RedHat EX300 Exam Actual Questions

SIMULATION -
RHCE Test Configuration Instructions
Information for the two systems you will use in test is the following: system1.group3.example.com: is one of the main sever. system2.group3.example.com: mainly used as a client.
Password for both of the two systems is atenorth
System's IP is provided by DHCP, you can regard it as normal, or you can reset to Static IP in accordance with the following requirements: system1.group3.example.com: 172.24.3.5 system2.group3.example.com: 172.24.3.10
The subnet mask is 255.255.255.0
Your system is a member of DNS domain group3.example.com. All systems in DNS domain group3.example.com are all in subnet 172.24.3.0/255.255.255.0, the same all systems in this subnet are also in group3.example.com, unless specialized, all network services required to be configured can be accessed by systems of domain group3. host.group3.example.com provides a centralized authentication service domain
GROUP3.EXAMPLE.COM, both system1 and system2 have already been pre-configured to be the client for this domain, this domain provides the following user account:

Firewall is enabled by default, you can turn it off when deemed appropriate, other settings about firewall may be in separate requirements.
Your system will be restarted before scoring, so please ensure that all modifications and service configurations you made still can be operated after the restart without manual intervention, virtual machine instances of all examinations must be able to enter the correct multi-user level after restart without manual assistance, it will be scored zero if the test using virtual machine system cannot be restarted or be properly restarted.
Corresponding distribution packages for the testing using operating system Red Hat Enterprise Linux version can be found in the following link: http://server1.group3.example.com/rhel
Part of the requirements include host security, ensure your host security limit does not prevent the request to allow the host and network, although you correctly configured the network service but would have to allow the host or network is blocked, this also does not score.
You will notice that some requirements which clearly do not allow services be accessed by service domain my133t.org, systems of this domain are in subnet
172.25.1.0/252.255.255.0, and systems of these subnets also belong to my 133t.org domain.
PS: Notice that some test questions may depend on other exam questions, for example, you might be asked to perform a series of restrictions on a user, but this user creation may be required in other questions. For convenient identification, each exam question has some radio buttons to help you identify which questions you have already completed or not completed. Certainly, you do not need to care these buttons if you don't need them.

Configure SELINUX -
Modify the state of selinux to Enforcing mode.

Use VIM /etc/selinux -

Correct Answer: Please see explanation

SIMULATION -
RHCE Test Configuration Instructions
Information for the two systems you will use in test is the following: system1.group3.example.com: is one of the main sever. system2.group3.example.com: mainly used as a client.
Password for both of the two systems is atenorth
System's IP is provided by DHCP, you can regard it as normal, or you can reset to Static IP in accordance with the following requirements: system1.group3.example.com: 172.24.3.5 system2.group3.example.com: 172.24.3.10
The subnet mask is 255.255.255.0
Your system is a member of DNS domain group3.example.com. All systems in DNS domain group3.example.com are all in subnet 172.24.3.0/255.255.255.0, the same all systems in this subnet are also in group3.example.com, unless specialized, all network services required to be configured can be accessed by systems of domain group3. host.group3.example.com provides a centralized authentication service domain
GROUP3.EXAMPLE.COM, both system1 and system2 have already been pre-configured to be the client for this domain, this domain provides the following user account:

Firewall is enabled by default, you can turn it off when deemed appropriate, other settings about firewall may be in separate requirements.
Your system will be restarted before scoring, so please ensure that all modifications and service configurations you made still can be operated after the restart without manual intervention, virtual machine instances of all examinations must be able to enter the correct multi-user level after restart without manual assistance, it will be scored zero if the test using virtual machine system cannot be restarted or be properly restarted.
Corresponding distribution packages for the testing using operating system Red Hat Enterprise Linux version can be found in the following link: http://server1.group3.example.com/rhel
Part of the requirements include host security, ensure your host security limit does not prevent the request to allow the host and network, although you correctly configured the network service but would have to allow the host or network is blocked, this also does not score.
You will notice that some requirements which clearly do not allow services be accessed by service domain my133t.org, systems of this domain are in subnet
172.25.1.0/252.255.255.0, and systems of these subnets also belong to my 133t.org domain.
PS: Notice that some test questions may depend on other exam questions, for example, you might be asked to perform a series of restrictions on a user, but this user creation may be required in other questions. For convenient identification, each exam question has some radio buttons to help you identify which questions you have already completed or not completed. Certainly, you do not need to care these buttons if you don't need them.
Configure the SSH Access as required:
Users can visit your two virtual machine systems via clients of domain group3.example.com through SSH remote.

Correct Answer: Please see explanation
Solution 1:

Modify file /etc/hosts.allow -
Add a line: sshd: 172.24.11.

