Our pass rate is high to 98.9% and the similarity percentage between our RH302 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Red Hat RH302 exam in just one try? I am currently studying for the Red Hat RH302 exam. Latest Red Hat RH302 Test exam practice questions and answers, Try Red Hat RH302 Brain Dumps First.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Red Hat RH302 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW RH302 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/RH302-exam-dumps.html
Q141. CORRECT TEXT
Deny the ALL services to the member of cracker.org but allow to trusted.cracker.org.
Answer and Explanation:
1. vi /etc/hosts.deny
ALL:.cracker.org EXCEPT trusted.cracker.org
We can secure the services using tcp_wrappers. There are main two files, /etc/hosts.allow and /etc/hosts.deny.
There will be three stage access checking
-Is access explicitly permitted? Means permitted from /etc/hosts.allow?
- Otherwise, Is access explicitly denied? Means denied from /etc/hosts.deny?
- Otherwise, by default permit access if neither condition matched.
To deny the services we can configure /etc/hosts.deny file using ALL and EXCEPT operation.
Pattern of /etc/hosts.allow and /etc/hosts.deny file is:
Demon_list:client_list:options
In Client list can be either domain name or IP address.
Q142. CORRECT TEXT
There are two different networks 192.168.0.0/24 and 192.168.1.0/24. Where 192.168.0.254 and 192.168.1.254 IP Address are assigned on Server. Verify your network settings by pinging 192.168.1.0/24 Network's Host.
Answer and Explanation:
At exam time read the Lab Scenario carefully. Actually there are two different networks one is 192.168.0.0/24 where your system resides know as example.com
domain and another is 192.168.1.0/24 know as cracker.org domain.
One server named sever1.example.com having 192.168.0.254 and 192.168.1.254 is running in your exam. If you make a gateway to that server, you will can ping because IP forwarding is enabled on that server.
1. vi /etc/sysconfing/network
NETWORKING=yes
HOSTNAME=station?.example.com
GATEWAY=192.168.0.254
2. service network restart
Or
1. vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=X.X.X.X
NETMASK=X.X.X.X
GATEWAY=192.168.0.254
2. ifdown eth0
3. ifup eth0
Note: If gateway is specified in both file, default gateway takes from interface specific file.
Q143. CORRECT TEXT
Create the directory /storage and group owner should be the sysusers group.
Answer and Explanation:
1. chgrp sysusers /storage
2. Verify using ls -ld /storage command. You should get like
drwxr-x--- 2 root sysusers 4096 Mar 16 17:59 /storage
chgrp command is used to change the group ownership of particular files or directory.
Another way you can use the chown command.
chown root:sysusers /storage
Q144. CORRECT TEXT
Give Full Permission to owner user and owner group member but no permission to others on /data.
Answer and Explanation:
We can change the permission of file/directory either character symbol method or numeric method.
Permission:
r-Read
w-Write
x-Execute
Permission Category
u- Owner User
g- Owner Group
o- Others
Operators
+ à Add the Permissions
- à Remove the Permissions
= à Assigns the Permissions
Numeric Method:
4àRead
2à Write
1àExecute
Total: 7, total for owner user, owner group member and for others : 777
1. chmod u+rwx /data
2. chmod g+rwx /data
3. chmod o-rwx /data
or
chmod 770 /data
4. Verify the /data : ls -ld /data
5. You will get drwxrwx---
Q145. CORRECT TEXT
Install the dialog-*
Answer and Explanation:
Questions asking you to install the dialog package from the server. In your Lab FTP server as well as NFS server are configured. You can install either through FTP or NFS.
1. Just Login to server1.example.com through FTP: ftp server1.example.com
2. Enter to pub directory: cd pub
3. Enter to RedHat/RPMS: cd RedHat/RPMS
4. Download the Package: mget dialog-*
5. Logout from the FTP server: bye
6. Install the package: rpm -ivh dialog-*
7. Verify the package either installed or not: rpm -q dialog
Q146. CORRECT TEXT
Who ever creates the files/directories on /data group owner should be automatically should be the same group owner of /data.
Answer and Explanation:
1. chmod g+s /data
2. Verify using: ls -ld /data
Permission should be like:
drwxrws--- 2 root sysadmin 4096 Mar 16 18:08 /data
If SGID bit is set on directory then who every users creates the files on directory group owner automatically the owner of parent directory.
To set the SGID bit: chmod g+s directory
To Remove the SGID bit: chmod g-s directory
Q147. CORRECT TEXT
Share /data directory using NFS only to example.com members. These hosts should get read and write access on shared directory.
Answer and Explanation:
1. vi /etc/exports
/data *.example.com(rw,sync)
Check the SELinux Context, should be like this:
-rw-r--r-- root root system_u:object_r:exports_t /etc/exports
Use the restorecon -R /etc command to restore the selinux context of the file.
2. service nfs start | restart
3. service portmap start | restart
4. chkconfig nfs on
5. chkconfig portmap on
In Linux to share the data we use the /etc/exports file. Pattern is:
Path client(permission)
Shared Directory Path, Client can be single host or domain name or ip address. Permission should specify without space with client lists in parentheses. NFS is RPC service so portmapper service should restart after starting the nfs service.
Q148. CORRECT TEXT
Create the directory /archive and group owner should be the sysuser group.
Answer and Explanation:
1. chgrp sysuser /archive
2. Verify using ls -ld /archive command. You should get like
drwxr-x--- 2 root sysadmin 4096 Mar 16 17:59 /archive
chgrp command is used to change the group ownership of particular files or directory.
Another way you can use the chown command.
chown root:sysuser /archive
Q149. CORRECT TEXT
Deny to all users except root to run cron schedule.
Answer and Explanation:
1. vi /etc/cron.allow
root
or
vi /etc/cron.deny
Write all user name to deny.
/etc/cron.allow, /etc/cron.deny file is used to control users to allow or deny. If /etc/cron.allow file is created only that users are allowed to run cron schedule. Another way to deny to users is /etc/cron.deny write all user name on single line.
Q150. CORRECT TEXT
Port 8080
Configure the squid server to allow the Local Domain and deny to my133t.org domain.
Answer and Explanation:
At exam Lab example.com domain resides on 172.24.0.0/16 Network and my133t.org resides on 172.25.0.0/16 Network.
1. vi /etc/squid/squid.conf
#detault:
http_port 8080
#Recommended minimum configuration:
# Near the src acl src section
acl allownet src 172.24.0.0/255.255.0.0
acl denynet src 172.25.0.0/255.255.0.0
#Default:
# http_access deny all
#Under Here
http_access allow allownet
http_access deny denynet
2. service squid start
3. chkconfig squid on
squid is a proxy caching server, using squid we can share the internet, block the internet, to certain network. First we should define the port for squid, the standard port for squid is 3128. We can run squid on different port by specifying http_port portnumber.
