201-450: LPIC-2 Exam 201 (part 1 of 2)
Linux examens boekt u bij Tailor iT Training. Wij bieden een ruime diversiteit van Linux examens, certificeringen en trainingen op…
Bekijk training
202-450: LPIC-2 Exam 202 (part 2 of 2)
Dit is een verplicht examen voor de LPI-certificering Niveau 2. Het behandelt geavanceerde vaardigheden voor de Linux-professional die in alle Linux-distributies voorkomen.
Inhoud
Bijbehorende trainingen
Extra informatie
Inhoud
Topic 208: Web Services
208.1 Implementing a web server
Weight: 3
Description:
Candidates should be able to install and configure a web server. This objective includes monitoring the server’s load and performance, restricting client user access, configuring support for scripting languages as modules and setting up client user authentication. Also included is configuring server options to restrict usage of resources.
Key Knowledge Areas
• Apache 2.x configuration files, terms and utilities
• Apache log files configuration and content
• Access restriction methods and files
• mod_perl and PHP configuration
• Client user authentication files and utilities
• Configuration of maximum requests, minimum and maximim servers and clients
208.2 Maintaining a web server
Weight: 2
Description:
Candidates should be able to configure a web server to use virtual hosts, Secure Sockets Layer (SSL) and customise file access.
Key Knowledge Areas
• SSL configuration files, tools and utilities
• SSL certificate handling
• Apache 2.x virtual host implementation (with and without dedicated IP addresses)
• Using redirect statements in Apache’s configuration files to customise file access
208.3 Implementing a proxy server
Weight: 2
Description:
Candidates should be able to install and configure a proxy server, including access policies, authentication and resource usage.
Key Knowledge Areas
• Squid 2.x configuration files, terms and utilities
• Access restriction methods
• Client user authentication methods
• Layout and content of ACL in the Squid configuration files
Topic 209: File Sharing
209.1 SAMBA Server Configuration
Weight: 4
Description:
Candidates should be able to set up a SAMBA server for various clients. This objective includes setting up Samba for login clients and setting up the workgroup in which a server participates and defining shared directories and printers. Also covered is a configuring a Linux client to use a Samba server. Troubleshooting installations is also tested.
Key Knowledge Areas
• Samba 3 documentation
• Samba configuration files
• Samba tools and utilities
• Mounting Samba shares on Linux
• Samba daemons
• Mapping Windows usernames to Linux usernames
• User-Level and Share-Level security
209.2 NFS Server Configuration
Weight: 4
Description:
Candidates should be able to export filesystems using NFS. This objective includes access restrictions, mounting an NFS filesystem on a client and securing NFS.
Key Knowledge Areas
• NFS configuration files
• NFS tools and utilities
• Access restrictions to certain hosts and/or subnets
• Mount options on server and client
• tcpwrappers
Topic 210: Network Client Management
210.1 DHCP Configuration
Weight: 2
Description:
Candidates should be able to configure a DHCP server. This objective includes setting default and per client options, adding static hosts and BOOTP hosts. Also included is configuring a DHCP relay agent and maintaining the DHCP server.
Key Knowledge Areas
• DHCP configuration files, terms and utilities
• Subnet and dynamically-allocated range setup
210.2 PAM authentication
Weight: 3
Description: The candidate should be able to configure PAM to support authentication using various available methods.
Key Knowledge Areas
• PAM configuration files, terms and utilities
• passwd and shadow passwords
210.3 LDAP client usage
Weight: 2
Description:
Candidates should be able to perform queries and updates to an LDAP server. Also included is importing and adding items, as well as adding and managing users.
Key Knowledge Areas
• LDAP utilities for data management and queries
• Change user passwords
• Querying the LDAP directory
Topic 211: E-mail Services
211.1 Using e-mail servers
Weight: 3
Description:
Candidates should be able to manage an e-mail server, including the configuration of e-mail aliases, e-mail quotas and virtual e-mail domains. This objective includes configuring internal e-mail relays and monitoring e-mail servers.
Key Knowledge Areas
• Configuration files for postfix
• Basic knowledge of the SMTP protocol, sendmail, and exim
211.2 Managing Local E-mail Delivery
Weight: 2
Description:
Candidates should be able to implement client e-mail management software to filter, sort and monitor incoming user e-mail.
Key Knowledge Areas
• procmail configuration files, tools and utilities
• Usage of procmail on both server and client side
211.3 Managing Remote E-mail Delivery
Weight: 2
Description: Candidates should be able to install and configure POP and IMAP daemons.
