admin tools Flashcards

Question 1

Q

What tool is used to install software?

Answer

A

rpm - Red hat package manager

Question 2

Q

what web site provides more details about rpm?

Question 3

Q

rpm option for applying upgrades

Answer

A

–upgrade

Question 4

Q

uninstall a software package

Answer

A

rpm –erase

Question 5

Q

find out what is installed

Question 6

Q

find out where a software package is installed

Answer

A

get the full name of the package you are lookng for:

rpm –query –all |grep <searchtoken></searchtoken>

List all the files associated with the package install

rpm -ql rpm -q <name></name>

to get a complete listing of all apps installed

rpm –query –all

Question 7

Q

what command would provide a detailed list of all install applications?

Answer

A

rpm -qig Applications/System

g show all groups for the provided string
i show detailed information about each

Question 8

Q

what tells you the DHCP server being used by a linux workstation?

Answer

A

cat /var/lib/dhclient/dhclient-eth0.leases

Question 9

Q

what command will renew a DHCP lease?

Answer

A

dhclient -r

Question 10

Q

what authentication schemes are available?

Answer

A

using PAM (Pluggable Authentication Modules) the following can be used:

flat files

NIS

LDAP

Samba

Kerberos

Question 11

Q

What are the typical partitions on a linux server?

Answer

A

/ or root

/boot

/usr (program app files)

/home (user docs)

/var (system procs and logs)

/tmp

/swap (virtual memory)

Question 12

Q

how big should the swap partition be?

Answer

A

The swap file for virtual storage should be double the physical memory

Question 13

Q

what partition is /dev/sdb4 ?

Answer

A

the 4th partition on the disk with ID 2 (b)

Question 14

Q

what is used to install or remove applications?

Answer

A

Red Hat Package Manager RPM

Question 15

Q

how do you get a list of configuration files associated with an application?

Answer

A

rpm -qc <name></name>

rpm -qc bash

Question 16

Q

what command will show all apps installed with all details?

Answer

A

rpm -q -i –all

Question 17

Q

how do you get a list of installed shells?

Answer

A

rpm -qa –queryformat ‘%10{name} %20{GROUP}\n’ |grep -i shells

Question 18

Q

what is stored in the passwd file

Answer

A

login

encrypted password

UID

default GID

name

home directory

login shell

Question 19

Q

what appears in the passwd file if shadow passwords are being used?

Answer

A

an x appears in the encrypted password field in /etc/passwd

Question 20

Q

what command is used to change the system run level?

Answer

A

init { 0 1 2 3 4 5 6 }

0 — Halt

1 — Single-user text mode

2 — Multiuser but no NFS

3 — Full multi-user text mode

4 — Not used (user-definable)

5 — Full multi-user with X11

6 — Reboot

Question 21

Q

where are the default environment configuration template files stored?

Answer

A

/etc/skel

Question 22

Q

what file holds a list of available shells?

Answer

A

/etc/shells

Question 23

Q

what are the fields in the shadow file?

Answer

A

Login name

encrypted password

last passwd change

days until change allowed

days before change required

days warning for expire

days before account inactive

days before account disabled

reserved field

Question 24

Q

what are the fields in the group file?

Answer

A

group name

group password
 (optional: if set allows users to join group)

group ID

group members
(comma separated list)

Question 25

Q

what are the user management command line tools?

Answer

A

useradd

userdel

usermod

groupadd

groupdel

groupmod

Question 26

Q

what sh script command is used to process the files of a directory?

Answer

A

assuming the directory name is in the variable $SCRIPTS:

for file in ${SCRIPTS}/* do

 echo ${file}

 blah . . . 

 blah . . .

done

Question 27

Q

what sh command loads the current directory location value into a variable?

Answer

A

SCRIPTS=pwd;export SCRIPTS

Question 28

Q

what file configures dhcp daemon?

Answer

A

/etc/dhcpd.conf

and any other files which the “include” statement specifies

Question 29

Q

what command checks the dhcp configuration file?

Answer

A

/etc/rc.d/init.d/dhcpd configtest

Question 30

Q

what cisco command enables a DHCP helper to allow DHCP requests to pass to the next network?

Answer

A

ip helper-address 123.456.789.1

(the ip address of the DHCP server on the other network)

must be a config entry for the router interface facing the network where the DHCP server is located.

Question 31

Q

where does a DHCP server store information about clients?

Answer

A

/var/lib/dhcpd/dhcpd.leases

Question 32

Q

what does the service command actually do?

Answer

A

it executes the specified service init script from the /etc/init.d directory with the optional action parameter supplied. Such as:

service iscnamed status

Question 33

Q

what command will list all services?

Answer

A

service –status-all

Question 34

Q

where are the service init script stored?

Answer

A

/etc/init.d

Question 35

Q

what command will restart a service?

Answer

A

service <service_script_name> --full-restart</service_script_name>

OR

service <service_script_name> restart</service_script_name>

which will issue a stop and then start command to the service init script

Question 36

Q

what command will show the configured status of a service at each run level?

Answer

A

chkconfig –list

Question 37

Q

what command can change or manage how a service is started?

Answer

A

chkconfig –add <name></name>

chkconfig –del <name></name>

chkconfig <name> (returns true if the service is configured to start in the current runlevel)</name>

Question 38

Q

what is auditd?

Answer

A

a daemon that provides the Linux Auditing System.

It provides kernel-resident logging of system calls and user space tools to collect and view the Linux system logs.

Question 39

Q

what command will show a tree of processes and their children?

Answer

A

pstree -A

Question 40

Q

What command is used to add or remove modules from the kernel?

Question 41

Q

what command will show the modules present in the kernel?

Question 42

Q

what command can be used to copy a file between two hosts?

Question 43

Q

what command can be used to change the current user’s login shell?

Question 44

Q

what command can be used to change a file attributes and do so recursively?

Answer

A

chattr -R

Question 45

Q

what command can be used to split a file into specific sizes?

Question 46

Q

what command can be used to show a file’s classification or type?

Question 47

Q

what command will show a hexidecimal format of a file?

Answer

A

hexdump -C <filename></filename>

Question 48

Q

what command can be used to view the contents of a log file as it grows?

Question 49

Q

where are the PAM modules stored?

Answer

A

/lib/security

Question 50

Q

where are the security files for PAM stored?

Answer

A

/etc/security

Question 51

Q

where are the configuration files stored for PAM?

Answer

A

/etc/pam.d

Question 52

Q

What is contained on each line of a PAM application config file?

Answer

A

module_type (auth, account, session or password)

control_flag (requisite, sufficient, optional)

module_path (usually /lib/security)

Question 53

Q

what are the module_type values for PAM?

Answer

A

auth: prompt for a password
account: determine access based on day, location, console, etc
session: what actions to perform before or after login
password: what module allows users to change passwords

Question 54

Q

what are the control_flag values for PAM?

Answer

A

required: the module must succeed to procede further
requisite: if this fails, nothing else is tried. immediate failure returned
sufficient: if this succeeds, return success if no other requireds
optional: continue checking other modules even if one has failed

Question 55

Q

how do you check the swap space?

Answer

A

swapon -s

will show:

[root@bacall ~]# swapon -s
Filename Type Size Used Priority
/dev/dm-1 partition 16744440 69620 -1

Question 56

Q

how do you prevent login for everyone but root?

Answer

A

the /etc/nologin file is present

Question 57

Q

The PAM configuration files are corrupt and no one can log in. How do you fix it?

Answer

A

reboot in single user mode

in /etc/pam.d/login put the following:

auth required pam_unix.so

account required pam_unix.so

password required pam_unix.so

session required pam_unix.so

Causes PAM to use the /etc/passwd file

Question 58

Q

where does PAM record errors?

Answer

A

/var/log/messages

Question 59

Q

what determines where a machine verifies user authorization?

Answer

A

/etc/nsswitch.conf

passwd: files nis
shadow: files
group: files nis
etc. etc. etc.

Question 60

Q

what commands verify that the local machine is using NIS correctly?

Answer

A

rpcinfo -u localhost ypbind
ypcat passwd

Question 61

Q

what file sets the hostname of the machine?

Answer

A

/etc/sysconfig/network

HOSTNAME=<myname>.ox.com</myname>

and

/etc/hosts

129.77.226.77 viper.ox.com viper

Question 62

Q

where are most RPM package documents stored?

Answer

A

/usr/share/doc

Question 63

Q

what command will search the man pages for a particular topic?

Answer

A

man -f {yourSearchString}

Question 64

Q

when listing contents of the /dev directory, what indicates a block device?

Answer

A

the letter b in the ls -la listing

brw-rw—- 1 root cdrom 11, 0 Jul 2 08:24 sr0

Answer 56

A

chown username.groupname file

use -R to do it recursively through the directories

Answer 57

A

using binary notation 700 will replace all permissions.

using symbolic notation will only modify the permission specified

Answer 58

A

chmod 711 <dirname></dirname>

owner can change anything

group members and world cannot see the files unless they already now the file name

Answer 59

A

ln -s <filename> <newlinkname></newlinkname></filename>

Answer 60

A

RHEL and fedora 99

UBUNTO and SUSE 65534

Answer 61

A

The long descriptive field in the /etc/passwd file normally used to keep the user’s long descriptive name.

