All

Question 1

[Network]
What is a wildcard certificate?

Answer 1

a type of SSL/TLS certificate (using a ‘*’) that secures a domain and all of its subdomains with a single certificate.

Question 2

[Linux]
What commands do you use to change file permissions & ownership?

Answer 2

chmod (for permissions)
& chown (for ownership)

Question 3

[Ansible]
What flag limits the (ansible) playbook?

Answer 3

-l

Question 4

[Ansible]
How to run a YAML file on all host in stage inventory?

Answer 4

-l [specify inventory file]

Question 5

[Ansible]
Whats the name of the term/condition that only allows you to do things when certain conditions are met?

Answer 5

When

Question 6

[Linux]
How would you start a service in RHEL?

Answer 6

Systemctl start [service name]

Question 7

[Linux]
How would you install a package?

Answer 7

yum install [package name]

Question 8

[Ansible]
What is ansible?
& how do you use it?

Answer 8

It is a configuration management tool, that allows us to automate repetitive tasks & ensure consistency across servers.

Question 9

[Ansible]
[Get clarity on the best way to answer this]
What’s the difference between an ansible playbook, role, and task?

Answer 9

playbook= a YAML file containing plays (a set of tasks) that define the automation steps

role= a structured way to organize playbooks into smaller, reusable & more manageable units (contains task, variables, templates, file and handlers)

task= a single action that can executed on a remote system (example: installing a package or starting a service)

Question 10

[Ansible]
What flag runs the playbook but doesn’t apply it?

Answer 10

–check

Question 11

[Ansible]
What flag limits the playbook to a specific host?

Answer 11

-l

Question 12

[Ansible]
How to run a playbook on all host in stage inventory?

Answer 12

-l [specify host]

Question 13

[Ansible]
What are the benefits of Ansible’s item potency?

Answer 13

Ansible checks the deltas & will only change things that need to be changed so that you can run it multiple times on the same system.

Question 14

[Ansible] [Get clarity]
If installing a package & writing a task what Ansible module would you use?

Answer 14

YUM (RHEL7)
or
DNF (RHEL8)

Question 15

[Ansible] [Need clarity]
What is the general design of a playbook?

Answer 15

Starts with — to indicate a YAML document.

• name: (of play)
  host: (target machines or group [from inventory file])
  become: (need to run play as root?)vars: (defines reusable names/values)
  package_name: (ie: httpd)tasks:
  - name: (name of task)
  Defines reusable values.
  Example:
  yaml
  Copy
  Edit
  vars:
  package_name: httpd
  Tasks (tasks)

The core of the playbook, executing actions using Ansible modules.
Example:
yaml
Copy
Edit
- name: Install Apache
yum:
name: httpd
state: present
Handlers (handlers)

Triggered by tasks (e.g., restart a service after configuration changes).
Example:
yaml
Copy
Edit
handlers:
- name: Restart Apache
systemd:
name: httpd
state: restarted
Roles (roles)

Organizes tasks, variables, templates, and handlers into reusable components.
Conditional Execution (when)

Runs tasks only if conditions are met.

Question 16

[Ansible]
How does Ansible leverage Jinga2?

Answer 16

for template processing and enables the dynamic insertion of data into files based on variables and logic defined in your playbooks.

Question 17

[Linux?]
What is SMTP & post-fix?

Answer 17

smtp = (Simple Mail Transfer Protocol) is a set of rules for sending and receiving emails over the internet using TCP & default port 25 or 587 (TLS encrypted)

Post fix = mail server package that linux uses

Question 18

[Linux]
Where are system log files typically stored for RHEL?

Answer 18

/var/log/messages = general system messages
+journalctl -k (for kernel logs)
/var/log/secure = authentication logs
/var/log/httpd = Apache web server logs (access & error logs)
/var/log/cron = logs of scheduled CRON jobs

Question 19

[Linux]
What are IP tables?

Answer 19

a tool used to configure & manage packet filtering + network traffic rules.

Question 20

[AWS]
What is a load balancer? What is it generally used for?

Answer 20

a system/device that manages incoming traffic to multiple servers to ensure performance, reliability & availability. Helps avoid overload on any 1 server.

