CompTIA CXK0-002 Linux + (2004) Study Tips

Installation

Management

Configuration

  • The hosts.allow file is read first, and then the hosts.deny file. If access is granted to a service by the hosts.allow file, access is granted, and the hosts.deny file is ignored.
  • SFTP is an interactive file transfer command that performs all operations over an encrypted transport.
  • Domain Name System (DNS) is a hierarchical naming system used for locating domain names on private TCP/IP networks and the Internet. It provides a service for mapping DNS domain names to IP addresses and vice versa.
  • Samba is a software package that enables Linux clients to connect to the network resources (such as file shares and printers on a network) with the computers that use the Server Message Block (SMB) protocol.
  • Apache is a Web server based on HTTPd, a free server developed by the National Center for Supercomputing Applications (NCSA).
  • Squid is a high-performance proxy and caching server for Web clients. It supports FTP, Gopher, and HTTP data objects. Squid handles requests in a single non-blocking, I/O-driven process.
  • Sendmail is the most common mail server on the Internet. It is used to send and receive e-mails on a network. Incoming messages (e-mails) received by Sendmail are processed and stored in the /var/spool/mail directory.
  • To enable users to access information from the server through their Web browsers, you will have to configure a Web server on the network.
  • Squid supports SSL, extensive access controls, and full request logging.
  • If a Linux system is configured to use DHCP, the network configuration will be performed at the time of booting.
  • The /var/log/messages file is used by Samba to log startups and shutdowns of it. Generated errors in Samba are logged in /var/log/samba.
  • Class A address has 8-bit of IP address for network and 24-bit for host.
  • Class A IP addresses are assigned to networks with a large number of hosts. Class A allows for 126 networks and 16,777,214 hosts per network.
  • The ROUTE command is used to add route in the route table.
  • The /etc/fstab file contains a list of the file systems to be mounted automatically at startup.
  • The /etc/mtab file is used to display the status of currently-mounted file systems in a Linux computer.
  • The /etc/samba/smb.conf file is used to configure Samba.
  • The BIND DNS server is used on the vast majority of name serving machines on the Internet, providing a robust and stable architecture on top of which an organization’s naming architecture can be built.
  • Linux uses the Pump utility to assign IP addresses automatically to the client computers on a network.
  • Keeping . (dot) in a root’s path is considered to be a major security concern. A hacker can use this place to keep his own version of well-known and highly used commands, such as LS. When the root user will run that command, the changed program will run with privileges of the root user. This can be one of the greatest security risks.

Security

  • The sshd_config file is used to control the behavior of the SSH server.
  • KILL is a command used to terminate a specified process.
  • For VPN connections, Linux uses 3DES encryption.
  • If commands are behaving abnormally, the most likely cause is that the security has been compromised.
  • The switch user (SU) command is used to switch from one user login to another.
  • SUDO is a Unix/Linux-based utility that provides an efficient way to give specific users permission to use specific system commands at the root level of a Linux operating system.
  • If you do not specify any user account with the SU command, the command switches the login for the root user and prompts for the root user password. The -c switch with the SU command passes a single command to the shell. You can use the RM command with the -c option to remove the required files. The -rf switch with the RM command does not confirm the user before file deletion.
  • By default, an application runs with the privileges of the user who runs the application.
  • If an application requires superuser permission to write to other files and other users need to run it, change the application to SUID command.
  • The FIND /-perm -4000 command will search the current directory and its sub-directories for all the files on which SUID has been set.
  • SNORT is an open source network intrusion detection system. The SNORT application analyzes network traffic in realtime mode. It performs packet sniffing, packet logging, protocol analysis, and a content search to detect a variety of potential attacks. The SNORT application does not detect viruses, nor does it scan the hard disk drive.
  • IPTABLES -F deletes (or flushes) every rule in the specified chain. If no chain is specified, it deletes the rules from all chains.
  • The SUM command is used to verify that the MD5 checksum value is the same.
  • When software files are downloaded from the Internet, your first step should be to check the entirety of each file. Most of the Internet sites list a checksum value for a file, which is calculated from the exact file contents. Mostly all checksum values are calculated using the MD5 algorithm.
  • The UMASK command sets initial file permissions when files are created.
  • The “x” character in the second field of the user account record of the /etc/passwd file indicates that the user account is using a shadow password.
  • The password field set to * indicates that the account is disabled.
  • The /etc/shadow file contains the shadowed password entries in Linux.
  • The PWCONV command is used to convert password entries in the /etc/passwd file to shadowed passwords.
  • The MKPASSWD command generates or assigns a random password to a user account in a Linux computer.
  • After enabling shadowed passwords in a Linux server, the passwords are stored in the /etc/shadow file.
  • TCP Wrappers authenticates a request by using the hosts.deny and hosts.allow files, and starts the required server service if the requesting client has the permission. By configuring these two files, you can protect your server from intruders who exploit services that are started with TCP Wrappers.
  • CHROOT runs a command or an interactive shell with a special root directory.
  • The W command displays currently logged-in users and their tasks.

