All Flashcards
[Network]
What is a wildcard certificate?
a type of SSL/TLS certificate (using a ‘*’) that secures a domain and all of its subdomains with a single certificate.
[Linux]
What commands do you use to change file permissions & ownership?
chmod (for permissions)
& chown (for ownership)
[Ansible]
What flag limits the (ansible) playbook?
-l
[Ansible]
How to run a YAML file on all host in stage inventory?
-l [specify inventory file]
[Ansible]
Whats the name of the term/condition that only allows you to do things when certain conditions are met?
When
[Linux]
How would you start a service in RHEL?
Systemctl start [service name]
[Linux]
How would you install a package?
yum install [package name]
[Ansible]
What is ansible?
& how do you use it?
It is a configuration management tool, that allows us to automate repetitive tasks & ensure consistency across servers.
[Ansible]
[Get clarity on the best way to answer this]
What’s the difference between an ansible playbook, role, and task?
playbook= a YAML file containing plays (a set of tasks) that define the automation steps
role= a structured way to organize playbooks into smaller, reusable & more manageable units (contains task, variables, templates, file and handlers)
task= a single action that can executed on a remote system (example: installing a package or starting a service)
[Ansible]
What flag runs the playbook but doesn’t apply it?
–check
[Ansible]
What flag limits the playbook to a specific host?
-l
[Ansible]
How to run a playbook on all host in stage inventory?
-l [specify host]
[Ansible]
What are the benefits of Ansible’s item potency?
Ansible checks the deltas & will only change things that need to be changed so that you can run it multiple times on the same system.
[Ansible] [Get clarity]
If installing a package & writing a task what Ansible module would you use?
YUM (RHEL7)
or
DNF (RHEL8)
[Ansible] [Need clarity]
What is the general design of a playbook?
Starts with — to indicate a YAML document.
- name: (of play)
host: (target machines or group [from inventory file])
become: (need to run play as root?)vars: (defines reusable names/values)
package_name: (ie: httpd)tasks:
- name: (name of task)
Defines reusable values.
Example:
yaml
Copy
Edit
vars:
package_name: httpd
Tasks (tasks)
The core of the playbook, executing actions using Ansible modules.
Example:
yaml
Copy
Edit
- name: Install Apache
yum:
name: httpd
state: present
Handlers (handlers)
Triggered by tasks (e.g., restart a service after configuration changes).
Example:
yaml
Copy
Edit
handlers:
- name: Restart Apache
systemd:
name: httpd
state: restarted
Roles (roles)
Organizes tasks, variables, templates, and handlers into reusable components.
Conditional Execution (when)
Runs tasks only if conditions are met.
[Ansible]
How does Ansible leverage Jinga2?
for template processing and enables the dynamic insertion of data into files based on variables and logic defined in your playbooks.
[Linux?]
What is SMTP & post-fix?
smtp = (Simple Mail Transfer Protocol) is a set of rules for sending and receiving emails over the internet using TCP & default port 25 or 587 (TLS encrypted)
Post fix = mail server package that linux uses
[Linux]
Where are system log files typically stored for RHEL?
/var/log/messages = general system messages
+journalctl -k (for kernel logs)
/var/log/secure = authentication logs
/var/log/httpd = Apache web server logs (access & error logs)
/var/log/cron = logs of scheduled CRON jobs
[Linux]
What are IP tables?
a tool used to configure & manage packet filtering + network traffic rules.
[AWS]
What is a load balancer? What is it generally used for?
a system/device that manages incoming traffic to multiple servers to ensure performance, reliability & availability. Helps avoid overload on any 1 server.
[Linux]
What command is used patch manually?
$ yum update
[Linux]
What do you use /var/log or /var/log/messages for?
to check system logs
& messages regarding security events, user activities, application logs & kernel messages
ex: use ‘grep’ (search/find), ‘tail’ (last commands used), & ‘less’
[Linux]
What are some big differences between RHEL7 & RHEL8?