Modify file /etc/hosts.deny -
Add a line: sshd: 172.25.0.
Both of them need to be configured.
Solution 2:

Add a firewall -
firewall-cmd ""zone=block --add-source=172.25.11.0/24 --permanent firewall-cmd ""reload
Both of them need to be configured

SIMULATION -
RHCE Test Configuration Instructions
Information for the two systems you will use in test is the following: system1.group3.example.com: is one of the main sever. system2.group3.example.com: mainly used as a client.
Password for both of the two systems is atenorth
System's IP is provided by DHCP, you can regard it as normal, or you can reset to Static IP in accordance with the following requirements: system1.group3.example.com: 172.24.3.5 system2.group3.example.com: 172.24.3.10
The subnet mask is 255.255.255.0
Your system is a member of DNS domain group3.example.com. All systems in DNS domain group3.example.com are all in subnet 172.24.3.0/255.255.255.0, the same all systems in this subnet are also in group3.example.com, unless specialized, all network services required to be configured can be accessed by systems of domain group3. host.group3.example.com provides a centralized authentication service domain
GROUP3.EXAMPLE.COM, both system1 and system2 have already been pre-configured to be the client for this domain, this domain provides the following user account:

Firewall is enabled by default, you can turn it off when deemed appropriate, other settings about firewall may be in separate requirements.
Your system will be restarted before scoring, so please ensure that all modifications and service configurations you made still can be operated after the restart without manual intervention, virtual machine instances of all examinations must be able to enter the correct multi-user level after restart without manual assistance, it will be scored zero if the test using virtual machine system cannot be restarted or be properly restarted.
Corresponding distribution packages for the testing using operating system Red Hat Enterprise Linux version can be found in the following link: http://server1.group3.example.com/rhel
Part of the requirements include host security, ensure your host security limit does not prevent the request to allow the host and network, although you correctly configured the network service but would have to allow the host or network is blocked, this also does not score.
You will notice that some requirements which clearly do not allow services be accessed by service domain my133t.org, systems of this domain are in subnet
172.25.1.0/252.255.255.0, and systems of these subnets also belong to my 133t.org domain.
PS: Notice that some test questions may depend on other exam questions, for example, you might be asked to perform a series of restrictions on a user, but this user creation may be required in other questions. For convenient identification, each exam question has some radio buttons to help you identify which questions you have already completed or not completed. Certainly, you do not need to care these buttons if you don't need them.

Customize the User Environment -
Create a custom command on system1 and system2 named as qstat, and this custom command will execute the following command:
/bin/ps - Ao pid,tt,user,fname,rsz
This command is valid for all users in the system.

Correct Answer: Please see explanation

// You need to configure that on both two systems -

SIMULATION -
RHCE Test Configuration Instructions
Information for the two systems you will use in test is the following: system1.group3.example.com: is one of the main sever. system2.group3.example.com: mainly used as a client.
Password for both of the two systems is atenorth
System's IP is provided by DHCP, you can regard it as normal, or you can reset to Static IP in accordance with the following requirements: system1.group3.example.com: 172.24.3.5 system2.group3.example.com: 172.24.3.10
The subnet mask is 255.255.255.0
Your system is a member of DNS domain group3.example.com. All systems in DNS domain group3.example.com are all in subnet 172.24.3.0/255.255.255.0, the same all systems in this subnet are also in group3.example.com, unless specialized, all network services required to be configured can be accessed by systems of domain group3. host.group3.example.com provides a centralized authentication service domain
GROUP3.EXAMPLE.COM, both system1 and system2 have already been pre-configured to be the client for this domain, this domain provides the following user account:

Firewall is enabled by default, you can turn it off when deemed appropriate, other settings about firewall may be in separate requirements.
Your system will be restarted before scoring, so please ensure that all modifications and service configurations you made still can be operated after the restart without manual intervention, virtual machine instances of all examinations must be able to enter the correct multi-user level after restart without manual assistance, it will be scored zero if the test using virtual machine system cannot be restarted or be properly restarted.
Corresponding distribution packages for the testing using operating system Red Hat Enterprise Linux version can be found in the following link: http://server1.group3.example.com/rhel
Part of the requirements include host security, ensure your host security limit does not prevent the request to allow the host and network, although you correctly configured the network service but would have to allow the host or network is blocked, this also does not score.
You will notice that some requirements which clearly do not allow services be accessed by service domain my133t.org, systems of this domain are in subnet
172.25.1.0/252.255.255.0, and systems of these subnets also belong to my 133t.org domain.
PS: Notice that some test questions may depend on other exam questions, for example, you might be asked to perform a series of restrictions on a user, but this user creation may be required in other questions. For convenient identification, each exam question has some radio buttons to help you identify which questions you have already completed or not completed. Certainly, you do not need to care these buttons if you don't need them.
Configure port forwarding on the system1, as required:
1. The systems in the network 172.24.11.0/24, local port 5423 for accessing system1 will be forwarded to 80
(2) This setting must be permanent

Correct Answer: Please see explanation
Use Graphical interface to configure
Use firewall-config to open the Graphical interface in CLI
Adjust the configuration: drop-down menu to permanent
Add a strategy to the public area of the "Port Forwarding"
systemctl restart firewalld.service // Reload the firewall strategy