 Source rpm473
12.3.2 Directory Structure of RPM Sources
12.3.3 Creating Custom Source Code
12.3.4 More prep Packages
12.3.5 Creating Your Own Spec File
12.3.6 Build Your Own rpm479
12.3.7 Build rpm480
Certification Target 12.04 Special Network Option 481
12.4.1 Configuring Special IP Routes
12.4.2 Setting up kerberos client 483
12.4.3 Connecting to a Remote Iscsi Store
12.5 Certification Summary
12.6 Small Exercises
12.7 Self-Test 490
12.8.Experimental Questions
12.9 Answers to Self-Test Questions 491
12.10 Experiment Question Answers
13.Email Servers
Certification target 13.01 Various email agents 496
13.1.1 Definitions and Agreements
13.1.2 Related Mail Server Packages
13.1.3 Selecting an Email System Using Alternatives
13.1.4 General User Security
13.1.5 Mail Log Records
13.1.6 Common Security Issues
13.1.7 Testing Email Servers
13.1.8 Exercise 13-1: Creating Users for Email 501
Authentication target 13.02 Configure postfix501
13.2.1 Configuration Files
13.2.2 The main.cf Configuration File
13.2.3 / etc / aliases Configuration File
13.2.4 The master.cf Configuration File
13.2.5 Testing the Current Postfix Configuration
13.2.6 Configuring Postfix Authentication
13.2.7 Configuring Incoming Email
13.2.8 Configuring Relay Through Smart Host 509
13.2.9 Exercise 13-2: Switching Services 509
Authentication target 13.03 Another smtp service: sendmail509
13.3.1 sendmail basics
13.3.2 Configuration Files
13.3.3 The sendmail.mc Macro File
13.3.4 The submit.mc Macro File
13.3.5 Configuring sendmail to Accept Email from Other Systems
13.3.6 Configuring sendmail to Relay Email to Smart Hosts
13.3.7 Configuring User-Based and Host-Based Sendmail Security
13.3.8 Testing Sendmail's Current Configuration
13.4 Certification Summary
13.5 Tips 518
13.6 Self-Test Questions
13.7.Experimental Questions
13.8 Answers to Self-Test Questions 520
13.9 Answers to Experiment Questions 521
Chapter 14: The Apache Web Server
Authentication target 14.01 apache web server 526
14.1.1 apache 2.2527
14.1.2 Lamp Stack
14.1.3 Installation
14.1.4 Exercise 14-1: Installing the Apache Server 528
14.1.5 The Apache Configuration File
14.1.6 Analyzing the Default Apache Configuration
14.1.7 The Main Apache Configuration Files
14.1.8 Basic Apache Configuration for Simple Web Server
14.1.9 apache log file 533
Authentication Target 14.02 Standard Apache Security Configuration 533
14.2.1 Ports and Firewalls
14.2.2 apache and selinux534
14.2.3 Module Management
14.2.4 Security of Apache
14.2.5 Exercise 14-2: Apache welcome and noindex.html story 539
14.2.6 Exercise 14-3: Creating Files
14.2.7 Host-Based Security
14.2.8 User-Based Security
Authentication target 14.03 Dedicated apache directory 542
14.3.1 Controlling with .htaccess Files
14.3.2 Password-Protected Access
14.3.3 Home Directory Access
14.3.4 Directory for Group Management
14.3.5 Exercise 14-4: Password Protection for the Web Directory
Certification target 14.04 General web hosting and secure web hosting 547
14.4.1 Standard Virtual Hosts
14.4.2 Secure Web Hosting
14.4.3 Creating a New SSL Certificate
14.4.4 Test Page
14.4.5 Syntax Checker
14.4.6 Apache Troubleshooting 555
14.4.7 Exercise 14-5: Creating a Virtual Web Server
Certification target 14.05 Deploy basic cgi application 557
14.5.1 Apache cgi file configuration changes
14.5.2 Creating a Simple CGI Script
14.5.3 Connecting Websites
14.6 Certification Summary
14.7 Minor Exercises 560
14.8 Self-Test 560
14.9 Experiment Questions 562
14.10 Self-Test Answers 562
14.11 Experiment Question Answers
15.Samba File Servers
Authentication target 15.01 samba service 568
15.1.1 Installing the samba Service
15.1.2 Samba Backgrounds
15.1.3 Ports, firewalls, and samba570
15.1.4 Configuring selinux Booleans for samba 571
15.1.5 Configuring samba's selinux File Types
15.1.6 The samba Daemon
