Pass4sure RH302 Questions are updated and all RH302 answers are verified by experts. Once you have completely prepared with our RH302 exam prep kits you will be ready for the real RH302 exam without a problem. We have Update Red Hat RH302 dumps study guide. PASSED RH302 First attempt! Here What I Did.
Q91. CORRECT TEXT
Add a user named user4 and make primarily belongs to training group. As well account should expire on 30 days from today.
Answer and Explanation:
1. useradd username
2. passwd username
3. usermod -e "date"
example: usermod -e "12 Feb 2006" user4
Verify: chage -l user4
Q92. CORRECT TEXT
You are the administrator of example.com domain. Configure to deny local login to all normal users on your domain server. As well as allow to root login only on First Terminal.
Answer and Explanation:
1. touch /etc/nologin
2. vi /etc/securetty
comment all available terminall then first.
If /etc/nologin file is created, then pam modules pan_nologin deny to all non-root users to login locally.
/etc/pam.d/login file calls the module.
#%PAM-1.0
auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_stack.so service=system-auth
session optional pam_console.so
# pam_selinux.so open should be the last session rule
session required pam_selinux.so multiple open
pam_securetty modules checks the /etc/securetty file, which terminal are available to root. If terminal is not available in this file then pam_securetty module deny to login on unavailable terminal to root user.
Q93. CORRECT TEXT
Your System is going to use as a Router for two networks. One Network is 192.168.0.0/24 and Another Network is 192.168.1.0/24. Both network's IP address has assigned. How will you forward the packets from one network to another network?
Answer and Explanation:
1. echo "1" >/proc/sys/net/ipv4/ip_forward
2. vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
If you want to use the Linux System as a Router to make communication between different networks, you need enable the IP forwarding. To enable on running session just set value 1 to /proc/sys/net/ipv4/ip_forward. As well as automatically turn on the IP forwarding features on next boot set on /etc/sysctl.conf file.
Q94. CORRECT TEXT
Make Secondary belongs the jeff and marion users on sysusers group. But harold user should not belongs to sysusers group.
Answer and Explanation:
1. usermod -G sysusers jeff
2. usermod -G sysuser marion
3. Verify by reading /etc/group file
Using usermod command we can make user belongs to different group. There are two types of group one primary and another is secondary. Primary group can be only one but user can belongs to more than one group as secondary.
usermod -g groupname username à To change the primary group of the user
usermod -G groupname username à To make user belongs to secondary group.
Q95. CORRECT TEXT
If any mail coming from outside of the local LAN block all mails.
Answer and Explanation:
Outside the LAN means my133t.org. All host on exam on example.com domain and outside domain means cracker.org.
To block the mail coming from cracker.org
1. vi /etc/mail/access
@my133t.org REJECT
2. service sendmail start | restart
3. chkconfig sendmail on
Q96. CORRECT TEXT
Install the Cron Schedule for david user to display "Hello" on daily 5:30.
Answer and Explanation:
Login as a root usercat >schedule.txt
30 05 * * * /bin/echo "Hello"
3. crontab -u david schedule.txt
4. service crond restart
The cron system is essentially a smart alarm clock. When the alarm sounds, Linux runs the commands of your choice automatically. You can set the alarm clock to run at all sorts of regular time intervals. Alternatively, the at system allows you to run the command of your choice once, at a specified time in the future.
Red Hat configured the cron daemon, crond. By default, it checks a series of directories for jobs to run, every minute of every hour of every day. The crond checks the /var/spool/cron directory for jobs by user. It also checks for scheduled jobs for the computer under /etc/crontab and in the /etc/cron.d directory.
Here is the format of a line in crontab. Each of these columns is explained in more detail:
#minute, hour, day of month, month, day of week, command
* * * * * command
Q97. CORRECT TEXT
Install the dialog-*
Answer and Explanation:
Questions asking you to install the dialog package from the server. In your Lab FTP server as well as NFS server are configured. You can install either through FTP or NFS.
1. Just Login to server1.example.com through FTP: ftp server1.example.com
2. Enter to pub directory: cd pub
3. Enter to RedHat/RPMS: cd RedHat/RPMS
4. Download the Package: mget dialog-*
5. Logout from the FTP server: bye
6. Install the package: rpm -ivh dialog-*
7. Verify the package either installed or not: rpm -q dialog
Q98. CORRECT TEXT
Create the user named eric and deny to interactive login.
Answer and Explanation:
1. useradd eric
2. passwd eric
3. vi /etc/passwd
4. eric:x:505:505::/home/eric:/sbin/nologin
Which shell or program should start at login time is specified in /etc/passwd file. By default Redhat Enterprise Linux assigns the /bin/bash shell to the users. To deny the interactive login, you should write /sbin/nologin or /bin/false instead of login shell.
Q99. CORRECT TEXT
Share the /data directory only to example.com members. These hosts should get read and write access on shared directory.
Answer and Explanation:
1. vi /etc/exports
/data *.example.com(rw,sync)
2. service nfs start
3. service portmap restart
4. chkconfig nfs on
5. chkconfig portmap on
In Linux to share the data we use the /etc/exports file. Pattern is:
Path client(permission)
Shared Directory Path, Client can be single host or domain name or ip address. Permission should specify without space with client lists in parentheses.
Q100. CORRECT TEXT
You have a domain in your LAN named example.com and cracker.org. Allow the
- Allow the FTP connection only from local domain.
- Deny the FTP connection from cracker.org
Answer and Explanation:
1. vi /etc/hosts.deny
vsftpd:ALL EXCEPT .example.com
or
1. vi /etc/hosts.deny
vsftpd:ALL
2. vi /etc/hosts.allow
vsftpd:.example.com
We can secure the services using tcp_wrappers. There are main two files, /etc/hosts.allow and /etc/hosts.deny.
There will be three stage access checking
- Is access explicitly permitted? Means permitted from /etc/hosts.allow?
- Otherwise, Is access explicitly denied? Means denied from /etc/hosts.deny?
- Otherwise, by default permit access if neither condition matched.
To deny the services we can configure /etc/hosts.deny file using ALL and EXCEPT operation.
Pattern of /etc/hosts.allow and /etc/hosts.deny file is:
Demon_list:client_list:options
In Client list can be either domain name or IP address.