LUX 263 - Linux System Administration III

Review for the Third Test

The following questions are provided to help you study for the third test. Do not expect to see these exact questions on the test.

  1. If a server becomes unavailable in a network that uses iptables, what should be done with regard to iptables?

  2. If a server becomes unavailable in a network that uses firewalld, what should be done with regard to firewalld? What optional thing may be done instead or as well?

  3. What is the command line interface for iptables? What is the GUI for it?

  4. What is the command line interface for firewalld? What is the GUI for it?

  5. With regard to the two interfaces for firewalld, which did the text regard as being more granular?

  6. What is the effect on network connections when iptables rule tables are reloaded?

  7. What is the netfilter service?

  8. In what space does the netfilter service run? In what space do the four firewall management interfaces run?

  9. If we want to make a change to firewalld that will take effect now, and be in effect after the next reboot, what should we do?

  10. What is the difference between the drop and block actions taken by firewalld in zones that have those two types?

  11. What three services are typically allowed in a Public zone?

  12. What is the common description for what happens to packets in Work, Home, and Internal zones?

  13. What kind of information is kept in a lockdown whitelist document?

  14. What state should firewalld be put into when there is an ongoing external attack?

  15. What is an advantage to using the command line interface for firewalld?

  16. What is the difference between stopping a service and masking it?

  17. In a network that uses Kerberos, what is a realm? What is the key thing that determines that a realm exists?

  18. From the point of view of a Kerberos server, what is a principal?

  19. What are the main contents of a TGT?

  20. What device issues a TGT?

  21. How is a TGT encrypted?

  22. What are the two types of KDC found in a Kerberos network?

  23. What is the command to create a KDC database?

  24. What command can be run on a KDC server to cause it to generate a TGT?

  25. What two services does the text mention in the first step of installing a KDC server or client?