Question 21

[Linux]
What command is used patch manually?

Answer 21

$ yum update

Question 22

[Linux]
What do you use /var/log or /var/log/messages for?

Answer 22

to check system logs
& messages regarding security events, user activities, application logs & kernel messages

ex: use ‘grep’ (search/find), ‘tail’ (last commands used), & ‘less’

Question 23

[Linux]
What are some big differences between RHEL7 & RHEL8?

Answer 23

1) Package management:
RHEL7 uses YUM
vs
RHEL8 uses DNF (faster & more efficient)

2) Kernal Upgrade:
RHEL7 uses 3.10
vs
RHEL8 uses 4.18 (better hardware support, performance & security)

3) Software Packaging
RHEL7 uses traditional RPM packaging
vs
RHEL8 introduces Application Streams, allowing multiple versions of software to be installed and maintained simultaneously

4) Networking
RHEL7 uses iptables for firewall management
vs
RHEL8 replaces ‘iptables’ with ‘nftables’ (simplifies network filtering) + ‘network-scripts’ is now ‘NetworkManager’

5) Security Enhancements
RHEL8 improves encryption & security compliance (with OpenSSL 1.1.1 + TLS 1.3), system-wide cryptographic policies, & rootless containers (reducing the need for root privileges)

6) Desktop Environment
RHEL7 uses GNOME 3.22 with X.org
vs
RHEL8 uses GNOME 3.28 with Wayland (X.org still available)

7) Storage & Filesystem Changes
RHEL7 supports XFS, ext4 and Brtrf
vs
RHEL8 drops Btrf, (keeps XFS & ext4) + adds Stratis (easier storage management)

8) Containerization changes
RHEL7 uses Docker
vs
RHEL8 drops Docker and uses Podman, Buildah & Skopeo (more secure & rootless containers)

Question 24

[Troubleshoot]
Steps when dealing with BRUTE FORCE ATTACKS

Answer 24

1) Identify the attack (monitor sys logs (/var/log/auth.log and/or /var/log/secure) use ‘lastb’ to see failed login attempts

2) Block the attacker (using Fail2Ban (for SSH, webservers, etc) or manually by editing ‘iptables’ or ‘firewalld’)

3) Enforce Strong Authentication (disable password authentication in /etc/ssh/sshd_config and use SSH keys instead) and/or enable multi-factor authentication

4) Limit Login Attemps (edit /etc/ssh/sshd_config > MaxAuthTries)

5) Change Default Port (change from port 22 to a no-standard port (ie 2222) in /etc/ssh/sshd_config)

6) Monitor and Audit regularly
-use Intrusion Detections System (IDS) like OSSEC or AIDE
-Regularly check /var/log/auth.log or use journalctl -xe
-automate alerts using Fail2Ban w/ email notifications

7) Use Web Application Firewalls (WAFs)
-use ModSecurity or cloud-based WAFs like Cloudflare or AWS WAF

8) Keep System Updated (via constant patching)

Question 25

[Interview] What is your experience with GitLab & BitBucket? (enterprise versions of GitHub)

Answer 25

We use it for version control for CI/CD (version control: a system that helps manage changes to files, code or documents over time. Also allows you to go back to a previous version of a file, see history of changes or collaborate with others w/o overwriting each others work)

Question 26

[Troubleshoot] I used Ansible to patch multiple systems but one system could not update the patch. Troubleshoot, why?

Answer 26

I would run the playbook with '-vvv' to identify specific errors. If the issue is package-related, I would manually check the package manager, ensure disk space is sufficient, and confirm that the repository is accessible. I would also verify that the playbook logic, conditions, and inventory settings don’t exclude the host.

Question 27

[Linux] How do you do rollbacks in RHEL/CentOs?

Answer 27

**From the snapshot Using package manager: $ dnf history undo [transaction_id]

Question 28

[Interview] What's your STIG score?

Answer 28

It's difficult to say because it's impossible to have a 100% STIG score. We must have some vulnerabilities for some services to run.

Question 29

[Linux] What are the three components of the Linux OS?

Answer 29

Kernel (core) Shell (CLI/User Interface) File System (how data is stored, organized & accessed)

Question 30

[Linux] What is the difference between UNIX and Linux?

