Which of the following DNS records could be a glue record?
Correct Answer: C
Question 17
What configuration directive of the Apache HTTPD server defines where log files are stored? (Specify ONE of the directives without any other options.)
Correct Answer:
ErrorLog Explanation: The ErrorLog directive of the Apache HTTPD server defines the location and name of the file where the server will log any errors it encounters. The default value of this directive is logs/error_log, which means that the error log file will be stored in the logs subdirectory of the server root directory. The ErrorLog directive can also accept a filename relative to the server root, an absolute filename, or a pipe to a program that will handle the logging. For example, ErrorLog logs/my_error_log will store the error log file in the logs subdirectory with the name my_error_log, ErrorLog /var/log/httpd/error_log will store the error log file in the /var/log/httpd directory with the name error_log, and ErrorLog "|bin/rotatelogs logs/error_log 86400" will pipe the error log to the rotatelogs program that will rotate the log file every 86400 seconds. References: Log Files - Apache HTTP Server Version 2.4, Directive Quick Reference - Apache HTTP Server Version 2.4, How do I find Apache http server log files? - Code A Site Blog, mod_log_config - Apache HTTP Server Version 2.2
Question 18
How must Samba be configured such that it can check CIFS passwords against those found in /etc/passwd and /etc/shadow?
Correct Answer: D
Explanation Samba cannot use /etc/passwd and /etc/shadow directly because they store passwords in a different format than CIFS. CIFS passwords are encrypted using a one-way hash function, while Unix passwords are encrypted using a two-way cipher. Therefore, Samba needs a separate password file that stores the CIFS passwords in a compatible format. This file is usually called smbpasswd and can be created or updated using the smbpasswd command123 References: Chapter 9. Users and Security - Samba smbpasswd - Samba Chapter 20. samba authentication - linux-training.be Chapter 9. Users and Security - Samba3 Chapter 9. Users and Security - Samba
Question 19
Which of the following lines is valid in a configuration file in /etc/pam.d/?
Correct Answer: A
Explanation The line A is valid in a configuration file in /etc/pam.d/ because it follows the correct syntax and semantics of a PAM configuration file. The syntax of a PAM configuration file is: module_interface control_flag module_name module_arguments The module_interface specifies the type of authentication action that the module can perform. There are four types of module interface: auth, account, password, and session. The control_flag specifies how important the success or failure of the module is to the overall authentication process. There are four types of control flag: required, requisite, sufficient, and optional. The module_name specifies the name of the library that contains the module. The module_arguments are optional parameters that can modify the behavior of the module. The line A has the following components: module_interface: auth, which means the module is used for user authentication. control_flag: required, which means the module must succeed for authentication to continue. If the module fails, the failure is recorded and the rest of the modules are executed. module_name: pam_unix.so, which means the module is the standard Unix authentication module that verifies the user's password against the /etc/passwd and /etc/shadow files. module_arguments: try_first_pass nullok, which means the module tries to use the password that was previously entered by the user (if any), and allows users with empty passwords to log in. The line B is invalid because it has the wrong order of the fields. The control_flag should come before the module_name, not after. The line C is invalid because it uses parentheses and colons instead of spaces to separate the fields. The line D is invalid because it has the wrong syntax for the control_flag. The control_flag should be a single word, not a word in parentheses.
Question 20
Which of the following actions synchronizes UNIX passwords with the Samba passwords when the encrypted Samba password is changed using smbpasswd?
Correct Answer: D
Explanation This option enables Samba to synchronize the UNIX password with the SMB password when the encrypted SMB password in the passdb is changed using smbpasswd. This means that the user only needs to change their password once, and both the UNIX and SMB passwords will be updated. Samba will use the passwd program specified by the passwd program option to change the UNIX password. Samba will also follow the passwd chat option to communicate with the passwd program. The other options are either invalid or irrelevant for this question. References: 1, 2, 3
