linux logo

Goals


- Preparation for LPIC-2 certification

Program

Problematic
Measures : consumption and problem
– Measurement of resource consumption (CPU, memory, disks, network, …)
– Consumption of bandwidth at the level of a router and by client
– Identification of potential problems and bottlenecks
Measures: trends and planning
– Problem
– Trend analysis
Software solutions: Icinga2, Nagios, Collectd, MRTG, Cacti, …

Workshop : MCQ and commented answers

Presentation
Core components
Compiling a kernel
Dynamic kernel management
Current kernel information
Modules management
Udev and its rules

Workshop : MCQ and commented answers

Presentation : phases of initialization
Start-up infrastructure
LSB standardization
Boot in « Recovery » mode
BIOS and UEFI
Interact with Grub (Version 2 and Legacy version)
Alternative bootloaders

Workshop : MCQ and commented answers

List and information on the storage devices present
Nomenclature of special storage files
Storage Device Configuration Utilities
NVMe devices
ISCSI devices
Notions of SAN, AoE and FCoE
Software RAID
– Implementation of software RAID
– Information about a RAID device

Workshop : MCQ and commented answers

LVM architecture
Management of Physical Volumes
Management of Volume Groups
Management of Logical Volumes
Manipulating snapshots
Activate / Deactivate a volume group

Workshop : MCQ and commented answers

File system concept
Major Linux File Systems
– Ext2, ext3 and ext4
– Btrfs and XFS
– ZFS
Creating a file system
Identifying the file systems present
Manual assembly and disassembly
Automatic mount, / etc / fstab file and systemd mount
File System Information
Managing pagination spaces
Autofs service
ISO9660 and UDF file systems
Encryption of a file system: dm-crypt and Luks

Workshop : MCQ and commented answers

Configuration of network interfaces
Routing table management
Configuring the DNS client
Status of network devices
Network traffic monitoring and analysis
TCP-Wrappers: access restrictions
Analysis and diagnostic utilities

Workshop : MCQ and commented answers

Installation procedure from sources
Source recovery
Compile and install configuration
Compilation
Installation
Version management by patches

Workshop : MCQ and commented answers

Determining what to back up
Types of backup
– Complete, partial
– Automatic, manual
– Local, network
Choice of backup media
Network backup concepts: Amanda, Bacula, Bareos, BackupPC
Checking the integrity of a backup
Restoration

Workshop : MCQ and commented answers

Automatic information: / etc / issue, /etc/issue.net, / etc / motd
Occasional information: write, wall
Event information: shutdown, systemctl

Workshop : MCQ and commented answers

Duration

5 days

Price

£ 2582

Audience

Anyone intending to pass the LPIC-2 certification

Prerequisites

Knowledge required on the topics covered

Reference

LIN100802-F

DNS terminology
BIND-9.x Server Configuration Principles
Notions of dnsmasq, djdns and PowerDNS alternatives
DNS zone management
– Principle of management of BIND-9 zones.
– Addition of zones
Query utilities
Securing a DNS server
– Security objectives
– Embellishment of a DNS server
– Implementation of a Split DNS
– TSIG management
– DNSSEC and DANE security concepts

Workshop : MCQ and commented answers

Apache 2.4 server configuration principles
Basic server configuration
Access and error logging
Access authorization management
PHP and mod_perl configuration
Implementation of VirtualHosts
Managing redirects
Implementing HTTPS
– Principles
– Generation of certificates (public and self-signed)
– Apache configuration
– VirtualHosts and SNI

Workshop : MCQ and commented answers

Principles of squid configuration
ACL management
Client authentication

Workshop : MCQ and commented answers

Basic configuration of Nginx
Nginx as a web server
Nginx as a proxy server

Workshop : MCQ and commented answers

Basic configuration
Associated utilities
Linux as a Samba client
Windows / Linux user matching
Different authentication methods

Workshop : MCQ and commented answers

Implementing NFS File Sharing
NFS utilities
NFS ACL
Client configuration
Securing the server with TCP Wrappers
Introducing NFSv4

Workshop : MCQ and commented answers

DHCP configuration
Address ranges
Guest reservation
Overview of DHCPv6

Workshop : MCQ and commented answers

Presentation
Shadow password management
Sssd daemon and LDAP authentication

Workshop : MCQ and commented answers

LDAP: the concepts
Introducing OpenLDAP
Directory configuration
Access control
Diagrams and White Pages
LDAP clients
– LDAP utilities: ldapsearch, ldapadd, ldapdelete
– Changing the LDAP password
– Query from an LDAP directory

Workshop : MCQ and commented answers

Presentation of a messaging service
– MTA
– MDA
– MUA
Understand SMTP, POP and IMAP protocols
Different mail servers: Postfix, Sendmail, Exim

Workshop : MCQ and commented answers

Basic Postfix server configuration
Alias ​​management
Default logging
TLS secure configuration of the Postfix server

Workshop : MCQ and commented answers

Filtering concept: Sieve and Procmail
Basic syntax of the Sieve scripting language
– Sorting by issuer
– Sorting by recipient
– Sort by header
– Sort by size

Workshop : MCQ and commented answers

Notion of MDA, POP and IMAP protocols
Introducing Dovecot and Courier
Basic Dovecot configuration
Dovecot TLS configuration

Workshop : MCQ and commented answers

Presentation
Themes addressed
– Securing a router with iptables
– FTP security
– Secure connection with OpenSSH
– Security maintenance
– Network access with OpenVPN

Workshop : MCQ and commented answers

Management of routing tables
Implementation of filtering rules
Notions of private address ranges
– Creation
– Display
– Backup / Restore
NAT / PAT solution implementation

Workshop : MCQ and commented answers

Understand the passive / active functioning of the FTP protocol
Configuration and implementation of Pure-FTPd and vsftpd servers
Basic knowledge of ProFTPd

Workshop : MCQ and commented answers

Presentation
SSH clients
OpenSSH server configuration items
User access restrictions
Authentication restrictions
Private / public key connections
SSH tunnels

Workshop : MCQ and commented answers

Security scan utilities
– telnet client
– port scan: nmap
– nc tool
Security Information Sites
Intrusion detection
– iptables
– fail2ban
– OpenVAS (notions)
– Snort (notions)

Workshop : MCQ and commented answers

Presentation
Configuration principle
Point-to-point VPN
– by shared key
– by certificate
Site-to-Site VPN

Workshop : MCQ and commented answers

Passing of the certification (if foreseen in the financing)

Sessions

Contact us for more informations about session date