|
|
LUX 263 - Linux System Administration III
Review for the Third Test
The following questions are provided to help you study for the third
test. Do not expect to see these exact questions on the test.
- If a server becomes unavailable in a network that uses iptables, what
should be done with regard to iptables?
- If a server becomes unavailable in a network that uses firewalld,
what should be done with regard to firewalld? What optional thing may
be done instead or as well?
- What is the command line interface for iptables? What is the GUI for
it?
- What is the command line interface for firewalld? What is the GUI
for it?
- With regard to the two interfaces for firewalld, which did the text
regard as being more granular?
- What is the effect on network connections when iptables rule tables
are reloaded?
- What is the netfilter service?
- In what space does the netfilter service run? In what space do the
four firewall management interfaces run?
- If we want to make a change to firewalld that will take effect now,
and be in effect after the next reboot, what should we do?
- What is the difference between the drop and block actions taken by
firewalld in zones that have those two types?
- What three services are typically allowed in a Public zone?
- What is the common description for what happens to packets in Work,
Home, and Internal zones?
- What kind of information is kept in a lockdown whitelist document?
- What state should firewalld be put into when there is an ongoing external
attack?
- What is an advantage to using the command line interface for firewalld?
- What is the difference between stopping a service and masking it?
- In a network that uses Kerberos, what is a realm? What is the key
thing that determines that a realm exists?
- From the point of view of a Kerberos server, what is a principal?
- What are the main contents of a TGT?
- What device issues a TGT?
- How is a TGT encrypted?
- What are the two types of KDC found in a Kerberos network?
- What is the command to create a KDC database?
- What command can be run on a KDC server to cause it to generate a
TGT?
- What two services does the text mention in the first step of installing
a KDC server or client?
|