Key Knowledge Areas
• Courier IMAP and Courier POP configuration
• Dovecot configuration
Topic 212: System Security
212.1 Configuring a router
Weight: 3
Description:
Candidates should be able to configure a system to perform network address translation (NAT, IP masquerading) and state its significance in protecting a network. This objective includes configuring port redirection, managing filter rules and averting attacks.
Key Knowledge Areas
• iptables configuration files, tools and utilities
• Tools, commands and utilities to manage routing tables.
• Private address ranges
• Port redirection and IP forwarding
• List and write filtering and rules that accept or block datagrams based on source or
destination protocol, port and address
• Save and reload filtering configurations
212.2 Securing FTP servers
Weight: 2
Description:
Candidates should be able to configure an FTP server for anonymous downloads and uploads. This objective includes precautions to be taken if anonymous uploads are permitted and configuring user access.
Key Knowledge Areas
• Configuration files, tools and utilities for Pure-FTPd and vsftpd
• Awareness of ProFTPd
• Understanding of passive vs. active FTP connections
212.3 Secure Shell (SSH)
Weight: 2
Description:
Candidates should be able to configure and secure an SSH daemon. This objective includes managing keys and configuring SSH for users. Candidates should also be able to forward an application protocol over SSH and manage the SSH login.
Key Knowledge Areas
• OpenSSH configuration files, tools and utilities
• Login restrictions for the superuser and the normal users
• Managing and using server and client keys to login with and without password
• Usage of XWindow and other application protocols through SSH tunnels
• Configuration of ssh-agent
• Usage of multiple connections from multiple hosts to guard against loss of connection to
remote host following configuration changes
212.4 TCP Wrapper
Weight: 1
Description:
Candidates should be able to configure TCP Wrapper to allow connections to specified servers only from certain hosts or subnets.
Key Knowledge Areas
• TCP Wrapper configuration files, tools and utilities
• inetd configuration files, tools and utilities
212.5 Security Tasks
Weight: 3
Description:
Candidates should be able to receive security alerts from various sources, install, configure and run intrusion detection systems and apply security patches and bugfixes.
Key Knowledge Areas
• Tools and utilities to scan and test ports on a server
• Locations and organisations that report security alerts as Bugtraq, CERT, CIAC or other
sources
• Tools and utilities to implement an intrusion detection system (IDS)
• Awareness of OpenVAS?
Topic 213: Troubleshooting
213.1 Identifying boot stages and troubleshooting bootloaders
Weight: 4
Description:
Candidates should be able to determine the cause of errors in loading and usage of bootloaders. GRUB and LILO are the bootloaders of interest.
Key Knowledge Areas
• boot loader start and hand off to kernel
• kernel loading
• hardware initialisation and setup
• daemon/service initialisation and setup
• Know the different bootloader install locations on a hard disk or removable device
• Overwriting standard bootloader options and using bootloader shells
213.2 General troubleshooting
Weight: 5
Description:
Candidates should be able to identify and correct common boot and run time issues.
Key Knowledge Areas
• /proc filesystem
• Various system and daemon log files
• Content of /, /boot , and /lib/modules
• Screen output during bootup
• Kernel syslog entries in system logs (if entry is able to be gained)
• Tools and utilities to analyse information about the used hardware
• Tools and utilities to trace software and their system and library calls
213.3 Troubleshooting system resources
Weight: 5
Description:
Candidates should be able to identify, diagnose and repair local system issues when using software from the command line.
Key Knowledge Areas
• Core system variables
• The contents of:
o /etc/profile && /etc/profile.d/
o /etc/init.d/
o /etc/rc.*
o /etc/sysctl.conf
o /etc/bashrc
o /etc/ld.so.conf
o or other appropriate global shell configuration files
• Any standard editor
• Standard tools, utilites and commands to manipulate the above files and variables
213.4 Troubleshooting environment configurations
Weight: 5
Description:
Candidates should be able to identify common local system and user environment configuration issues and common repair techniques.
Key Knowledge Areas
• Core system variables
• init configuration files
• init start process
• cron configuration files
• Login process
• User-password storage files
• Determine user group associations
• SHELL configuration files of bash
• Analysing which processes or daemons are running
Bijbehorende trainingen
Extra informatie
Dit is een verplicht examen voor de LPI-certificering Niveau 2. Het behandelt geavanceerde vaardigheden voor de Linux-professional die in alle Linux-distributies voorkomen.
Locaties
Meer weten over dit examen of advies? Bel met onze opleidingsadviseurs 085 02 01 070 of gebruik het contactformulier.
Details
Examen ID: 202-450