1) Package management:
RHEL7 uses YUM
vs
RHEL8 uses DNF (faster & more efficient)
2) Kernal Upgrade:
RHEL7 uses 3.10
vs
RHEL8 uses 4.18 (better hardware support, performance & security)
3) Software Packaging
RHEL7 uses traditional RPM packaging
vs
RHEL8 introduces Application Streams, allowing multiple versions of software to be installed and maintained simultaneously
4) Networking
RHEL7 uses iptables for firewall management
vs
RHEL8 replaces ‘iptables’ with ‘nftables’ (simplifies network filtering) + ‘network-scripts’ is now ‘NetworkManager’
5) Security Enhancements
RHEL8 improves encryption & security compliance (with OpenSSL 1.1.1 + TLS 1.3), system-wide cryptographic policies, & rootless containers (reducing the need for root privileges)
6) Desktop Environment
RHEL7 uses GNOME 3.22 with X.org
vs
RHEL8 uses GNOME 3.28 with Wayland (X.org still available)
7) Storage & Filesystem Changes
RHEL7 supports XFS, ext4 and Brtrf
vs
RHEL8 drops Btrf, (keeps XFS & ext4) + adds Stratis (easier storage management)
8) Containerization changes
RHEL7 uses Docker
vs
RHEL8 drops Docker and uses Podman, Buildah & Skopeo (more secure & rootless containers)
[Troubleshoot]
Steps when dealing with BRUTE FORCE ATTACKS
1) Identify the attack (monitor sys logs (/var/log/auth.log and/or /var/log/secure) use ‘lastb’ to see failed login attempts
2) Block the attacker (using Fail2Ban (for SSH, webservers, etc) or manually by editing ‘iptables’ or ‘firewalld’)
3) Enforce Strong Authentication (disable password authentication in /etc/ssh/sshd_config and use SSH keys instead) and/or enable multi-factor authentication
4) Limit Login Attemps (edit /etc/ssh/sshd_config > MaxAuthTries)
5) Change Default Port (change from port 22 to a no-standard port (ie 2222) in /etc/ssh/sshd_config)
6) Monitor and Audit regularly
-use Intrusion Detections System (IDS) like OSSEC or AIDE
-Regularly check /var/log/auth.log or use journalctl -xe
-automate alerts using Fail2Ban w/ email notifications
7) Use Web Application Firewalls (WAFs)
-use ModSecurity or cloud-based WAFs like Cloudflare or AWS WAF
8) Keep System Updated (via constant patching)
[Interview] What is your experience with GitLab & BitBucket? (enterprise versions of GitHub)
We use it for version control for CI/CD
(version control: a system that helps manage changes to files, code or documents over time. Also allows you to go back to a previous version of a file, see history of changes or collaborate with others w/o overwriting each others work)
[Troubleshoot]
I used Ansible to patch multiple systems but one system could not update the patch. Troubleshoot, why?
I would run the playbook with ‘-vvv’ to identify specific errors.
If the issue is package-related, I would manually check the package manager, ensure disk space is sufficient, and confirm that the repository is accessible.
I would also verify that the playbook logic, conditions, and inventory settings don’t exclude the host.
[Linux]
How do you do rollbacks in RHEL/CentOs?
**From the snapshot
Using package manager:
$ dnf history undo [transaction_id]
[Interview]
What’s your STIG score?
It’s difficult to say because it’s impossible to have a 100% STIG score. We must have some vulnerabilities for some services to run.
[Linux]
What are the three components of the Linux OS?
Kernel (core)
Shell (CLI/User Interface)
File System (how data is stored, organized & accessed)
[Linux]
What is the difference between UNIX and Linux?
Unix: commercial (expensive), primarily used in enterprise environments
Linux: Open source, flexible, widely used (personal to enterprise)
[Linux]
What is bash?
Command-line shell (execute commands directly) & scripting language (for automating task)
ie: ls, cd, grep
[Linux]
What is a CronTab?
Config file used to schedule and automate task
(left to right: minute, hour, day, month, day-of-the-week)
[Linux]
What do you use the root account for?
unrestricted privileges & only critical system admin task.
It is best practice to use ‘sudo’ instead of direct root access
[Troubleshoot]
What would you do if you received an error message that the file system is full?
Check disk usage: $ df -h
Identify large files: $ du -sh /*
Delete or compress unnecessary files: $ rm, journalctl –vacuum-time=7d
Check deleted files still using space: $ lsof | grep deleted
Extend filesystem if necessary: $ lvextend, resizefs
[Linux]
Where is the password file located in linux?
/etc/passwd
OR
(encrypted) /etc/shadow
[Linux]
What is chmod [file/folder]?
Change permissions of [file]
$ chmod [u/g/o + r/w/x] [files/dir]
[Linux]
What is a ext3 file system?
3rd extended file system; slowly being phased out by ext4.
major upgrade over ext2 was JOURNALING, which improved reliability (data integrity) & prevented data corruption during power loss or system crash (fast recovery)
-easily convert ext2 to ext3
-not as scalable as ext4 or XFS
-doesnt handle large files/volumes as well as ext4
[Interview]
What tools would you use for monitoring?
$ htop = CPU, memory, swap usage, running processes
$ vmstat 1 = detailed info about sys performance including virtual memory, processes, CPU activity & disk I/O (updated every second)
$ free -h = display memory usage (RAM & swap: total, used, free, shared, cached)
$ df -h = disk space usage for mounted filesystems
$ du -sh [file/dir] = disk usage of [file/dir]
$ “netstat / ss” -tuln = active network connections, listening ports, network stats
[Interview]
How do you manage disk storage and clean up disk space?
