getcertified4sure.com

RH302 Exam

Actual RH302 practice Reviews & Tips



Top Quality of RH302 exam answers materials and faq for Red Hat certification for consumer, Real Success Guaranteed with Updated RH302 pdf dumps vce Materials. 100% PASS Red Hat Certified Engineer on Redhat Enterprise Linux 5 (Labs) exam Today!

2021 Apr RH302 free question

Q131. CORRECT TEXT

Create the user named eric and deny to interactive login.

Answer and Explanation:

5. useradd eric

6. passwd eric

7. vi /etc/passwd

8. eric:x:505:505::/home/eric:/sbin/nologin

Which shell or program should start at login time is specified in /etc/passwd file. By default Redhat Enterprise Linux assigns the /bin/bash shell to the users. To deny the interactive login, you should write /sbin/nologin or /bin/false instead of login shell.


Q132. CORRECT TEXT

Create the group named sysadmin.

Answer and Explanation:

1. groupadd sysadmin

groupadd command is used to create the group and all group information is stored in /etc/group file.


Q133. CORRECT TEXT

Create the group named training

Answer and Explanation:

2. groupadd training

To create a group we use the groupadd command.

Verify from: cat /etc/group whether group added or not?


Q134. CORRECT TEXT

There are some part-time staff in your office. And you gave the username user9 and user10 to them. Their Office time is 12-2pm on Sunday, Monday and Friday. Configure to login only on their office time.

Answer and Explanation:

1. vi /etc/security/time.conf

login;*;user9|user10;SuMoFri1200-1400

2. vi /etc/pam.d/login

account required pam_time.so

For Time based authentication, we should configured in /etc/security/time.conf

Syntax of /etc/security/time.conf

services;ttys;users;times

services

is a logic list of PAM service names that the rule applies to.

ttys

is a logic list of terminal names that this rule applies to.

users

is a logic list of users to whom this rule applies.

times

the format here is a logic list of day/time-range entries the days are specified by a sequence of two character entries, MoTuSa for example is Monday Tuesday and Saturday. Note that repeated days are unset MoMo = no day, and MoWk = all weekdays bar Monday. The two character combinations accepted are

Mo Tu We Th Fr Sa Su Wk Wd Al

the last two being week-end days and all 7 days of the week respectively. As a final example, AlFr means all days except Friday.

pam_time modules checks the file /etc/security/time.conf for authentication. So, we should call the pam_time modules in /etc/pam.d/login.


Q135. CORRECT TEXT

You are working as a Network Engineer. Due to system processing, you want to limit the number of process to users. If then, configure that user1 and user2 should get one login at a time and all the members of training group can get total 5 logins.

Answer and Explanation:

1. vi /etc/security/limits.conf

user1,user2 - maxlogins 1

@training - maxlogins 5

2. vi /etc/pam.d/system-auth

session required /lib/security/pam_limits.so

To limit the number of process or number of logins, we should configure on /etc/security/limits.conf. First Columns contains the username separated by comma or @group name. Second column either hard or soft limits. Third columns called the item, maxloigns or nproc etc.

To identify the session of users we should call the pam_limits module in /etc/pam.d/system-auth.


Regenerate RH302 exam:

Q136. CORRECT TEXT

Create the user named eric but eric should not belong to the sysadmin group.

Answer and Explanation:

1. useradd eric

Very tricky question given to you that this user should not belongs to sysadmin group.


Q137. CORRECT TEXT

Raw (Model) printer named printer1 is installed and shared on 192.168.0.254. You should install the shared printer on your PC to connect shared printer using IPP Protocols.

Answer and Explanation:

IPP( Internet Printing Protocol), allows administrator to manage printer through browser so CUPS is called Internet Printing Protocol based on HTTP. We can Install the printer either through:

system-confing-printer tool or through Browser.

1. Open the browser and Type on address: http://localhost:631 àCUPS (Common Unix Printing System) used the IPP protocol. CUPS use the 631 port.

2. Click on Manage Printer.

3. Click on Add Printer.

4. Type Printer name, Location, Description.

5. Select Device for bb. (Select IPP).

6. Device URL: ipp://192.168.0.254/ipp/ queue name àSame printer name of shared printer.

7. Select Model/Driver RAW printer.

8. service cups restart


Q138. CORRECT TEXT

Create the group named sysusers.

Answer and Explanation:

1. groupadd sysusers

groupadd command is used to create the group and all group information is stored in /etc/group file.


Q139. CORRECT TEXT

Port 8080

Configure the squid server to allow the Local Domain and deny to my133t.org domain.

Answer and Explanation:

At exam Lab example.com domain resides on 172.24.0.0/16 Network and my133t.org resides on 172.25.0.0/16 Network.

1. vi /etc/squid/squid.conf

#detault:

http_port 8080

#Recommended minimum configuration:

# Near the src acl src section

acl allownet src 172.24.0.0/255.255.0.0

acl denynet src 172.25.0.0/255.255.0.0

#Default:

# http_access deny all

#Under Here

http_access allow allownet

http_access deny denynet

2. service squid start

3. chkconfig squid on

squid is a proxy caching server, using squid we can share the internet, block the internet, to certain network. First we should define the port for squid, the standard port for squid is 3128. We can run squid on different port by specifying http_port portnumber.


Q140. CORRECT TEXT

You are the administrator of example.com domain. Configure to deny local login to all normal users on your domain server. As well as allow to root login only on First Terminal.

Answer and Explanation:

1. touch /etc/nologin

2. vi /etc/securetty

comment all available terminall then first.

If /etc/nologin file is created, then pam modules pan_nologin deny to all non-root users to login locally.

/etc/pam.d/login file calls the module.

#%PAM-1.0

auth required pam_securetty.so

auth required pam_stack.so service=system-auth

auth required pam_nologin.so

account required pam_stack.so service=system-auth

password required pam_stack.so service=system-auth

# pam_selinux.so close should be the first session rule

session required pam_selinux.so close

session required pam_stack.so service=system-auth

session optional pam_console.so

# pam_selinux.so open should be the last session rule

session required pam_selinux.so multiple open

pam_securetty modules checks the /etc/securetty file, which terminal are available to root. If terminal is not available in this file then pam_securetty module deny to login on unavailable terminal to root user.


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.