LPI202 Certification

The LPI certification is a vendor-neutral Linux credential that measures critical Linux system and Network administration skills. LPI prides itself on delivering statistically valid exams and provides a quality testing experience for candidates around the globe. The LPIC Level II certification consists of two exams, LPI 201 and LPI 202. This 5-day course focuses on the LPI 202 exam and addresses the following knowledge areas:

  • Network configuration
  • Mail and news
  • DNS
  • Web Services
  • Network Client Management
  • System Security
key facts buy online

• code: lp202eng
• 5 days
Download outline
• Print licence available

Student edition
A4 format
A5 format
Instructor edition
A4 format
A5 format

Target audience

This course is designed for students with 1-2 years of Linux experience that are interested in passing the LPI 202 exam. A general understanding of Linux System Administration tasks is helpful but not required

Course content

Networking   Configuring the network interface . The Loopback interface . Ethernet interfaces . Routing through a gateway . Virtual Private Networks . What is a VPN? . VPN types . SSH and PPP . The Server . The Client . IPSEC . Authentication over PPP . Secrets files . The CHAP secrets file . Troubleshooting . ipconfig . ping . route . traceroute . arp and arpwatch . tcpdump . nc

DNS   BIND 8 . named conf . Syntax . The options statement . The directory statement . The forwarders statement . The forward statement . The version statement . The dialup statement . The logging statement . Predefined zone statements . Converting BIND configurations . The named Name Server Daemon . The ndc program . Signals to named . Controlling named with a Start/Stop script . Zones and reverse zones . The db.local file . The db.127 file . The hints file . Zone definitions in named.conf . The $TTL statement . Resource records . SOA record . A record . CNAME record . NS record . HINFO record . MX record . MXing a domain . Reverse zone files . PTR record . Master and slave servers . Configuring a master . Configuring a slave . Creating subdomains . Delegating a DNS zone . DNS utilities . dig . host . nslookup . Internal DNS . Limiting negotiations . Split DNS: stand-alone internal master . Configuring the master on privdns . Configuring DNS on liongate . Alternatives . Split DNS: two DNS servers on one machine . Two name servers on one machine . Configuring the internal name server . Configuring the visibile name server

DNS Security   DNS security strategies . Making information harder to obtain . Hiding the version number . Limiting access . Limiting queries . Limiting zone transfers . Controlling requests . Turning of glue . Mitigating the effects of an intrusion . Running BIND with less privileges . Running BIND in a chroot jail . Preparing a chroot jail . Running BIND chrooted . Configuration for a chrooted BIND . Combining special user and chroot . Securing name server connections . Using the dnskeygen command . Generated key files . Using the key

DHCP and NIS   What is DHCP? . Configuring the server . Global paramenters . Shared-network declarations . Subnet declarations . Group declarations . Host declaration . Sample DHCP scenario . Available network services . Subnet independent services . Subnet dependent services . Building the DHCP server's configuration file . The global parameters for services . The company's shared networks and subnets . Static hosts . Static BOOTP hosts . Controlling the DHCP server's behaviour . leases . Interfaces . Restarting the DHCP server after making changes . DHCP relaying . Configuring a system as a NIS client . Setting up NIS Master and Slave servers . Configuring Master and Slave servers . Creating NIS maps . NIS related commands . NIS related files . nis.conf . nsswitch.conf . ypserv.conf . Pluggable authentication modules . Authentication . Authentication via /etc/passwd and /etc/shadow . account . auth . password . session . Configuring authentication via NIS . Configuring authentication via LDAP

Mail and news   Majordomo . Creating a mailing list . Aliases . Majordomo files . Maintaining a mailing list . Configuring sendmail . Mail aliases . Procmail . Recipes . Internet News . Installing INN . Configuring INN . Creating news groups . Newsfeeds

LDAP   LDAP . Installing and configuring an LDAP Server . Obtaining the software . Configuring a directory hierarchy . Editing the Idif file . Adding data to the hierarchy . Changing data in the hierarchy . Additional information