15.1.7 Samba Server Global Configuration
15.1.8 samba shared directory 579
15.1.9 Making Samba Join a Domain 583
15.1.10 Samba User Database 583
15.1.11 Creating a Public Share
15.1.12 Exercise 15-1: Configuring samba Home Directory Sharing 585
15.1.13 samba web management tools
15.1.14 Testing Modifications to the /etc/samba/smb.conf File
15.1.15 Review of User and Host-Based Samba Security
15.1.16 Review of Basic Samba Sharing 593
15.1.17 Exercise 15-2: Configure samba share 593
Authentication target 15.02 samba client 594
15.2.1 Command Line Tools
15.2.2 Mount Options
15.2.3 Automatically Mounting Samba Shares
Certification target 15.03 samba troubleshooting 595
15.3.1 Determination of Samba Problems
15.3.2 Viewing Local Log Files
15.3.3 Enabling Remote Access
15.4 Certification Summary
15.5 Tips 598
15.6 Self-Test Questions 599
15.7 Experiment Questions 600
15.8 Self-Test Answers 600
15.9 Answers to Experiment Questions 601
Chapter 16 More File Sharing Services 605
Authentication target 16.01 nfs server 606
16.1.1 nfs option for rhel 6 607
16.1.2 Basic Installation of NFS
16.1.3 Basic NFS Server Configuration
16.1.4 Configuring nfs to Complete Basic Operations
16.1.5 Special Requirements for the / home Directory
16.1.6 Fixed Port 612 in / etc / sysconfig / nfs
16.1.7 Making nfs work with selinux
16.1.8 Bottlenecks and Limitations of nfs
16.1.9 Performance Tips
16.1.10 nfs Security Instructions
16.1.11 Host-Based Security Options
16.1.12 User-based Security Options
16.1.13 Exercise 16-1: nfs619
Authentication target 16.02 Test nfs client 619
16.2.1 nfs mount options
16.2.2 Configure nfs621 in / etc / fstab
16.2.3 Clients Without Disks
16.2.4 Soft Mounting
16.2.5 Current Status of nfs
Authentication target 16.03 vsftp server 622
16.3.1 Basic Configuration of vsftp
16.3.2 vsftp's Main Configuration File
16.3.3 Other vsftp Configuration Files
16.3.4 Configuring selinux Support for vsftp 627
16.3.5 Ports, firewalls, and vsftp628
16.3.6 Exercise 16-2: Configuring a Basic vsftp Server
16.3.7 Anonymous Download Configuration Only 629
16.4 Certification Summary
16.5 Small Exercises 630
16.6 Self-Test Questions
16.7.Experimental Questions
16.8 Answers to Self-Test Questions 632
16.9 Answers to Experiment Questions 633
Chapter 17 Management Services: DNS, FTP, and Logs 637
Authentication target 17.01 Domain name service basic structure 639
17.1.1 Basic Parameters
17.1.2 dns package options
17.1.3 Different types of DNS servers
Minimum target configuration for authentication target 17.02 dns server 640
17.2.1 bind configuration file
17.2.2 Caching Name Servers
17.2.3 Starting the Domain Name Server 643
17.2.4 Forwarding Domain Name Server 643
17.2.5 Forwarding from a cached name server
17.2.6 bind troubleshooting commands
17.2.7 Exercise 17-1: Setting Up Your Own DNS Server 645
Certification target 17.03 Set system usage report 646
17.3.1 System Use Commands
17.3.2 System Status Services
17.3.3 Collecting System State Generation Logs
17.3.4 Preparing System Status Reports
Authentication target 17.04 Configure syslog server 649
17.4.1 System Log Module 650
17.4.2 Enabling the Log Client 650
17.4.3 Configuring the Log Server
17.4.4 Configuring the Log Client 651
17.4.5 Allowing Access Only to Specified Systems
Authentication target 17.05 Network time server service 652
17.5.1 ntp server configuration file
17.5.2 Security Constraints of NTP
17.6 Certification Summary
17.7 Tips 655
17.8 Self-Test Questions 656
17.9.Experimental Questions
17.10 Self-Test Answers
17.11 Experiment Question Answers
Appendix a Preparing a System for a Practice Test 663
Appendix b Practice Test 1: rhcsa667
Appendix C Practice Test 2: rhcsa671
Appendix d Practice Test 3: Rhce Practice Test 1675
Appendix E Practice Test 4: Rhce Practice Test 2679
Appendix f cd instructions for use 683