Answer 62

A

/etc/rc.d/rc.local

Answer 63

A

Disable swap
 # swapoff -a

resize it
 # lvresize -L +1G /dev/vg0/swap

next, (re)setup swap memory :
 # mkswap /dev/vg0/swap

Now, You can re-enable swap like this:
 # swapon -a

Answer 64

A

dumpe2fs

as in

dumpe2fs /dev/sda1

Answer 65

A

ls -lai filename

Answer 66

A

cat /dev/mounts

Answer 67

A

for file in ls /proc/sys/net/ipv4; do echo $file:cat /proc/sys/net/ipv4/$file; done

Answer 68

A

cat /proc/cpuinfo

Answer 69

A

getsebool -a

to set a value use:

setsebool -P <label> <value></value></label>

-P make permanent for next reboot

Answer 70

A

dd if=/dev/sda2 of=/disk2/backup-sda2.img

Answer 71

A

FIX Tester by Jettek (jettekfix.com)

Multiple simultaneous sessions supported.
Build any FIX message from a template or copy and paste.
Script messages and scenarios.

Reduce errors introduced in new production releases.

Recreate problem scenarios in development and QA environments.

Answer 72

A

config.xml

Answer 73

A

LMA or Local Management Agent daemon

Answer 74

A

config.xml

Answer 75

A

CA Nimsoft Monitor for Application Response Time

Monitor application response times to help determine if a problem affects your entire user community or only a subset.

Create and playback simulated end user behavior for each of your critical applications.

Automatically receive screenshots for any failed playback to provide which component of the application was unavailable

Alert and/or trend on:
Overall application response time
Transactions or steps that make up a response time test

Analyze and visualize the collected response time metrics

Answer 76

A

top

vmstat - virt mem stats

htop - proc viewer

netstat - net connections routing int stats

tcpdump - show eth int stats

wireshark - network snooping

lsof - view open files

iotop -monitor disk io

iostat - storage io stats

Answer 77

A

top

swap: should be 0

%sy lower than cpu core

%us user space

%wa: waiting for IO
adjust BIOS for disk write cache

free -m : cache used can add more to free mem

r key to re-nice priority on user PID
-20 thru 19 lower is higher priority

Answer 78

A

System BIOS checks system. Launches first stage boot loader on MBR

1st stage boot* loader loads GRUB into memory launches
2nd stage boot* loader from the /boot/ partition.

2nd stage boot loader loads kernel into memory, which in turn loads any necessary modules and mounts root partition read-only.

The kernel transfers control of boot process to init

The init program loads all services and user-space tools, mounts all partitions listed in /etc/fstab.

The user is presented with a login screen for the freshly booted Linux system.

Answer 79

A

ethtool eth0

ethtool -S eth0
(detailed display of errors or dropped packets)

mii-tool -v eth0

ifconfig -a

netstat -i

traceroute

Frame errros: defective ethernet device

Carrier Errors: Errors are caused by the NIC card losing its link connection to the hub or switch.

(check duplex)

Answer 80

A

arp -d hostname
remove entry from tables

arp -n or cat /proc/net/arp
list arp table entries

Answer 81

A

22

use telnet <hostname> 22 to test connectivity on port 22</hostname>

Answer 82

A

netstat -na

Answer 83

A

/etc/sysctl.conf

also use sysctl command to make command line changes to devices and kernel

sysctl -A will show all

values also found in /proc/sys/* and /proc/net/*

Answer 84

A

NIC duplex and speed incompatibilities
Network congestion
Poor routing
Bad cabling
Electrical interference
An overloaded server at the remote end of the connection
Misconfigured DNS

Answer 85

A

kill cat /var/run/named/named.pid

Answer 86

A

1 User tools
2 System calls
3 C library calls
4 Device driver information
5 Configuration files
6 Games
7 Packages
8 System tools

Answer 87

A

stat <filename></filename>

Answer 88

A

get the inode number with “ls -li <filename>"</filename>

find it

find / -inum <inodenum> -print</inodenum>

Answer 89

A

Major and Minor numbers

Major number: the device category

Minor Number: minor number shows the instance.

ls -l /dev/sda

brw-r—– 1 root disk 8, 0 2090-09-30 08:18 /dev/sda

Note the b at the beginning of the file’s permissions

8 is the major number,

0 is the minor number.

Answer 90

A

A named pipe

created by mknod command

Answer 91

A

pipe it into xargs as in:

find / -type f -name core | xargs rm

Answer 92

A

S - Sleeping

R - running (using cpu)

D - uninteruptible sleep (io related)

T - debugger trace or has been stopped

Z - zombie
This means either
(1) the parent process has not acknowledged the death of its child using the wait system call; or
(2) the parent was improperly killed, and until the parent is completely killed, the init process cannot kill the child itself. A zombied process usually indicates poorly written software.

