최신 102-500日本語 무료덤프 - Lpi LPIC-1 Exam 102, Part 2 of 2, version 5.0 (102-500日本語版)
シャドウパスワードが有効になっているLinuxシステムで、ファイルシステムのどのファイルにすべてのローカルユーザーのパスワードハッシュが含まれていますか? (パスを含むファイルのフルネームを指定してください。)
정답:
etcshadow
Explanation:
On a Linux system with shadow passwords enabled, the file that contains the password hashes of all local users is /etc/shadow. This file is a replacement for the password field in /etc/passwd, which is a world-readable file that contains basic information about users. The /etc/shadow file is not readable by regular users, and it stores the encrypted passwords (or hashes) of each user, along with other information such as password expiration dates, minimum and maximum password ages, and password warning periods. The /etc/shadow file has nine colon-delimited fields for each user:
Username: The name used when the user logs into the system.
Password: The encrypted password of the user, or a special character that indicates the password status. For example, an asterisk (*) means the account is locked, and an exclamation mark (!) means the password is expired.
Last Password Change: The date of the last password change, expressed as the number of days since January 1, 1970.
Minimum Password Age: The minimum number of days required between password changes. A zero means the password can be changed anytime.
Maximum Password Age: The maximum number of days the password is valid. After this number of days, the password must be changed. A zero means the password never expires.
Password Warning Period: The number of days before the password expires that the user will be warned. A zero means no warning is given.
Password Inactivity Period: The number of days after the password expires that the account will be disabled. A negative value means the account is never disabled.
Account Expiration Date: The date when the account will be disabled, expressed as the number of days since January 1, 1970. A zero means the account never expires.
Reserved Field: A field for future use.
The /etc/shadow file can be modified by using the commands passwd and chage, which are used to change the password and the password aging information of a user, respectively. The /etc/shadow file should not be edited directly, but always through the tools provided by the distribution. For more details, see the shadow manual page.
Reference:
LPIC-1 Exam 102 Objectives, Topic 110: Security, Subtopic 110.2: Use sudo to manage access to the root account, Weight: 2, Key Knowledge Areas: Configure sudo and sudoers. Use sudo to execute commands as another user.
LPIC-1 Exam 102 Learning Materials, Topic 110: Security, Subtopic 110.2: Use sudo to manage access to the root account, Section 110.2.1: sudo and sudoers, Page 3-5.
Explanation:
On a Linux system with shadow passwords enabled, the file that contains the password hashes of all local users is /etc/shadow. This file is a replacement for the password field in /etc/passwd, which is a world-readable file that contains basic information about users. The /etc/shadow file is not readable by regular users, and it stores the encrypted passwords (or hashes) of each user, along with other information such as password expiration dates, minimum and maximum password ages, and password warning periods. The /etc/shadow file has nine colon-delimited fields for each user:
Username: The name used when the user logs into the system.
Password: The encrypted password of the user, or a special character that indicates the password status. For example, an asterisk (*) means the account is locked, and an exclamation mark (!) means the password is expired.
Last Password Change: The date of the last password change, expressed as the number of days since January 1, 1970.
Minimum Password Age: The minimum number of days required between password changes. A zero means the password can be changed anytime.
Maximum Password Age: The maximum number of days the password is valid. After this number of days, the password must be changed. A zero means the password never expires.
Password Warning Period: The number of days before the password expires that the user will be warned. A zero means no warning is given.
Password Inactivity Period: The number of days after the password expires that the account will be disabled. A negative value means the account is never disabled.
Account Expiration Date: The date when the account will be disabled, expressed as the number of days since January 1, 1970. A zero means the account never expires.
Reserved Field: A field for future use.
The /etc/shadow file can be modified by using the commands passwd and chage, which are used to change the password and the password aging information of a user, respectively. The /etc/shadow file should not be edited directly, but always through the tools provided by the distribution. For more details, see the shadow manual page.