Web services: Apache and Squid   Installing the Apache Web Server . Configuring Apache server options . Modularity . Run-time loading of modules (DSO) . Apache eXtenSion (APXS) support tool . Encrypted web servers: SSL . Public key cryptography . Various Apache and SSL related projects . Apache-SSL . Apache with mod_ssl . Monitoring Apache Load and Performance . Restricting Access . The access_log file . Restricting Client User Access . Configuring authentication . User files . Group files . Configuring mod_perl and mod_php . mod_perl . mod_php . Virtual hosting . Name-based virtual hosting . IP-based virtual hosting . Setting up multiple daemons . Setting up a single daemon . Customising file access . How to create a SSL server certificate . Proxy Servers: Squid . The squid.conf file . Sections in the squid.conf file . http_port . cache_dir . http_access, acl . authenticate_program . Redirectors . Authentication . Security issues . Access policies . Memory usage

System security   Denial of Service (DoS) attacks . Protecting against DoS attacks . routed . Sentry tools and PortSentry: preventing port scans . Installation and configuration . Securing FTP servers . Installing ftpd . Creating an ftp user for Anonymous FTP . Welcome message for all FTP users . Successful login messages . Directory specific messages . Preventing all FTP connections . Preventing specific users from using FTP . Restricting specific users to their home directories . Restricting groups . The Washington University FTP server . Creating an FTP user for anonymous FTP . Welcome message for all FTP users . Login message for all non-chrooted users . Directory specific messages . Preventing all FTP connections . Preventing specific users or groups from using FTP . Restricting specific users to their home directories . Additional precautions . TCP wrappers . Configuring TCP Wrappers . xinetd . Testing for Open Mail relays . Keeping track of security alerts . Bugtraq . Subscribing to the Bugtraq mailing list . Cert . Subscribing to the Cert Advisory Mailing List . CIAC . Subscribing to the mailing list

Security programs   Kerberos . Preparing the installation . Kerberos realms . Mapping hostnames on to Kerberos realms . Ports for the KDC and administrative services . Slave KDCs . Hostnames for the Master and Slave KDCs . Database propagation . Installation and configuration . Installing and configuring the Master KDC . Edit the configuration files . Create the database . Add administrators to the ACL file . Add administrators to the Kerberos database . Create a kadmind Keytab . Start the Kerberos daemons on the Master KDC . Install and configure the slave KDCs . Create host keys for the Slave KDCs . Extract host keytabs for the KDCs . Setup the Slave KDCs for database propagation . Back on the Master KDC . Propagate the database to each Slave KDC . Finish installing the Slave KDCs . Create stash files on the Slave KDCs . Start the krbSkdc daemon on each KDC . Add Kerberos principals to the database . Limiting access to the KDCs . Switching Master and Slave KDCs . Snort . Installation and configuration rules . Tripwire . Installation and configuration . The Tripwire configuration file twcfg.txt . Required variables . Other variables . The Tripwire Policy file . Comments . Directives . Variables . Rules . Nmap . Using the nmap command

Secure shell   Secure shell (ssh) . Configuring sshd . Allow or deny root logins . Allow or deny non-root logins . Enabling or disabling X forwarding . Keys and their purpose . Creating public and private user keys with ssh-keygen . using the keys . Configuring the ssh-agent . ssh-add . Enabling X-sessions . Tunnelling with ssh and port Mapping . The .rhosts and .shosts files

IPCHAINS and IPTABLES Private network addresses . IP masquerading with IPCHAINS . IP forwarding with IPCHAINS . Port redirection with IPCHAINS . IPCHAINS . The firm's network with IPCHAINS . IPTABLES . Tables and chains . The MANGLE table . The NAT table . The FILTER table . Connection tracking: stateful firewalling . Adding extra functionality . Adding targets . Adding matching modules . The firm's network with IPTABLES . Creating the firewall . Saving and restoring firewall rules

Troubleshooting Troubleshooting network issues . Cost effectiveness . Getting help . Troubleshooting tools . netstat . hostname . dmesg . lsdev . lsmod . modprobe . insmod . uname . /proc . strace . ltrace . strings . fuser . lsof

About Courseware Company :: Instructor-led training courseware :: Self-study solutions :: Buy online today

A gtslearning business division :: gtslearning CompTIA learning solutions ::Contact us :: Site map
© gtslearning, 2008. All rights reserved. Ownership of all trademarks and service marks is observed and respected.