EX300 : Red Hat Certified Engineer - RHCE Exam

EX300 Dumps
EX300 Braindumps
EX300 Real Questions
EX300 Practice Test
EX300 Actual Questions


Redhat
EX300
Red Hat Certified Engineer - RHCE
https://killexams.com/pass4sure/exam-detail/EX300

Question #29 Section 2
Create a Shell script /root/program:
The shell script will come back to "user" parameter when you are entering "kernel" parameter.
The shell script will come back to "kernel" when you are entering "user" parameter.
It will output the standard error when this script "usage:/root/program kernel|user" don’t input any parameter or the parameter you
inputted is entered as the requirements.
Answer: See Explanation
[root@server1 virtual]# cat /root/program
#!/bin/bash param1="$1"
if [ "$param1" == "kernel" ]; then echo "user"
elif [ "$param1" == "user" ]; then echo "kernel" else
echo "usage:/root/program kernel|user" fi
[root@server1 ~]# chmod +x /root/program
Question #30 Section 2
Given the kernel of a permanent kernel parameters: sysctl=1.
It can be shown on cmdline after restarting the system.
Kernel of /boot/grub/grub.conf should be added finally, as:
Answer: See Explanation
Kernel of /boot/grub/grub.conf should be added finally, as:
kernel /vmlinuz-2.6.32-279.1.1.el6.x86_64 ro root=/dev/mapper/vgsrv-root rd_LVM_LV=vgsrv/root rd_NO_LUKS
LANG=en_US.UTF-8 -
rd_LVM_LV=vgsrv/swap rd_NO_MD
SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYTABLE=us rd_NO_DM rhgb quiet rhgb quiet sysctl=1
KEYBOARDTYPE=pc
Question #31 Section 2
Forbidden the Mary user configuration tasks in your system.
Answer: See Explanation
Modify the /etc/cron.deny, add:
[root@server1 ~]# cat /etc/cron.deny mary
Conclusions:
1. I find that it is common to add various service access limits in the exam RHCE. The exercises like: require one network segment
can be accessed another network segments can not be accessed, the following are some conclusions for various service:
tcp_wrappers:/etc/hosts.allow,/etc/hosts.deny tcp_wrappers can filter the TCPs accessing service. TCP whether has the filtering
function which depends on this service whether use the function library of tcp_wrappers, or this service whether has the xinetd
process of starting function of tcp_wrappers. tcp_wrapperss main configuration file is /etc/hosts.allow,/etc/ hosts.deny.
And the priority of the documents in hosts. allow is higher than hosts. deny. Visit will be passed if no match was found. sshd,vsftpd
can use the filtering service of tcp_wrappers.
Configuration example:
150.203.6.66
sshd:.example.com 192.168.0. 192.168.0.0/255.255.255.0 150.203. EXCEPT
Notice:
The two configuration files syntax can refer to hosts_access(5) and hosts_options(5) sshd_config
There are four parameters in this configuration file: DenyUsers, AllowUsers, DenyGroups, AllowGroups, they are used to limit
some users or user groups to proceed Remote Login through the SSH. These parameters priority level is DenyUsers->AllowUsers-
>DenyGroups->AllowGroups Configuration example:
AllowUsers tim rain@192.168.1.121 kim@*.example.com
httpd Service
Through the /etc/httpd/conf/httpd.conf in parameters, can add to control the url access. Just as:

DocumentRoot /var/http/virtual -
ServerName www1.example.com -
Options Indexes MultiViews FollowSymlinks order deny,allow deny from all allow from
192.168.0.