Reference:
LPIC-1 Exam 102 Objectives, Topic 110: Security, Subtopic 110.2: Use sudo to manage access to the root account, Weight: 2, Key Knowledge Areas: Configure sudo and sudoers. Use sudo to execute commands as another user.
LPIC-1 Exam 102 Learning Materials, Topic 110: Security, Subtopic 110.2: Use sudo to manage access to the root account, Section 110.2.1: sudo and sudoers, Page 3-5.
存在する場合、次のファイルのどれがBashシェルの動作に影響を与えますか? (正しい答えを2つ選んでください。)
정답: A,C
설명: (DumpTOP 회원만 볼 수 있음)
コマンドtest -e pathとtest -f pathの違いは何ですか?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
/etc/ に cron, allow も cron, deny も存在しない場合、次のどれが正しいですか?
정답: D
コマンドecho $が1を出力するとき、次の文のどれが当てはまりますか。
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
/etc/network/interfaces や /etc/sysconflg/network-scripts/ifcfg-etho などのディストリビューション固有の構成に従ってネットワーク インターフェイスを有効にするコマンドは何ですか?(パスやパラメーターを指定せずにコマンドのみを指定します。)
정답:
UP
コマンド seq 1 5 20 はどのような出力を生成しますか?
정답: A
空欄を埋めてください
________ コマンドは、システムにグループを追加するために使用されます。
________ コマンドは、システムにグループを追加するために使用されます。
정답:
groupaddusrsbingroupadd
Explanation:
The groupadd command creates a new group using the options specified on the command line and the default values from the /etc/login.defs file. It adds an entry for the new group to the /etc/group and /etc/gshadow files. Only the root user or a user with sudo privileges can create new groups using this command. The general syntax for the groupadd command is as follows:
groupadd [OPTIONS] GROUPNAME
Some of the common options for the groupadd command are:
-g, --gid GID: Specify the numeric group ID for the new group. If not given, the system will assign the next available GID from the range of group IDs specified in the login.defs file.
-r, --system: Create a system group with a GID chosen from the range of system group IDs specified in the login.defs file. System groups are usually used for some special system operation purposes, like creating backups or doing system maintenance.
-f, --force: Suppress the error message if the group already exists and exit successfully. This option is useful for scripts that need to ensure the existence of a group.
-K, --key KEY=VALUE: Override the default values from the /etc/login.defs file. The valid keys are GROUP_MIN_ID, GROUP_MAX_ID, SYS_GROUP_MIN_ID, SYS_GROUP_MAX_ID, and GID_INCREMENT.
Reference:
https://linuxize.com/post/how-to-create-groups-in-linux/
https://linuxhandbook.com/groupadd-command/
Explanation:
The groupadd command creates a new group using the options specified on the command line and the default values from the /etc/login.defs file. It adds an entry for the new group to the /etc/group and /etc/gshadow files. Only the root user or a user with sudo privileges can create new groups using this command. The general syntax for the groupadd command is as follows:
groupadd [OPTIONS] GROUPNAME
Some of the common options for the groupadd command are:
-g, --gid GID: Specify the numeric group ID for the new group. If not given, the system will assign the next available GID from the range of group IDs specified in the login.defs file.
-r, --system: Create a system group with a GID chosen from the range of system group IDs specified in the login.defs file. System groups are usually used for some special system operation purposes, like creating backups or doing system maintenance.
-f, --force: Suppress the error message if the group already exists and exit successfully. This option is useful for scripts that need to ensure the existence of a group.
-K, --key KEY=VALUE: Override the default values from the /etc/login.defs file. The valid keys are GROUP_MIN_ID, GROUP_MAX_ID, SYS_GROUP_MIN_ID, SYS_GROUP_MAX_ID, and GID_INCREMENT.
