EX300 Red Hat Certified Engineer – RHCE (v6+v7) Questions and Answers

RHCE Test Configuration Instructions

Information for the two systems you will use in test is the following:

system1.group3.example.com: is one of the main sever. system2.group3.example.com: mainly used as a client.

Password for both of the two systems is atenorth

System’s IP is provided by DHCP, you can regard it as normal, or you can reset to Static IP in accordance with the following requirements:

system1.group3.example.com: 172.24.3.5

system2.group3.example.com: 172.24.3.10

The subnet mask is 255.255.255.0

Your system is a member of DNS domain group3.example.com. All systems in DNS domain group3.example.com are all in subnet 172.24.3.0/255.255.255.0, the same all systems in this subnet are also in group3.example.com, unless specialized, all network services required to be configured can be accessed by systems of domain group3.

host.group3.example.com provides a centralized authentication service domain

GROUP3.EXAMPLE.COM, both system1 and system2 have already been pre-configured to be the client for this domain, this domain provides the following user account:

Firewall is enabled by default, you can turn it off when deemed appropriate, other settings about firewall may be in separate requirements.

Your system will be restarted before scoring, so please ensure that all modifications and service configurations you made still can be operated after the restart without manual intervention, virtual machine instances of all examinations must be able to enter the correct multi-user level after restart without manual assistance, it will be scored zero if the test using virtual machine system cannot be restarted or be properly restarted.

Corresponding distribution packages for the testing using operating system Red Hat Enterprise Linux version can be found in the following link:

http://server1.group3.example.com/rhel

Part of the requirements include host security, ensure your host security limit does not prevent the request to allow the host and network, although you correctly configured the network service but would have to allow the host or network is blocked, this also does not score.

You will notice that some requirements which clearly do not allow services be accessed by service domain my133t.org, systems of this domain are in subnet 172.25.1.0/252.255.255.0, and systems of these subnets also belong to my 133t.org domain.

PS: Notice that some test questions may depend on other exam questions, for example, you might be asked to perform a series of restrictions on a user, but this user creation may be required in other questions. For convenient identification, each exam question has some radio buttons to help you identify which questions you have already completed or not completed. Certainly, you do not need to care these buttons if you don’t need them.

Customize the User Environment

Create a custom command on system1 and system2 named as qstat, and this custom command will execute the following command:

/bin/ps - Ao pid,tt,user,fname,rsz

This command is valid for all users in the system.

RHCE Test Configuration Instructions

Information for the two systems you will use in test is the following:

system1.group3.example.com: is one of the main sever. system2.group3.example.com: mainly used as a client.

Password for both of the two systems is atenorth

System’s IP is provided by DHCP, you can regard it as normal, or you can reset to Static IP in accordance with the following requirements:

system1.group3.example.com: 172.24.3.5

system2.group3.example.com: 172.24.3.10

The subnet mask is 255.255.255.0

Your system is a member of DNS domain group3.example.com. All systems in DNS domain group3.example.com are all in subnet 172.24.3.0/255.255.255.0, the same all systems in this subnet are also in group3.example.com, unless specialized, all network services required to be configured can be accessed by systems of domain group3.

host.group3.example.com provides a centralized authentication service domain

GROUP3.EXAMPLE.COM, both system1 and system2 have already been pre-configured to be the client for this domain, this domain provides the following user account:

Firewall is enabled by default, you can turn it off when deemed appropriate, other settings about firewall may be in separate requirements.

Your system will be restarted before scoring, so please ensure that all modifications and service configurations you made still can be operated after the restart without manual intervention, virtual machine instances of all examinations must be able to enter the correct multi-user level after restart without manual assistance, it will be scored zero if the test using virtual machine system cannot be restarted or be properly restarted.

Corresponding distribution packages for the testing using operating system Red Hat Enterprise Linux version can be found in the following link:

http://server1.group3.example.com/rhel

Part of the requirements include host security, ensure your host security limit does not prevent the request to allow the host and network, although you correctly configured the network service but would have to allow the host or network is blocked, this also does not score.

You will notice that some requirements which clearly do not allow services be accessed by service domain my133t.org, systems of this domain are in subnet 172.25.1.0/252.255.255.0, and systems of these subnets also belong to my 133t.org domain.

PS: Notice that some test questions may depend on other exam questions, for example, you might be asked to perform a series of restrictions on a user, but this user creation may be required in other questions. For convenient identification, each exam question has some radio buttons to help you identify which questions you have already completed or not completed. Certainly, you do not need to care these buttons if you don’t need them.

