RHCSA Questions & Correct Answers
What is the basic unit of information in an LDAP directory? What is the structure of an
attribute? Correct Ans-An entry is the basic unit of information in an LDAP directory.
Each attribute has a name (an attribute type or description) and one or
more values.
Some diskless workstations use NFS as swap space. Why is this approach useful? What is the
downside? Correct Ans-Because it has no disk space, a diskless workstation has no swap
space. The only choice is to use NFS; if it did not use NFS for swap space, the workstation would
be limited by the amount of its physical memory (RAM).
Swapping in general is slow because disks are much slower than RAM. NFS is even slower than a
local disk; any process that uses an NFS swap space will spend a long time waiting for pages to
be swapped in.
NFS maps users on the client to users on the server. Explain why this mapping is a security risk.
Correct Ans-NFS utilizes the AUTH_UNIX method of authentication, which implicitly trusts
the UID (user ID) and GIDs (group ID) that the NFS client presents to the server. Root access to a
file system explicitly exported by root can also be easily compromised if an intruder can gain
root access. Further, programs can easily be developed that set the UID and GID value to any
given number. This allows access to any user's file on an NFS server.
What does the mount nosuid option do? Why would you want to use this option? Correct
Ans-The nosuid option forces setuid executables in the mounted directory hierarchy to run with
regular permissions on the local system.
, Giving a user the ability to run a setuid program can give that user the ability to run a program
with root privileges. Normally you do not want an ordinary user running a program as a
privileged user.
What kind of DNS record is likely to be returned when a Web browser tries to resolve the
domain part of a URI? Correct Ans-An A (address) record points to a domain.
What are MX resource records for? Correct Ans-identifies the email servers for a domain
How would you enable Sam to publish Web pages from his ~/website directory but not allow
anyone else to publish to the Web? Correct Ans-You could just add an Alias and Directory
directive to your site
eg.
Code:
Alias /sam /home/sam/website
<Directory /home/sam/website>
Options ...
Order allow,deny
Allow from all
</Directory>
What is the basic unit of information in an LDAP directory? What is the structure of an
attribute? Correct Ans-An entry is the basic unit of information in an LDAP directory.
Each attribute has a name (an attribute type or description) and one or
more values.
Some diskless workstations use NFS as swap space. Why is this approach useful? What is the
downside? Correct Ans-Because it has no disk space, a diskless workstation has no swap
space. The only choice is to use NFS; if it did not use NFS for swap space, the workstation would
be limited by the amount of its physical memory (RAM).
Swapping in general is slow because disks are much slower than RAM. NFS is even slower than a
local disk; any process that uses an NFS swap space will spend a long time waiting for pages to
be swapped in.
NFS maps users on the client to users on the server. Explain why this mapping is a security risk.
Correct Ans-NFS utilizes the AUTH_UNIX method of authentication, which implicitly trusts
the UID (user ID) and GIDs (group ID) that the NFS client presents to the server. Root access to a
file system explicitly exported by root can also be easily compromised if an intruder can gain
root access. Further, programs can easily be developed that set the UID and GID value to any
given number. This allows access to any user's file on an NFS server.
What does the mount nosuid option do? Why would you want to use this option? Correct
Ans-The nosuid option forces setuid executables in the mounted directory hierarchy to run with
regular permissions on the local system.
, Giving a user the ability to run a setuid program can give that user the ability to run a program
with root privileges. Normally you do not want an ordinary user running a program as a
privileged user.
What kind of DNS record is likely to be returned when a Web browser tries to resolve the
domain part of a URI? Correct Ans-An A (address) record points to a domain.
What are MX resource records for? Correct Ans-identifies the email servers for a domain
How would you enable Sam to publish Web pages from his ~/website directory but not allow
anyone else to publish to the Web? Correct Ans-You could just add an Alias and Directory
directive to your site
eg.
Code:
Alias /sam /home/sam/website
<Directory /home/sam/website>
Options ...
Order allow,deny
Allow from all
</Directory>