Answer 30

Unix: commercial (expensive), primarily used in enterprise environments Linux: Open source, flexible, widely used (personal to enterprise)

Question 31

[Linux] What is bash?

Answer 31

Command-line shell (execute commands directly) & scripting language (for automating task) ie: ls, cd, grep

Question 32

[Linux] What is a CronTab?

Answer 32

Config file used to schedule and automate task (left to right: minute, hour, day, month, day-of-the-week)

Question 33

[Linux] What do you use the root account for?

Answer 33

unrestricted privileges & only critical system admin task. It is best practice to use 'sudo' instead of direct root access

Question 34

[Troubleshoot] What would you do if you received an error message that the file system is full?

Answer 34

Check disk usage: $ df -h Identify large files: $ du -sh /* Delete or compress unnecessary files: $ rm, journalctl --vacuum-time=7d Check deleted files still using space: $ lsof | grep deleted Extend filesystem if necessary: $ lvextend, resizefs

Question 35

[Linux] Where is the password file located in linux?

Answer 35

/etc/passwd OR (encrypted) /etc/shadow

Question 36

[Linux] What is chmod [file/folder]?

Answer 36

Change permissions of [file] $ chmod [u/g/o + r/w/x] [files/dir]

Question 37

[Linux] What is a ext3 file system?

Answer 37

3rd extended file system; slowly being phased out by ext4. major upgrade over ext2 was JOURNALING, which improved reliability (data integrity) & prevented data corruption during power loss or system crash (fast recovery) -easily convert ext2 to ext3 -not as scalable as ext4 or XFS -doesnt handle large files/volumes as well as ext4

Question 38

[Interview] What tools would you use for monitoring?

Answer 38

$ htop = CPU, memory, swap usage, running processes $ vmstat 1 = detailed info about sys performance including virtual memory, processes, CPU activity & disk I/O (updated every second) $ free -h = display memory usage (RAM & swap: total, used, free, shared, cached) $ df -h = disk space usage for mounted filesystems $ du -sh [file/dir] = disk usage of [file/dir] $ "netstat / ss" -tuln = active network connections, listening ports, network stats

Question 39

[Interview] How do you manage disk storage and clean up disk space?

Answer 39

$ df -h = show free disk space on all mounted filesystems $ du -sh [file/dir] = shows disk usage of [file/dir] $ yum clean all = cleans package manager cache $ yum clean packages = removes package cache $ logrotate = Rotate (& compress) old logs (located in */etc/logrotate.conf*) $ rm /tmp/* = Delete temp files need yum-utils: $ package-cleanup --leaves = removes orphaned packages

Question 40

[Network] What command would you use to show listening ports?

Answer 40

$ ss -tuln OR $ netstat -tuln

Question 41

How is TomCat implemented? Is it from source or RPM?

Answer 41

[need to fact check] I would do it from source, I would unload the package and then specify my Catalina home

Question 42

[Network] TCP vs UDP

Answer 42

TCP is a 3 way handshake (ie Rsync)(for task that confirmation) UDP is a 2 way handshake (ie netstat)(faster, used for streaming/gaming)

Question 43

[DNS Records] What is an 'A record'?

Answer 43

Maps a domain name to an IPv4 address

Question 44

[DNS Records] What is a 'CName record'?

Answer 44

Creates an alias domain that points to another domain

Question 45

[DNS Records] What is a 'PTR record'?

Answer 45

Used for reverse DNS lookups; mapping an IP address to a domain.

Question 46

[DNS Records] What is a AAAA (quad-A) record?

Answer 46

Maps a domain name to an IPv6 address

Question 47

[Interview] What is a LAMP environment?

Answer 47

a popular open-source software stack used for hosting web applications utilizing Linux, Apache, MySQL & PHP/Python.

Question 48

[Ansible] Typically, where is the main playbook stored?

Answer 48

/default

Question 49

[Ansible] Where are the variables for /etc/chrony.conf stored?

Answer 49

in main.yaml

Question 50

[Ansible] Where are the templates stored?

Answer 50

in /etc/chrony.conf

Question 51

[Ansible] What file controls all the configurations?

