دوره LPIC 2 (202-201)

• BIND 9.x configuration files, terms and utilities
• Defining the location of the BIND zone files in BIND configuration files
• Reloading modified configuration and zone files
• Awareness of dnsmasq, djbdns and PowerDNS as alternate name servers

• BIND 9 configuration files, terms and utilities
• Utilities to request information from the DNS server
• Layout, content and file location of the BIND zone files
• Various methods to add a new host in the zone files, including reverse zones

• BIND 9 configuration files
• Configuring BIND to run in a chroot jail
• Split configuration of BIND using the forwarders statement
• Configuring and using transaction signatures (TSIG)
•Awareness of DNSSEC and basic tools
• Awareness of DANE and related records

• Apache 2.4 configuration files, terms and utilities
• Apache log files configuration and content
• Access restriction methods and files
• mod_perl and PHP configuration
• Client user authentication files and utilities
• Configuration of maximum requests, minimum and maximum servers and clients
•Apache 2.4 virtual host implementation (with and without dedicated IP addresses)
• Using redirect statements in Apache’s configuration files to customize file access

• SSL configuration files, tools and utilities
• Generate a server private key and CSR for a commercial CA
• Generate a self-signed Certificate
• Install the key and certificate, including intermediate CAs
• Configure Virtual Hosting using SNI
• Awareness of the issues with Virtual Hosting and use of SSL
• Security issues in SSL use, disable insecure protocols and ciphers

•Squid 3.x configuration files, terms and utilities
• Access restriction methods
• Client user authentication methods
• Layout and content of ACL in the Squid configuration files

• Nginx
• Reverse Proxy
• Basic Web Server

• Samba 4 documentation
• Samba 4 configuration files
• Samba 4 tools and utilities and daemons
• Mounting CIFS shares on Linux
• Mapping Windows user names to Linux user names
• User-Level, Share-Level and AD security

• NFS version 3 configuration files
• I/O redirection
• NFS tools and utilities
• Access restrictions to certain hosts and/or subnets
• Mount options on server and client
•TCP Wrappers
• Awareness of NFSv4

• DHCP configuration files, terms and utilities
• Subnet and dynamically-allocated range setup
• Awareness of DHCPv6 and IPv6 Router Advertisements

• OpenLDAP
• Directory based configuration
• Access Control
• Distinguished Names
• Changetype Operations • Schemas and Whitepages
• Directories
• Object IDs, Attributes and Classes

• Configuration files for postfix
•Basic TLS configuration for postfix
• Basic knowledge of the SMTP protocol
• Awareness of sendmail and exim

• Understanding of Sieve functionality, syntax and operators
• Use Sieve to filter and sort mail with respect to sender, recipient(s), headers and size
• Awareness of procmail

• Dovecot IMAP and POP3 configuration and administration
• Basic TLS configuration for Dovecot
• Awareness of Courier

• iptables and ip6tables configuration files, tools and utilities
• Tools, commands and utilities to manage routing tables.
• Private address ranges (IPv4) and Unique Local Addresses as well as Link Local Addresses (IPv6)
• Port redirection and IP forwarding
• List and write filtering and rules that accept or block IP packets based on source or destination protocol, port and address
• Save and reload filtering configurations

• Configuration files, tools and utilities for Pure-FTPd and vsftpd
• Awareness of ProFTPd
• Understanding of passive vs. active FTP connections

• OpenSSH configuration files, tools and utilities
• Login restrictions for the superuser and the normal users
• Managing and using server and client keys to login with and without password
• Usage of multiple connections from multiple hosts to guard against loss of connection to remote host following configuration changes

• Tools and utilities to scan and test ports on a server
• Locations and organizations that report security alerts as Bugtraq, CERT or other sources
• Tools and utilities to implement an intrusion detection system (IDS)
• Awareness of OpenVAS and Snort

OpenVPN

• Measure CPU usage
• Measure memory usage
• Measure disk I/O
• Measure network I/O
• Measure firewalling and routing throughput
• Map client bandwidth usage
• Match / correlate system symptoms with likely problems
• Estimate throughput and identify bottlenecks in a system including networking

• Use monitoring and measurement tools to monitor IT infrastructure usage.
• Predict capacity break point of a configuration
• Observe growth rate of capacity usage
• Graph the trend of capacity usage
• Awareness of monitoring solutions such as Icinga2, Nagios, collectd, MRTG and Cacti.

Kernel 2.6.x, 3.x and 4.x documentation

• /usr/src/linux/
• Kernel Makefiles
• Kernel 2.6.x/3.x make targets
• Customize the current kernel configuration.
• Build a new kernel and appropriate kernel modules.
• Install a new kernel and any modules.
• Ensure that the boot manager can locate the new kernel and associated files.
• Module configuration files
• Use DKMS to compile kernel modules.
• Awareness of dracut

• Use command-line utilities to get information about the currently running kernel and kernel modules
• Manually load and unload kernel modules
• Determine when modules can be unloaded
• Determine what parameters a module accepts
• Configure the system to load modules by names other than their file name.
• /proc filesystem
• Content of /, /boot/ , and /lib/modules/
• Tools and utilities to analyze information about the available hardware
• udev rules

• Systemd
• SysV init
• Linux Standard Base Specification (LSB)

• BIOS and UEFI
• NVMe booting
• GRUB version 2 and Legacy
• grub shell
• boot loader start and hand off to kernel
• kernel loading
• hardware initialisation and setup
• daemon/service initialisation and setup
• Know the different boot loader install locations on a hard disk or removable device.
• Overwrite standard boot loader options and using boot loader shells.
•Use systemd rescue and emergency modes.

• SYSLINUX, ISOLINUX, PXELINUX
• Understanding of PXE for both BIOS and UEFI
• Awareness of systemd-boot and U-Boot

• The concept of the fstab configuration
• Tools and utilities for handling swap partitions and files
• Use of UUIDs for identifying and mounting file systems
• Understanding of systemd mount units

• Tools and utilities to manipulate and ext2, ext3 and ext4
• Tools and utilities to perform basic Btrfs operations, including subvolumes and snapshots
• Tools and utilities to manipulate XFS
• Awareness of ZFS

• autofs configuration files
• Understanding of automount units
• UDF and ISO9660 tools and utilities
• Awareness of other CD-ROM filesystems (HFS)
• Awareness of CD-ROM filesystem extensions (Joliet, Rock Ridge, El Torito)
• Basic feature knowledge of data encryption (dm-crypt / LUKS)

• Utilities to configure and manipulate ethernet network interfaces
• Configuring basic access to wireless networks

• Utilities to manipulate routing tables
• Utilities to configure and manipulate ethernet network interfaces
• Utilities to analyze the status of the network devices
• Utilities to monitor and analyze the TCP/IP traffic

• Automate communication with users through logon messages
• Inform active users of system maintenance