Configure the Local Mail Service

Configure the mail service on system1 and system2, as required:

1. These systems do not accept external sending mails

2. Any mails sent locally are automatically routed to rhgls.domain11.example.com

3. Mails sent from these systems will be displayed from rhgls.domain11.example.com

4. You can send mail to local user ‘arthur’ to test your configuration system rhgls.domain11.example.com

5. You have already configured this user’s mail to the following URL rhgls.domain11.example.com/received_mail/11

One Logical Volume is created named as myvol under vo volume group and is mounted. The Initial Size of that Logical Volume is 400MB. Make successfully that the size of Logical Volume 200MB without losing any data. The size of logical volume 200MB to 210MB will be acceptable.

Whoever creates the files/directories on /storage group owner should be automatically should be the same group owner of /storage.

Add a cron schedule to take full backup of /home on every day at 5:30 pm to /dev/st0 device.

One Package named zsh is dump on ftp://server1.example.com under pub directory. Install the package from ftp server.

Give Full Permission to owner user and owner group member but no permission to others on /data.

Make Secondary belongs the jeff and marion users on sysusers group. But harold user should not belongs to sysusers group.

There are two different networks 192.168.0.0/24 and 192.168.1.0/24. Where 192.168.0.254 and 192.168.1.254 IP Address are assigned on Server. Verify your network settings by pinging 192.168.1.0/24 Network ' s Host.

Arrange a web service address is: http://serverX.example.com, X is the number of your exam machine. Deploy it in accordance with the following requirements:

Download ftp ： //instructor.example.com/pub/rhce/server.html

Cannot do any modification to file document server.html

Rename file document server.html as index.html

Copy the file document server.html to DocumentRoo

Configure a mail alias to your MTA, for example, send emails to harry but mary actually is receiving emails.

Write a script /root/program. The request is when you input the kernel parameters for script, the script should return to user. When input the user parameters, the script should return to kernel. And when the script has no parameters or the parameters are wrong, the standard error output should be “usage:/root/program kernel|user”.

Shutdown the /root/cdrom.iso under /opt/data and set as boot automatically mount.

Connect to the email server and send email to admin, and it can be received by harry.

Configure the kernel parameters: rhelblq=1, and it is requested that your kernel parameters can be verified through /proc/cmdline.

According to the following requirements, deploy your ftp login rule:

Users in example.com domain must be able to login to your ftp server as an anonymous user.

But users outside the example.com domain are unable to login to your server

There were two systems:

system1, main system on which most of the configuration take place

system2, some configuration here

Script1.

Create a script on serverX called /root/random with the following details

When run as /root/random postconf, should bring the output as “postroll”

When run as /root/random postroll, should bring the output as “postconf”

When run with any other argument or without argument, should bring any other argument or without argument, should bring the stderr as “/root/random postconf|postroll”

There were two systems:

system1, main system on which most of the configuration take place

system2, some configuration here

Secured webserver.

Configure the website https://serverX.example.com with TLS

SSLCertificate file http://classroom.example.com/pub/rhce/tls/certs/system1.networkX.crt

SSLCertificatekeyfile http://classroom.example.com/pub/rhce/tls/private/system1.networkX.key

SSL CA certificate file http://classroom.example.com/pub/example-ca.crt

There were two systems:

system1, main system on which most of the configuration take place

system2, some configuration here

Configure selinux.

Configure your systems that should be running in Enforcing.

There were two systems:

system1, main system on which most of the configuration take place

system2, some configuration here

Configure NFS mount.

Mount /nfsshare directory on desktopX under /public directory persistently at system boot time.

Mount /nfssecure/protected with krb5p secured share on desktopX beneath /secure/protected provided with keytab station.network0.example.com/pub/keytabs/desktopX.keytab " > http://station.network0.example.com/pub/keytabs/desktopX.keytab

The user harry is able to write files on /secure directory

There were two systems:

system1, main system on which most of the configuration take place

system2, some configuration here

Configure port forwarding.

Configure server X to forward traffic incoming on port 80/tcp from source network 172.25.X.0/255.255.255.0 to port on 5243/tcp.

There were two systems:

system1, main system on which most of the configuration take place

system2, some configuration here

Dynamic Webpage Configuration.

Configure website wsgiX.example.com:8961 " > http://wsgiX.example.com:8961 on system1 with the documentroot /var/www/scripts

Site should execute webapp.wsgi

Page is already provided on classroom.example.com/pub/webapp.wsgi " > http://classroom.example.com/pub/webapp.wsgi

Content of the script should not be modified

There were two systems:

system1, main system on which most of the configuration take place

system2, some configuration here

Webpage content modification.

Implement website for serverX.examp " > http://serverX.example.com/owndir

Create a directory named as “owndir” under the document root of webserver

Download station.network0.example.com/pub " > http://station.network0.example.com/pub/rhce/restrict.html

Rename the file into ondex.html

The content of the owndir should be visible to everyone browsing from your local system but should not be accessible from other location