$ df -h = show free disk space on all mounted filesystems
$ du -sh [file/dir] = shows disk usage of [file/dir]
$ yum clean all = cleans package manager cache
$ yum clean packages = removes package cache
$ logrotate = Rotate (& compress) old logs (located in /etc/logrotate.conf)
$ rm /tmp/* = Delete temp files
need yum-utils:
$ package-cleanup –leaves = removes orphaned packages
[Network]
What command would you use to show listening ports?
$ ss -tuln
OR
$ netstat -tuln
How is TomCat implemented?
Is it from source or RPM?
[need to fact check]
I would do it from source, I would unload the package and then specify my Catalina home
[Network]
TCP vs UDP
TCP is a 3 way handshake (ie Rsync)(for task that confirmation)
UDP is a 2 way handshake (ie netstat)(faster, used for streaming/gaming)
[DNS Records]
What is an ‘A record’?
Maps a domain name to an IPv4 address
[DNS Records]
What is a ‘CName record’?
Creates an alias domain that points to another domain
[DNS Records]
What is a ‘PTR record’?
Used for reverse DNS lookups; mapping an IP address to a domain.
[DNS Records]
What is a AAAA (quad-A) record?
Maps a domain name to an IPv6 address
[Interview]
What is a LAMP environment?
a popular open-source software stack used for hosting web applications utilizing Linux, Apache, MySQL & PHP/Python.
[Ansible]
Typically, where is the main playbook stored?
/default
[Ansible]
Where are the variables for /etc/chrony.conf stored?
in main.yaml
[Ansible]
Where are the templates stored?
in /etc/chrony.conf
[Ansible]
What file controls all the configurations?
/main.yaml
[Ansible]
What flag gives an in-depth breakdown of the play/processes being ran?
-v OR -vvv (verbose)
[Linux]
Difference between Linux and Unix
UNIX is proprietary & commercial while Linux is free & open source
[Linux]
What are the different files types in Linux?
files
directories
special files (represent devices ie /dev/sda)
Symbolic links (point to other files)
FIFO files [aka pipes] used for inter-process communication)
[Linux]
How do you check CPU usage?
$ top or $ htop
[Linux]
What are the different run levels in Linux?
0 = HALT (shuts down the system)
1 = Single-user mode (for maintenance)
2 = Multi-user mode w/o networking
3 = Multi-user mode WITH networking
4 = unused/customizable
5 = Multi-user w/ GUI
6 = REBOOT
[Linux]
What command to check current runlevel?
$ runlevel
[Linux]
What command to change runlevel?
$ init [number] = switch to runlevel [number]
[Network]
What command to check what ports are open?
$ netstat -tulnp
$ ss -tulnp
[Linux]
How to create, delete and assign password for users in Linux?
$ useradd [username]
$ userdel [username]
$ passwd [username]
[Linux]
What is an inode?
An inode (Index Node) is a data structure used by file systems in Linux to store metadata about a file or directory.
(harddrive identifier)
It contains information such as:
File type, Permissions, Ownership, Size of the file, Timestamps
[Network]
What port does Apache run on?
Does it use TCP or UCP?
http= port 80 / https= port 443
typically uses TCP
[Network]
What port does DNS run on?
Does it use TCP or UCP?
port 53
Both TCP & UCP
[Network]
What port does NFS run on?
Does it use TCP or UCP?
port 2049
Both TCP & UCP
[Network]
What port does SSH run on?
Does it use TCP or UCP?
port 22
[Network]
Where is the config file for SSH?
/etc/ssh/sshd_config
[Linux]
explain hardlink vs softlink
A hard link is a direct reference to the data vs a softlink is a shortcut/reference to another file or directory.
[Linux]
How do you check disk usage?
$ df -h
[Linux]
How do you check memory usage?
$ free -m
[Linux]
How do you check network usage?
$ iftop or $ netstat -tulnp
[Linux]
How do you check Disk I/O usage?
$ iostat
[Linux]
What is SELinux? & its purpose?
a module that increases security by limiting process actions
extra features: Type Enforcement (TE), Role-Based Access Control (RBAC), Multi-Level Security (MLS)
[Linux]
What is fstab?
(File System Table): contains information about disk partitioning & storage devices that should be automatically mounted at boot
-located in /etc/fstab
[Linux]
What are the modes of SELinux?
& how to check current mode
Enforcing, Permissive, & Disabled.
Check by using: $ sestatus
[Linux]
How to change modes in SELinux, temporarily & permanently
Temp: $ setenforce 1 or 0 [1=enforcing, 0=permissive]
Perm: goto /etc/selinux/config change “SELINUX=____” to enforcing, permissive or disabled, then save & reboot.
[Ansible]
Where is the Ansible config file located?
/etc/ansible/ansible.cfg
[Interview]
Tell me about a time when something broke & you had to fix it
personalized answer
[Interview]
What would you do if a server went down?
personalized answer
[Interview]
What are some things you would check if your application went down?
personalized answer
[Interview]
Someone is complaining of a server with full disk space, & when running a df -h says nothing is full. What would you do?
personalized answer
