RHCSA & RHCE Red Hat Enterprise Linux 7: Training and Exam Preparation Guide (EX200 and EX300), Third Edition (2015)

Appendix C: Sample RHCSA Exam 2

Time Duration:     4 hours

Passing Score:        70% (210 out of 300)

Instructions:         The RHCE exam, EX300, is offered electronically on a desktop system running RHEL7. The exam presents a list of tasks that are to be completed within the stipulated time. Firewall and SELinux are active and running, and they need to be taken into account. All settings performed on the systems must survive system reboots or you will not be given credits. Access to the Internet, printed material, and electronic devices is prohibited during the exam.

Setup for the Sample Exam:

Install RHEL7 (or its clone) on a physical system called hv3 with hypervisor and desktop/X Window support. Install two virtual machines (rhce1 and rhce2) and load minimal RHEL7 without GUI support. The virtual machines should have their primary interfaces configured with appropriate IP addresses on the same network.

Instructions for this Sample Exam:

Instruction 01: Tasks furnished here are in addition to the exercises and labs presented in the RHCSA section of this book. No solutions are provided.

Instruction 02: Do not consult the material in this book or browse the Internet while taking this sample exam. However, you can refer to the online help and the documentation located in the /usr/share/doc directory.

Instruction 03: This exam should be done in a text console using commands or text tools.

Instruction 04: You can reboot the system after completing each task or a few tasks, or wait until all tasks have been finished. Do not forget to retest the configuration after the reboot.

Instruction 05: Create user accounts harry, barry, and mary on both virtual machines and the hypervisor server, and set a password for them.

Instruction 06: Use your own judgement for making decisions where necessary.

Tasks:

Task 01: Set SELinux to enforcing mode on both virtual machines.

Task 02: Establish a caching DNS server on rhce1 to serve the local network.

Task 03: Configure the resolver on both virtual machines to use the caching DNS server.

Task 04: Configure LDAP client on rhce1 with search base dc=example, dc=com and self-signed certificate over SSL/TLS. This task presumes that LDAP service is running on rhce2 for domain example.com.

Task 05: Deny ssh access to user barry from example.net and all users from 192.168.0.200 on both virtual machines.

Task 06: Disable direct root login access via ssh on rhce2.

Task 07: Configure Apache on rhce1 to listen on port 22222 with DocumentRoot /var/www/client1 and password-protected access to user gary. Disallow access to this web server from systems in domain example.net.

Task 08: Configure a secure virtual host called svhostlab1.example.com on rhce1 accessible only from the local network. Create a self-signed certificate and use it.

Task 09: Configure Postfix on rhce2 so that mail destined for hv3 from localhost for user barry is received on rhce2. The mail should appear to have originated from the hostname. Log in as barry on rhce2 and verify the receipt.

Task 10: Modify Postfix on rhce2 so that mail destined for hv3 from local network for user harry is received on rhce2. The mail should appear to have originated from example.org domain. Log in as harry on rhce2 and verify the receipt.

Task 11: Add a route on rhce1 via an appropriate network interface to reach 192.168.10 network.

Task 12: Create a 1GB disk on hv3 and assign it to rhce1. Configure vg10 on the new disk on rhce1 and create a logical partition called lvoliscsi of 100 LEs. Configure iSCSI target on rhce1 using the logical volume and present it as a block disk to rhce2.

Task 13: Configure iSCSI initiator on rhce2 using the block device presented from rhce1. Create a volume group called iscsivg with 16MB PE size on rhce1 and then use 20 LEs to create a logical volume called initiatorlv in the volume group. Construct XFS file system structures in initiatorlv and mount it on /mnt/iscsilv on rhce2.

Task 14: Create a script on rhce1 so that it prints RHCSA when RHCE is entered, and vice versa. If no arguments are supplied, the script should print a usage message and exit.

Task 15: Configure IPv6 addresses on the primary interfaces on both rhce1 and rhce2. Assign hostnames rhce1ipv6 and rhce2ipv6. Add their entries to the hosts table. Run ping6 tests to verify the connectivity. Issue ping tests on the primary IPv4 addresses also to verify their operational state.

Task 16: Create four virtual interfaces on the hypervisor and assign two to rhce1 and the other two to rhce2. Configure bonding with IP assignments of your choice on both virtual machines. Run ping tests to verify the connection. Disable one of the interfaces while ping running. You should not notice a change. The bonding interfaces should be active after system reboots.

Task 17: Create two directories /smb1 and /smb2 on rhce1 and share them with Samba to rhce2 and example.com domain, respectively. Share /smb1 in read/write mode to admins group (create if it does not exist, and add harry and barry to it). Share /smb2 with read-only access to user mary only. Access and mount /smb1 on rhce2 on /mnt/smbshare1. Mount /smb2 on hv3 on /mnt/smbshare2. The user mary should not have write access to /mnt/smbshare2. Make sure the mounts survive system reboots.

Task 18: Create a MariaDB database called studentdb on rhce1 and add ten records each containing “student first name” (Allen, David, Mary, Dennis, Joseph, Dennis, Ritchie, Robert, David, and Mary), “student last name” (Brown, Brown, Green, Green, Black, Black, Salt, Salt, Suzuki, and Chen), program enrolled in (3 x mechanical, 3 x electrical, and 4 x computer science), expected graduation year (2 x 2017, 3 x 2018, 5 x 2020), and a student number (110-001 to 110-010).

Task 19: Query the studentdb database to find all students with their last names Green and graduating in 2017. Store the result in a file. Run another query to find all students with matching lastnames.

Task 20: Create a CGI script on rhce2 that displays the system hostname when accessed as www.rhce2.example.com.

Task 21: Create a directory called /both on rhce2 and share it with both Samba and NFS in read/write mode to users in the example.com domain. Access and mount the share on rhce1 using CIFS and NFS persistently on /mnt/bothshare.

Task 22: Set up a simple virtual host called vrhce2.example.com on rhce2 with index.html placed in DocumentRoot /var/vrhce2. Update the hosts table for name resolution. This virtual host should be accessible from everywhere.

Task 23: Create four virtual interfaces on the hypervisor and assign two to rhce1 and the other two to rhce2. Configure teaming with IP assignments of your choice on both virtual machines. Run ping tests to verify the connection. Disable one of the interfaces while ping running. You should not notice an issue. The team interfaces should be active after system reboots. The team setup should work and co-exist with IPv6 and bonding configurations in place.

Task 24: Configure NTP server on rhce2 and client on rhce1.

Reboot the system and validate the configuration.