Reference:
https://linuxize.com/post/how-to-create-groups-in-linux/
https://linuxhandbook.com/groupadd-command/
空欄を埋めてください
特定のログ機能のすべてのログ メッセージを除外するには、 _____ のログ優先度を使用する必要があります。
特定のログ機能のすべてのログ メッセージを除外するには、 _____ のログ優先度を使用する必要があります。
정답:
none
Explanation:
To exclude all log messages of a given logging facility, you should use a logging priority of none. This means that no messages from that facility will be logged, regardless of their severity level. For example, if you want to exclude all messages from the local0 facility, you can use local0.none in your syslog configuration file. This will prevent any messages from local0 from being written to any log file or destination that matches that selector12. The logging priority of none is part of the LPI's multi-level Linux professional certification program, and it is covered in the topic 106.1 System logging of the exam 102 objectives3. Reference: 1: logging - exclude syslog facility from all others - Server Fault 2: rsyslog.conf(5) - Linux manual page - man7.org 3: Exam 102 Objectives
Explanation:
To exclude all log messages of a given logging facility, you should use a logging priority of none. This means that no messages from that facility will be logged, regardless of their severity level. For example, if you want to exclude all messages from the local0 facility, you can use local0.none in your syslog configuration file. This will prevent any messages from local0 from being written to any log file or destination that matches that selector12. The logging priority of none is part of the LPI's multi-level Linux professional certification program, and it is covered in the topic 106.1 System logging of the exam 102 objectives3. Reference: 1: logging - exclude syslog facility from all others - Server Fault 2: rsyslog.conf(5) - Linux manual page - man7.org 3: Exam 102 Objectives
ログイン試行に使用される秘密鍵の場所を指定する ssh コマンドのパラメータはどれですか? (値やパラメータを指定せずにオプション名のみを指定します。)
정답:
sshkeygen
ping コマンドはデフォルトでどのように機能しますか?
정답: C
tcpd などの TCP ラッパー プログラムを経由してサーバーに接続できるサービスとホストのセットが含まれているファイルはどれですか? (パスを含むファイルの完全な名前を指定してください。)https://lh3.googleusercontent.com/-5cd-clmKnbk/AAAAAAAAAAI/AAAAAAAAADM/-SXesH19Ido/s46-ck-no/photo.jpg
정답:
etchostsallow
Explanation:
The /etc/hosts.allow file contains a set of rules that specify which services and hosts are allowed to connect to the server by going through a TCP Wrapper program such as tcpd. TCP Wrappers are a security mechanism that can filter incoming requests based on the source address, destination address, and service name. TCP Wrappers can also perform logging, redirection, and execution of commands based on the rules.
The /etc/hosts.allow file has the following format:
service_list : host_list [ : option_list ]
The service_list is a comma-separated list of service names, such as sshd, telnet, or ftp. The host_list is a comma-separated list of host names, IP addresses, or network masks that are allowed to access the services. The option_list is an optional list of keywords that can modify the behavior of the rule, such as twist, spawn, deny, or allow.
For example, the following rule in /etc/hosts.allow allows ssh access from any host in the 192.168.1.0/24 network, and logs the connection attempt:
sshd : 192.168.1.0/255.255.255.0 : spawn /bin/echo %a from %h attempted to access %d >> /var/log/sshd.log The /etc/hosts.allow file is processed before the /etc/hosts.deny file, which contains the rules for denying access to the server. If a request matches a rule in /etc/hosts.allow, it is granted access and the processing stops. If it does not match any rule in /etc/hosts.allow, it is checked against the rules in /etc/hosts.deny. If it matches a rule in /etc/hosts.deny, it is denied access and the processing stops. If it does not match any rule in either file, it is granted access by default.
Reference:
LPI 102-500 Exam Objectives, Topic 110.3: Implement host security
LPI 102-500 Study Guide, Chapter 10: Securing Your System, Section 10.3: TCP Wrappers hosts.allow man page
Explanation:
The /etc/hosts.allow file contains a set of rules that specify which services and hosts are allowed to connect to the server by going through a TCP Wrapper program such as tcpd. TCP Wrappers are a security mechanism that can filter incoming requests based on the source address, destination address, and service name. TCP Wrappers can also perform logging, redirection, and execution of commands based on the rules.