< - high priority process

N - low priority task

L - pages in memory are locked

Answer 93

A

kill sends a signal 15 REQUESTING a termination to the process.

kill -9 sends a terse kill command to the OS to completely and abruptly stop the process

Answer 94

A

lsb_release -a

Answer 95

A

sodu - check the sudoers file for permission

su - change to another user id

run the specified user’s login script

root - become the user

Answer 96

A

in the /etc/init.d script for the daemon use;

chkconfig 35 99 01

‘35’ means chkconfig should create start and stop scripts for this daemon in runlevels 3 and 5 in
/etc/rc.d/rc3.d and /etc/rc.d/rc5.d

‘99’ means set the startup priority to 99
and ‘01’ set the stop priority to 01

Answer 97

A

create the script file and use the command:

chkconfig –add <mynewscript></mynewscript>

This will create all the symbolic links for you and place them in the correct directories under
/etc/init.d

Answer 98

A

/.autofsck

the same actions are specified in the /etc/fstab

Answer 99

A

edit the grub menu.lst and add the parameter “single” at the end of the kernel command line

Answer 100

A

init { 0 1 2 3 4 5 6 }

0 — Halt

1 — Single-user text mode

2 — Multiuser but no NFS

3 — Full multi-user text mode

4 — Not used (user-definable)

5 — Full multi-user with X11

6 — Reboot

Answer 101

A

id:runlevels:action:process

as in

id:3:initdefault:

only used by the older init process

newer upstart model uses files in /etc/init

Answer 102

A

if the file exists and your user id is in /etc/cron.allow you are allowed to edit it

if the file exists and you are not present in the file, you are not allowed to edit crontab

if the file exists and your user id is not in /etc/cron.deny you are allowed to use it

if the file exists and your user id is present, you are not allowed to edit the crontab

Answer 103

A

minute hour day month day_of_week command

for example:

0 0, 4, 8, 12, 16, 20 * * * /bin/ping -c 5 serverB

means run /bin/ping every four hours (0, 4, 8, 12, 16, 20)

Answer 104

A

rsyslog

It can act as a drop-in replacement for the more common and traditional sysklog daemon.

Some of the advanced features of rsyslogd include writing logs directly to a configured database (such as an SQL database server on another central machine) and allowing other extensive manipulation of log messages.

Answer 105

A

ifcfg-eth<#>

located in

/etc/sysconfig/network-scripts

Answer 106

A

tcpdump -vnes0 -i eth0 port 67 or port 68

v shows more information about the packet. You can use -vv or -vvv for even more.
n disables name resolution so your not waiting on DNS responses to show the packet.
e shows link layer information (MAC Address)
s sets how much of the packet to see. 0 shows full packet
i sets the interface to use

Answer 107

A

The 4 packets to a successful DHCP

DISCOVER: Client connects to the network and sends out a broadcast discovery looking for its DHCP information.

OFFER: The server offers the DHCP information to the client

REQUEST: The client requests verification of the DHCP information

ACK: The server acknowledges the DHCP request

Answer 108

A

dig +short -x {hostname}.{domain}.com

Answer 109

A

dig +short {hostname}.{domain}.com

Answer 110

A

1) Can you connect?
SELECT * FROM sys.Databases

2) Who is active?
EXEC master.dbo.sp_whoisactive

3) What is in the SQL Error log?
EXEC xp_readerrorlog @1=1
@p2=1

4) Quick Assesment
access?
not available?
performance?

5) Check Windows Event Log
6) Run sp_whoisactive in loop to capture activity
7) run sys.dm_os_wait_stats to see waits since last restart
8) check performance counters

9) check main performance hardware
CPU, memory, network, disk

10) Identify recent changes
query, schema, index infra

Answer 111

A

Check stdout logs for the JVM
Look for stack trace pauses
Overall performance – top
Pstree –l -p -G
Jps –v then jstack <pid> to get thread states Connection leaks to DB (exceeding limits?) Look for SQL hang-ups Check for hung threads ps –auxww Check for messaging problems with corba or jms Kill -3 <pid> for thread (-3 sigquit)</pid></pid>

Answer 112

A

getconf LONG_BIT

will echo either

64

or

32

Answer 113

A

the last command reads the /var/log/wtmp file. This file keeps a record of all login and logout activities including

login time

duration a user stayed logged in

tty where the user session took place.

Answer 114

A

last reboot

Answer 115

A

utmpdump and is executed the following way:

utmpdump /var/log/wtmp

Answer 116

A

The lastb command reports the history of unsuccessful user login attempts by reading the /var/log/btmp file. This file keeps a record of all unsuccessful login attempt activities including

login name

time

the tty where the attempt was made.

Brainscape's Knowledge GenomeTM

admin tools Flashcards

Brainscape's Knowledge Genome^TM