Notice:
So pay attention, denys and allows priority level in order deny,allow is: the backer has the higher priority level. But here, allows
priority has a higher priority level.
nfs Service
nfs service directly control the visits through file /etc/exports, just as:
/common *.example.com(rw,sync) 192.168.0.0/24(ro,sync)
samba Service
Parameter hosts allow in /etc/samba/smb.conf which is used as Access Control,just as: hosts allow = 192.168.0.
192.168.1.0/255.255.255.0 .example.com
2. Paying attention to use Mount parameters: _netdev,defaults when you are mounting ISCSI disk.
3. Stop the NetworkManager
/etc/init.d/NetworkManager stop
chkconfig NetworkManager off
5. When you are deploying ifcfg-ethX, add parameters:
PEERDNS=no -
6. Empty the firewall in RHCSA, RHCE:
iptables -F
iptables -X
iptables -Z
/etc/init.d/iptables save
7. Narrow lv steps:
1.umount /dev/mapper/lv
2.e2fsck -f /dev/mapper/lv
3.resize2fs /dev/mapper/lv 100M
4.lvreduce -L 50M /dev/mapper/lv
5.mount -a
8. Mount the using command - swap which is newly added in /etc/fstab
9. If Verification is not passed when you are installing software, can import public key: rpm import /etc/pki/rpm/release and so on.
In yum.repo, you also can deploy gpgkey, for example, gpgkey=/etc/pki/rpm/release
10. When you are using "Find" command to search and keep these files, paying attention to use cp -a to copy files if you use user
name and authority as your searching methods.
Question #32 Section 2
Please set the selinux status as enforcing.
Answer: See Explanation
# getenforce 1
# vim /etc/sysconfig/selinux
SELINUX=enforcing
Question #33 Section 2
Please open the ip_forward, and take effect permanently.
Answer: See Explanation
# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
(takes effect immediately)
# sysctl -w
If no "sysctl.conf" option, use these commands:
# sysctl -a |grep net.ipv4
# sysctl -P net.ipv4.ip_forward = 1
# sysctl -w
Question #34 Section 2
Configure ssh to allow user harry to access, reject the domain t3gg.com (172.25.0.0/16) to access.
Answer: See Explanation
# yum install -y sshd
# chkconfig sshd on
# vim /etc/hosts.deny
sshd: 172.25.0.0/16
# service sshd restart
Use iptables:
# chkconfig iptables on
# iptables -F
# iptables -X
# iptables -Z
# iptables -nvL
# iptables -A INPUT -s 172.25.0.0/16 -p tcp --dport 22 -j REJECT
# services iptables save
# iptables -nvL
check port)
# cat /etc/services (
Question #35 Section 2
Configure the ftp to allow anonymously download the directory /var/ftp/pub, and reject the domain t3gg.com to access.
Answer: See Explanation
# yum install -y vsftpd
# chkconfig vsftpd on
# services vsftpd start
# vim /etc/hosts.deny
vsftpd: 172.25.0.0/16
OR -
# iptables -A INPUT -s 172.25.0.0/16 -p tcp -dport 20:21 -j REJECT
# services iptables save
Question #36 Section 2
Shutdown the /root/cdrom.iso under /opt/data, and set as boot automatically mount.
Answer: See Explanation
# cd /opt/
# mkdir data
# mount -t iso9660 -o loop /root/cdrom.iso /opt/data
# vim /etc/fstab
/root/cdrom.iso /opt/data iso9660 defaults,loop 0 0
# mount -a
# mount
vi /etc/fstab
192.168.0.254:/data / common nfs defaults 0 0
reboot the system.

User: Tatyana***** The platform was a pleasing platform for guidance, and taking the practice test there gave me the necessary level of guidance to score well on the exam. I enjoyed the way I got things done in a thrilling manner, and with their help, I had been able to develop well within life. It made my practice a great deal less difficult, and I recommend the platform to anyone in need of a reliable exam preparation platform.

User: Eugene***** Thanks to Killexams.com, I was able to pass my ex300 exam with high marks. I registered with them each time, and their question bank helped me score better. It is great to have such support for exams. Thank you to the team at Killexams.com.

User: Alice***** Choosing Killexams.com was the best decision I made after deciding to take the EX300 exam. The questions and styles are so well-designed that they helped me increase my knowledge and skills by the time I reached the final simulation exam. I appreciate their efforts, and I am truly thankful for their support in helping me pass the exam. Keep up the good work, Killexams.com!

User: Samuel***** I wholeheartedly recommend killexams.com to anyone who wants to excel in the ex300 exam. Their study guide helped me score an 89%, and I was extremely pleased with the results. I realized that extensive memorization was not the only solution to success in exams after using the killexams.com practice tests to prepare for my ex300 exam. I am incredibly satisfied with my performance.

User: Leonardo***** I would like to express my gratitude to killexams.com for providing the best practice tests for the ex300 exam. The questions were real and accurate, and I found this exam preparation guide to be beyond my expectations. I have already recommended this site to my colleagues who passed the ex300 exam, and I highly recommend it to anyone looking for dependable exam practice tests.

---