Answer 51

/main.yaml

Question 52

[Ansible] What flag gives an in-depth breakdown of the play/processes being ran?

Answer 52

-v OR -vvv (verbose)

Question 53

[Linux] Difference between Linux and Unix

Answer 53

UNIX is proprietary & commercial while Linux is free & open source

Question 54

[Linux] What are the different files types in Linux?

Answer 54

files directories special files (represent devices ie /dev/sda) Symbolic links (point to other files) FIFO files [aka pipes] used for inter-process communication)

Question 55

[Linux] How do you check CPU usage?

Answer 55

$ top or $ htop

Question 56

[Linux] What are the different run levels in Linux?

Answer 56

0 = HALT (shuts down the system) 1 = Single-user mode (for maintenance) 2 = Multi-user mode w/o networking 3 = Multi-user mode WITH networking 4 = unused/customizable 5 = Multi-user w/ GUI 6 = REBOOT

Question 57

[Linux] What command to check current runlevel?

Answer 57

$ runlevel

Question 58

[Linux] What command to change runlevel?

Answer 58

$ init [number] = switch to runlevel [number]

Question 59

[Network] What command to check what ports are open?

Answer 59

$ netstat -tulnp $ ss -tulnp

Question 60

[Linux] How to create, delete and assign password for users in Linux?

Answer 60

$ useradd [username] $ userdel [username] $ passwd [username]

Question 61

[Linux] What is an inode?

Answer 61

An inode (Index Node) is a data structure used by file systems in Linux to store metadata about a file or directory. (harddrive identifier) It contains information such as: File type, Permissions, Ownership, Size of the file, Timestamps

Question 62

[Network] What port does Apache run on? Does it use TCP or UCP?

Answer 62

http= port 80 / https= port 443 typically uses TCP

Question 63

[Network] What port does DNS run on? Does it use TCP or UCP?

Answer 63

port 53 Both TCP & UCP

Question 64

[Network] What port does NFS run on? Does it use TCP or UCP?

Answer 64

port 2049 Both TCP & UCP

Question 65

[Network] What port does SSH run on? Does it use TCP or UCP?

Answer 65

port 22

Question 66

[Network] Where is the config file for SSH?

Answer 66

/etc/ssh/sshd_config

Question 67

[Linux] explain hardlink vs softlink

Answer 67

A hard link is a direct reference to the data vs a softlink is a shortcut/reference to another file or directory.

Question 68

[Linux] How do you check disk usage?

Answer 68

$ df -h

Question 69

[Linux] How do you check memory usage?

Answer 69

$ free -m

Question 70

[Linux] How do you check network usage?

Answer 70

$ iftop or $ netstat -tulnp

Question 71

[Linux] How do you check Disk I/O usage?

Answer 71

$ iostat

Question 72

[Linux] What is SELinux? & its purpose?

Answer 72

a module that increases security by limiting process actions extra features: Type Enforcement (TE), Role-Based Access Control (RBAC), Multi-Level Security (MLS)

Question 73

[Linux] What is fstab?

Answer 73

(File System Table): contains information about disk partitioning & storage devices that should be automatically mounted at boot -located in */etc/fstab*

Question 74

[Linux] What are the modes of SELinux? & how to check current mode

Answer 74

Enforcing, Permissive, & Disabled. Check by using: $ sestatus

Question 75

[Linux] How to change modes in SELinux, temporarily & permanently

Answer 75

Temp: $ setenforce 1 or 0 [1=enforcing, 0=permissive] Perm: goto */etc/selinux/config* change "SELINUX=____" to enforcing, permissive or disabled, then save & reboot.

Question 76

[Ansible] Where is the Ansible config file located?

Answer 76

/etc/ansible/ansible.cfg

Question 77

[Interview] Tell me about a time when something broke & you had to fix it

Answer 77

personalized answer

Question 78

[Interview] What would you do if a server went down?

Answer 78

personalized answer

Question 79

[Interview] What are some things you would check if your application went down?

Answer 79

personalized answer

Question 80

[Interview] Someone is complaining of a server with full disk space, & when running a df -h says nothing is full. What would you do?

Answer 80

personalized answer