The /etc/hosts.allow file has the following format:
service_list : host_list [ : option_list ]
The service_list is a comma-separated list of service names, such as sshd, telnet, or ftp. The host_list is a comma-separated list of host names, IP addresses, or network masks that are allowed to access the services. The option_list is an optional list of keywords that can modify the behavior of the rule, such as twist, spawn, deny, or allow.
For example, the following rule in /etc/hosts.allow allows ssh access from any host in the 192.168.1.0/24 network, and logs the connection attempt:
sshd : 192.168.1.0/255.255.255.0 : spawn /bin/echo %a from %h attempted to access %d >> /var/log/sshd.log The /etc/hosts.allow file is processed before the /etc/hosts.deny file, which contains the rules for denying access to the server. If a request matches a rule in /etc/hosts.allow, it is granted access and the processing stops. If it does not match any rule in /etc/hosts.allow, it is checked against the rules in /etc/hosts.deny. If it matches a rule in /etc/hosts.deny, it is denied access and the processing stops. If it does not match any rule in either file, it is granted access by default.
Reference:
LPI 102-500 Exam Objectives, Topic 110.3: Implement host security
LPI 102-500 Study Guide, Chapter 10: Securing Your System, Section 10.3: TCP Wrappers hosts.allow man page
SSH を使用して他のマシンにログインするときに自動認証に使用されるキーをプリロードして管理するコマンドはどれですか。
정답: C
ユーザー固有のcrontabはどこに保存されていますか?
정답: E
설명: (DumpTOP 회원만 볼 수 있음)
すべての環境変数とシェル変数を表示する次のコマンドはどれですか?
정답: C
설명: (DumpTOP 회원만 볼 수 있음)
システムによって生成されたすべてのsyslogメッセージをコンソール12に表示するために、syslog.confファイルにどのようなエントリを追加できますか?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
どのファイルでatまたはbatch経由でジョブを送信できないユーザーアカウントを指定しますか? (フルパスとファイル名を入力してください)
정답:
etcatdeny
Explanation:
The /etc/at.deny file specifies the user accounts that can NOT submit jobs via at or batch. The format of the file is a list of usernames, one on each line. Whitespace is not permitted. The superuser may always use at. If the file /etc/at.allow exists, only usernames mentioned in it are allowed to use at. If /etc/at.allow does not exist, /etc/at.deny is checked12. The at and batch commands use the files /usr/lib/cron/at.allow and /usr/lib/cron/at.deny to restrict usage on some systems3. Reference:
at.allow(5) - Linux man page
at.deny(5) [linux man page] - The UNIX and Linux Forums
The at.allow and at.deny files - IBM
Explanation:
The /etc/at.deny file specifies the user accounts that can NOT submit jobs via at or batch. The format of the file is a list of usernames, one on each line. Whitespace is not permitted. The superuser may always use at. If the file /etc/at.allow exists, only usernames mentioned in it are allowed to use at. If /etc/at.allow does not exist, /etc/at.deny is checked12. The at and batch commands use the files /usr/lib/cron/at.allow and /usr/lib/cron/at.deny to restrict usage on some systems3. Reference:
at.allow(5) - Linux man page
at.deny(5) [linux man page] - The UNIX and Linux Forums
The at.allow and at.deny files - IBM
エイリアス 1s が存在する場合、次のコマンドのうちどれがエイリアスの現在のターゲットではなくコマンド 1s -1 を指すようにエイリアスを更新しますか?
정답: A
sytemd-journald に関する次の記述のうち、正しいものはどれですか? (3つお選びください。)
정답: A,B,E
설명: (DumpTOP 회원만 볼 수 있음)