deck 6

Question 1

chage -d 0 user. The 0 requires user to…

Shift +…in vim allows inserting character at end of current line

terraform….allows validating changes before cloud deployment

Answer 1

-change password at next login

-A

-plan

Question 2

When enabling LUKS on a usb and mount options show as null, run

-unmount, fsck, and cryptsetup….

to maintain least priv while give a user permission to do a specific something that requires escalation, put them in a group that has those privs and put that group in the….

Answer 2

-luksFormat

-custom .conf file

Question 3

lv….. makes a logical volume larger OR smaller. lvextend ONLY makes volume bigger

journalctl -xu can be used to query systemd for MORE details than systemctl status about a…

Answer 3

-lvresize

-failing service

Question 4

sysctl -a displays….

…..containers allow same container configs across different enviroments/deploymens

Answer 4

-kernel parameter at runtime

-ambassador

Question 5

overlay networks allow containers to…

use…command to troubleshoot socket issues

Answer 5

-communicate with each other

-ss (socket stats)

Question 6

if visudo shows a lock on the root account (can’t use it) best course is ….

accounting ALL=/opt/acc/report. break it down

*for ALL, you could choose a different host (localhost, etc)

Answer 6

boot in single user mode, comment out bad line

-the user (accounting), on ALL host, can use /opt/acc/report as root

Question 7

To ensure a script runs only in console mode, switch to isolate…., run script, then switch back to graphical if needed

if using an netstat -s and lots of packets are dropping, increase rmem_max and wmem_max by 12500000

Answer 7

-multi-user.target

Question 8

when updating bind, look at….file to review default config

rpmsave saves what?

Answer 8

-rpmnew

-prior default configuration before a BIND update

Question 9

Ufw status and firewall-cmd - -list-all show what?

modprobe and insmod both load modules into kernel BUT modprobe ALSO…

Answer 9

-all active firewall rules

-handles/loads dependencies

Question 10

use….with containers like docker and such to send app logs to a log store

netstat -antp and lsof ….. can be used with grep LISTEN to find ports that are in a listening state

Answer 10

-sidecars

-iTCP

Question 11

service accounts like www-data and db should NOT have…

for port forwarding with ssh, use ssh -L with the port that will be forwarding first and then the receiving port 2nd

Answer 11

-shell access

Question 12

du -… shows specifics on files using up disk space

ansible is agentless

….files shouldn’t be stored in var because if log files fill up var it might corrupt the database

Answer 12

-a

-database

Question 13

makes comments. yaml or json?

…..can be used to allocate space for a swap file, for instance

Answer 13

-yaml

-fallocate

Question 14

order for swap space is: fallocate, mkswap, and…

anaconda-ks.cfg (kickstart) is used to…

Answer 14

swapon -a

-automate installs

Question 15

to view status of background jobs, use killall -….

sigterm does what?

rm -f removes with no confirmation

Answer 15

-usr1

-gracefully kill a process

Question 16

in tar, to bzip (high compression), use-…flag. -z flag uses…compression

-x does what in tar?
s
umask is 777 for directories, 666 for files

Answer 16

-j
-gzip
-extract

Question 17

best command to diagnose why space not recovered after file deletion is….because it shows processes holding open files

first program booted by sysV init?

Answer 17

-lsof

-/sbin/init

Question 18

difference between bg and &?

….brings background job to foreground

Answer 18

-& starts a process in the backgrund, bg resumes stopped processes in background

-fg

Question 19

…..command runs even after user who ran it logs out or connection drops

a 403 error code for a web server is a local error and might mean a web server can’t access a local directory

Answer 19

-nohup

Question 20

x11 provides….

to disable key sequences like ctrl alt del, comment them out in the…file. this file is always first to boot.

Answer 20

-graphics

initab file (in etc)

Question 21

~/bash_profile contains info specific to a user

etc/profile is system wide and applies to ALL users

Answer 21

-

Question 22

/etc/securetty is used to specifiy?

boot order

1.bios/uefi
2.bootloader
3.kernel
4.init or systemd (first user space)
5.others

Answer 22

-systems suitable for root login

Question 23

never set default run level to either 0 (shutdown) or…

AVC in da log means SELinux.

Answer 23

-6 (restart)

Question 24

setsebool changes boolean values in SELinux to either on/off. -…flag makes it persistent

-Wayland does what?

GRUB2 IS A BOOTLOADER!

Answer 24

-P

-replaces X11 (graphical). Used for display servers

Question 25

/proc exist only in …..and dynamically changes

modprobe -… removes. rmmod does that as well

Answer 25

-memory

-r

Question 26

in iptables, drop does not send a message back, but…does (if it says connection refused)

….servers collect status and performance info about servers in an enviroment

Answer 26

-reject

monitoring

Question 27

in iptables, what two commands should you use with cstate (connection state) and what are they used for?

Answer 27

-new=rule applies to new connections, established= only established connections. can use one or a combo of both as needed

Question 28

directories (777) NEED execute privileges. FILES (666) DO NOT

iptables -…puts entry at TOP of file, -A puts at end of file.

Answer 28

-I

Question 29

kill -hup can be used update a process while its running without killing it

/etc/…. creates a template for new users

Answer 29

-/etc/skel

Question 30

…..a module prevents it from being loaded into the kernel

docker image load does what?

Answer 30

-blacklisting

-loads image from a tar file

Question 31

docker image….creates image from a tarball

docker image build creates images from a Dockerfile

Answer 31

-import

Question 32

ansible starts of with three — and is indented

terraform uses {} and =’s

Question 33

rpm -qa shows ALL installed packages. what shows just specific ones?

rpm -i INSTALLS packages

Answer 33

-rpm -qf

Question 34

rpm -q package name shows?

rpm -qf shows what?

Answer 34

-if a package is installed

-what package a FILE came from

Question 35

partprobe is used to update kernel when a…

sysctl specifies kernel parameters. Systemd works in units and deals with mount points, services, etc.

Answer 35

-partition table is changed

Question 36

when applying changes to sysctl.conf (like ip forwarding for example), you can make them persistent by using sysctl….

Answer 36

-p