RHCSA EX200- Questions & Correct Answers
What is SELinux Correct Ans-Provides mandatory access control to a linux server where every
system call is denied unless it has been specifically allowed
Where is the config file for SELinux Correct Ans-/etc/sysconfig/selinux
What are context settings in SELinux Correct Ans-Context labels define the nature of the
item, + SELinux rules are created to match the context labels of source objects, to context labels
of target objects
cmd to apply context label "type" policy on a directory Correct Ans-semanage -a -t (context
type) "[directory](/.*)?"
cmd to write context label to file system Correct Ans-restorecon -R -v (directory)
steps to install SELinux specific manpages Correct Ans-1. yum install -y policycoreutils-devel
2. sepolicy manpage -a -p /usr/share/man/man8
3. mandb
4. man -k _selinux
cmd to get a list of SELinux booleans Correct Ans-semanage boolean -l
,cmd to change an SELinux boolean value permanently Correct Ans-setsebool (context type)
(on/off) -P
where does SELinux log activity Correct Ans-/var/log/audit/audit.log
How can you find the SELinux messages in /var/log/audit/audit.log Correct Ans-grep AVC
/var/log/audit/audit.log
1. cmd to install sealert.
2. Why is sealert helpful
3. Where is the sealert log directory Correct Ans-1. yum install setroubleshoot-server -y
2. sealert makes it easier to read SELinux messages
3. written to /var/log/messagesclear
What is firewalld Correct Ans-Implemented by the linux kernel by the netfilter subsystem.
Netfilter allows kernel modules to inspect every outgoing, incoming, or forwarded packet.
Firewalld applies to incoming packets by default
list two ways to configure firewalld Correct Ans-firewall-cmd
firewall-config
, packages to setup ldap Correct Ans-yum group install "Directory Client" -y
package to install to auto completion Correct Ans-yum -y install bash-complete
packages to automount a home directory Correct Ans-autofs nfs-utils openldap-clients
to automount user home folders, what file do you edit Correct Ans-
/etc/auto.master.d/ldap.autofs
add the following line:
/home/guests /etc/auto.ldap
what do you need to edit to provide read/write access for users with auto mounted
directories Correct Ans-edit /etc/auto.ldap
add:
* -rw ldap.domainname.com:/home/guests/&
cmd to list kernel updates Correct Ans-yum list kernel
cmd to download kernel Correct Ans-yumdownloader kernel (will download an rpm package)
rpm command to install kernel Correct Ans-yum -ivh kernel(tab complete)
What is SELinux Correct Ans-Provides mandatory access control to a linux server where every
system call is denied unless it has been specifically allowed
Where is the config file for SELinux Correct Ans-/etc/sysconfig/selinux
What are context settings in SELinux Correct Ans-Context labels define the nature of the
item, + SELinux rules are created to match the context labels of source objects, to context labels
of target objects
cmd to apply context label "type" policy on a directory Correct Ans-semanage -a -t (context
type) "[directory](/.*)?"
cmd to write context label to file system Correct Ans-restorecon -R -v (directory)
steps to install SELinux specific manpages Correct Ans-1. yum install -y policycoreutils-devel
2. sepolicy manpage -a -p /usr/share/man/man8
3. mandb
4. man -k _selinux
cmd to get a list of SELinux booleans Correct Ans-semanage boolean -l
,cmd to change an SELinux boolean value permanently Correct Ans-setsebool (context type)
(on/off) -P
where does SELinux log activity Correct Ans-/var/log/audit/audit.log
How can you find the SELinux messages in /var/log/audit/audit.log Correct Ans-grep AVC
/var/log/audit/audit.log
1. cmd to install sealert.
2. Why is sealert helpful
3. Where is the sealert log directory Correct Ans-1. yum install setroubleshoot-server -y
2. sealert makes it easier to read SELinux messages
3. written to /var/log/messagesclear
What is firewalld Correct Ans-Implemented by the linux kernel by the netfilter subsystem.
Netfilter allows kernel modules to inspect every outgoing, incoming, or forwarded packet.
Firewalld applies to incoming packets by default
list two ways to configure firewalld Correct Ans-firewall-cmd
firewall-config
, packages to setup ldap Correct Ans-yum group install "Directory Client" -y
package to install to auto completion Correct Ans-yum -y install bash-complete
packages to automount a home directory Correct Ans-autofs nfs-utils openldap-clients
to automount user home folders, what file do you edit Correct Ans-
/etc/auto.master.d/ldap.autofs
add the following line:
/home/guests /etc/auto.ldap
what do you need to edit to provide read/write access for users with auto mounted
directories Correct Ans-edit /etc/auto.ldap
add:
* -rw ldap.domainname.com:/home/guests/&
cmd to list kernel updates Correct Ans-yum list kernel
cmd to download kernel Correct Ans-yumdownloader kernel (will download an rpm package)
rpm command to install kernel Correct Ans-yum -ivh kernel(tab complete)