Documentation

  • The /etc/profile file is used to set a computer-wide environment and start-up programs for all users. Each time a user logs on, the computer reads this file.
  • The TOP application is used to display a dynamic real-time view of a running system. It is used to display system summary information as well as a list of the tasks currently being managed by the Linux kernel.
  • To improve the ability to provide user support, you should create a separate directory and store instructions for using all the installed applications in it.
  • Linux Documentation Project is used to store Linux-related documentation. It offers a central source for all types of documents.
  • Information on the root password, system file locations, and shadow file location must never be made public.
  • The documentation of work performed on the Linux servers should be maintained in their respective locations in a file binder.
  • While documenting a server, you should always document the daemon configuration and performance baseline.
  • Log files store errors and warnings generated by a Linux system. In Linux, the SYSLOGD and KLOGD utilities are used for logging errors and debugging messages.
  • The /var/log directory contains the log files in Linux.
  • The time and date of user logins are written in the /var/log/wtmp file. Suspicious activities of users can be tracked down through this file.
  • The kernel and system errors are written in the /var/log/messages file. Administrators should check this file daily for warning messages.
  • The kernel and system errors are written in the /var/log/messages file. Administrators should check this file daily for warning messages.
  • The TAIL command is used to view the last few lines of the log files that store the most recent log entries.
  • The TAIL 35 /var/log/messages command will display the last thirty-five lines of the /var/log/messages log file.
  • The results of the last system boot is written in the /var/log/dmesg file. It stores kernel messages that appear during the boot stage. This file helps in tracking down the boot time problems.
  • The concatenate (CAT) command is used to display or print the contents of a file.
  • The CAT /var/log/messages | MORE command will help display the contents of the file one screen at a time.
  • The GREP command is used to search for a specific pattern of text in a file.
  • The APROPOS command is used to search the Whatis database and display the short descriptions of the specified system command.
  • The manual (MAN) pages contain the syntax, instruction, and information about programs and their options.

Hardware

  • The real time clock uses IRQ 8.
  • After installing the sound card, you restart the computer. Then you find that your another device on the computer has stopped working. This is the symptom of IRQ conflict.
  • COM2 and COM4 serial ports use IRQ 3. COM1 and COM3 serial ports use IRQ 4.
  • The memory mapped to input/output (I/O) adapters is used to specify memory address for peripherals.
  • DMA is used by a hardware device to save time by transferring data to the memory without CPU intervention.
  • Interrupt request (IRQ) is a method through which a device driver requests the microprocessor to provide service.
  • When a request occurs, the microprocessor suspends the current operation and gives control to the device driver associated with the interrupt number issued.
  • COM2 and COM4 use IRQ3 by default.
  • Media Access Control (MAC) address is a numerical identifier that is unique for each network interface card (NIC). MAC addresses are 48-bit values expressed as twelve hexadecimal digits, usually divided into hyphen-separated pairs: for example, FF-00-F8-32-13-19. A MAC address consists of two parts. The first three pairs are collectively known as the Organizationally Unique Identifier (OUI). The remaining part is known as device ID. The OUI is administered by IEEE. MAC addresses are also referred to as hardware addresses, Ethernet addresses, and universally administered addresses (UAAs).
  • The floppy disk controller uses IRQ 6 by default.
  • By default, a serial port device uses IRQ 4.
  • The COM2 port (/dev/ttyS1) uses IRQ 3 by default.
  • The first parallel port of a Linux workstation is represented by the /dev/lp0 identifier. All devices in Linux are defined in the /dev directory.
  • The /dev/sda identifier represents the first drive on the first SCSI bus.
  • In Linux, each device is represented by a file name. The first IDE hard disk drive is represented by the /hda file name. If a computer has more than one IDE drive, they are given file names /hdb, /hdc, and so on.
  • The /dev directory contains files that represent access points to the devices installed on a Linux computer. These devices include terminal devices, floppy disk drives, hard disk drives, RAM, CD-ROMs, etc.
  • IFCONFIG is a command-line tool that is used for network interface management.
  • The first ethernet interface of a Linux computer is mounted as eth0. The IFCONFIG eth0 down command will disable the first ethernet interface.
  • The IFCONFIG command with the up option activates the specified interface.
  • The lo option with the IFCONFIG command is used to view the loopback interface.
  • The /proc file system contains hardware configurations of a Linux computer.
  • While the TOP application is running, pressing the ‘N’ key sorts data according to the % memory usage of the task.
  • The down option with the IFCONFIG command is used to deactivate the specified interface.
  • Sniffers tend to hear everything, so they put interfaces in “promiscuous mode,” i.e., they hear all traffic on the LAN, not just the traffic sent their way.
  • Speed, expansion, and easy configuration of hardware devices is the prime benefits of using USB.
  • Institute of Electrical and Electronics Engineers (IEEE) 1394 supports a data transfer rate of 400Mbps.
  • Install a USB host adapter card on the motherboard to use the USB modem.
  • According to the USB 2.0 standard, the maximum cable length between devices should be 5 meters.
  • If you find that the floppy drive LED remains on continuously, the most likely cause of the issue is that the data cable is inserted backward at either the drive or the controller connection.
  • Personal Computer Memory Card International Association (PCMCIA) card is also known as PC card. The PC card uses a small expansion slot and is primarily used in laptops.
  • To enable the automatic shutdown of a Linux computer, UPS and Powerd daemon are required to be installed on the computer.
  • A CD-ROM drive commonly uses the ATAPI interface.
  • ATAPI technology is a standard for mass storage devices.
  • ATAPI is used for extending EIDE.
  • The SCSI controller uses the ID 7.
  • SCSI devices do not use IRQs. They use SCSI IDs.
  • A minimum of three disks are required for configuring disk striping with parity (RAID 5). If you want to configure a computer with a hot spare disk, at least one extra disk will be required.
  • RAID-5 volume uses the storage capacity of one hard disk for keeping the parity information of the RAID.

Download links are: