Goals
- Preparation for LPIC-2 certification
Program
Problematic
Measures : consumption and problem
– Measurement of resource consumption (CPU, memory, disks, network, …)
– Consumption of bandwidth at the level of a router and by client
– Identification of potential problems and bottlenecks
Measures: trends and planning
– Problem
– Trend analysis
Software solutions: Icinga2, Nagios, Collectd, MRTG, Cacti, …
Workshop : MCQ and commented answers
Presentation
Core components
Compiling a kernel
Dynamic kernel management
Current kernel information
Modules management
Udev and its rules
Workshop : MCQ and commented answers
Presentation : phases of initialization
Start-up infrastructure
LSB standardization
Boot in « Recovery » mode
BIOS and UEFI
Interact with Grub (Version 2 and Legacy version)
Alternative bootloaders
Workshop : MCQ and commented answers
List and information on the storage devices present
Nomenclature of special storage files
Storage Device Configuration Utilities
NVMe devices
ISCSI devices
Notions of SAN, AoE and FCoE
Software RAID
– Implementation of software RAID
– Information about a RAID device
Workshop : MCQ and commented answers
LVM architecture
Management of Physical Volumes
Management of Volume Groups
Management of Logical Volumes
Manipulating snapshots
Activate / Deactivate a volume group
Workshop : MCQ and commented answers
File system concept
Major Linux File Systems
– Ext2, ext3 and ext4
– Btrfs and XFS
– ZFS
Creating a file system
Identifying the file systems present
Manual assembly and disassembly
Automatic mount, / etc / fstab file and systemd mount
File System Information
Managing pagination spaces
Autofs service
ISO9660 and UDF file systems
Encryption of a file system: dm-crypt and Luks
Workshop : MCQ and commented answers
Configuration of network interfaces
Routing table management
Configuring the DNS client
Status of network devices
Network traffic monitoring and analysis
TCP-Wrappers: access restrictions
Analysis and diagnostic utilities
Workshop : MCQ and commented answers
Installation procedure from sources
Source recovery
Compile and install configuration
Compilation
Installation
Version management by patches
Workshop : MCQ and commented answers
Determining what to back up
Types of backup
– Complete, partial
– Automatic, manual
– Local, network
Choice of backup media
Network backup concepts: Amanda, Bacula, Bareos, BackupPC
Checking the integrity of a backup
Restoration
Workshop : MCQ and commented answers
Automatic information: / etc / issue, /etc/issue.net, / etc / motd
Occasional information: write, wall
Event information: shutdown, systemctl
Workshop : MCQ and commented answers
Duration
5 days
Price
£ 2582
Audience
Anyone intending to pass the LPIC-2 certification
Prerequisites
Knowledge required on the topics covered
Reference
LIN100802-F
DNS terminology
BIND-9.x Server Configuration Principles
Notions of dnsmasq, djdns and PowerDNS alternatives
DNS zone management
– Principle of management of BIND-9 zones.
– Addition of zones
Query utilities
Securing a DNS server
– Security objectives
– Embellishment of a DNS server
– Implementation of a Split DNS
– TSIG management
– DNSSEC and DANE security concepts
Workshop : MCQ and commented answers
Apache 2.4 server configuration principles
Basic server configuration
Access and error logging
Access authorization management
PHP and mod_perl configuration
Implementation of VirtualHosts
Managing redirects
Implementing HTTPS
– Principles
– Generation of certificates (public and self-signed)
– Apache configuration
– VirtualHosts and SNI
Workshop : MCQ and commented answers
Principles of squid configuration
ACL management
Client authentication
Workshop : MCQ and commented answers
Basic configuration of Nginx
Nginx as a web server
Nginx as a proxy server
Workshop : MCQ and commented answers
Basic configuration
Associated utilities
Linux as a Samba client
Windows / Linux user matching
Different authentication methods
Workshop : MCQ and commented answers
Implementing NFS File Sharing
NFS utilities
NFS ACL
Client configuration
Securing the server with TCP Wrappers
Introducing NFSv4
Workshop : MCQ and commented answers
DHCP configuration
Address ranges
Guest reservation
Overview of DHCPv6
Workshop : MCQ and commented answers
Presentation
Shadow password management
Sssd daemon and LDAP authentication
Workshop : MCQ and commented answers
LDAP: the concepts
Introducing OpenLDAP
Directory configuration
Access control
Diagrams and White Pages
LDAP clients
– LDAP utilities: ldapsearch, ldapadd, ldapdelete
– Changing the LDAP password
– Query from an LDAP directory
Workshop : MCQ and commented answers
Presentation of a messaging service
– MTA
– MDA
– MUA
Understand SMTP, POP and IMAP protocols
Different mail servers: Postfix, Sendmail, Exim
Workshop : MCQ and commented answers
Basic Postfix server configuration
Alias management
Default logging
TLS secure configuration of the Postfix server
Workshop : MCQ and commented answers
Filtering concept: Sieve and Procmail
Basic syntax of the Sieve scripting language
– Sorting by issuer
– Sorting by recipient
– Sort by header
– Sort by size
Workshop : MCQ and commented answers
Notion of MDA, POP and IMAP protocols
Introducing Dovecot and Courier
Basic Dovecot configuration
Dovecot TLS configuration
Workshop : MCQ and commented answers
Presentation
Themes addressed
– Securing a router with iptables
– FTP security
– Secure connection with OpenSSH
– Security maintenance
– Network access with OpenVPN
Workshop : MCQ and commented answers
Management of routing tables
Implementation of filtering rules
Notions of private address ranges
– Creation
– Display
– Backup / Restore
NAT / PAT solution implementation
Workshop : MCQ and commented answers
Understand the passive / active functioning of the FTP protocol
Configuration and implementation of Pure-FTPd and vsftpd servers
Basic knowledge of ProFTPd
Workshop : MCQ and commented answers
Presentation
SSH clients
OpenSSH server configuration items
User access restrictions
Authentication restrictions
Private / public key connections
SSH tunnels
Workshop : MCQ and commented answers
Security scan utilities
– telnet client
– port scan: nmap
– nc tool
Security Information Sites
Intrusion detection
– iptables
– fail2ban
– OpenVAS (notions)
– Snort (notions)
Workshop : MCQ and commented answers
Presentation
Configuration principle
Point-to-point VPN
– by shared key
– by certificate
Site-to-Site VPN
Workshop : MCQ and commented answers
Passing of the certification (if foreseen in the financing)
Sessions
Contact us for more informations about session date