First Technology Transfer

Standard and Advanced Technical Training, Consultancy and Mentoring

LPAT102 - Services Networking Security Administration - Level 1 - Part 2

Duration: 5 Days

Background and Intended Audience

This course is structured so as to follow the syllabus for the LPIC102 exam, the second of the exams that needs to be passed in order to obtain LPIC Level 1 Certification. There is much material to cover in this course and the focus is on practical system administration. This involves not only mastery of the relevant linux command line tools and utilities, but, also the ability to use SQL for processing data held in relational databases. This course is concerned with giving students the ability to configure and troubleshoot important system services such as time services, logging services, printer services and email services, configure networking and DNS correctly and also to setup SSH correctly. The modules (sections) that make up this unit cover
  • Shells, Scripting and Data Management
  • Configuring and troubleshooting Interfaces and Desktops
  • How to Perform and automate, where appropriate, essential Administrative Tasks
  • How to Manage, monitor and configure Essential System Services
  • How to Configure TCP/IP based on a good understaning of Networking Principles
  • How to Handle System Security including secure serial communications links

This course can be viewed as the second half of an intensive 10 day comprehensive Linux system administration course for beginning Linux System Administration professionals. The course is a practical course, rather than an “exam cramming course” and the labs , case studies, scenarios and examples are designed to develop and reinforce knowledge in a practical and applied sense. For those taking an instructor led course many of the labs provided are intended for post course study. For those pursuing this course as a distance learning course the labs will form a part of their course work. The emphasis on this course is on mastery of the most commonly needed day to day Linux system administration skills. For those pursuing this course as a distance learning course the required study and lab session time is from 100 to 200 hours.

Prerequisites

Students are expected to have completed the LPAT101 course or its equivalent and have spent at least a month or two practicing and using the techniques taught on that course. Students are also expected to have an understanding of the uses of relational database and some practical experience using such databases.

Detailed Course Outline

  • Advanced shell programming for system administration and user support purposes
    • Customising the shell environment and knowing how to set environment variables (e.g. PATH) at login or when spawning a new shell
    • Implementing Bash functions for frequently used sequences of commands
    • Scripts for creating and maintaining skeleton directories for new user accounts
    • Setting up a command search path with the proper directory
    • Key files, terms, commands, concepts and utilities - source, /etc/bash.bashrc, /etc/profile, env, export, set, unset, ~/.bash_profile, ~/.bash_login, ~/.profile, ~/.bashrc, ~/.bash_logout , function, alias, lists
    • Implementing full structured shell scripts that make full use of sequence, selection and iteration and that, also, make full use of variable and command substitution
    • Managing the location, ownership, execution and suid-rights of scripts
    • Specifying the script interpreter to use through the shebang (#!) line
  • Interact with relational databases using SQL and command line database client applications
    • Overview of relational databases and SQL
    • Ability to manipulate data using DML (Data Manipulation Language) commands
    • Understanding the basic syntax and keywords of SQL - insert, update, select, delete, from, where, group by, order by, join
    • Ability to create and drop database objects using DDL (Data Definition Language) commands
    • Connecting to a database server over a TCP/IP network and over a Unix Domain Socket
  • Installing , configuring and setting up user interfaces and desktops
    • Installation and configuration of X11
    • Understanding the X11 protocol
    • checking whether a video card and monitor are supported by the X11 server
    • Understanding the contents of the X Window configuration file
    • Display managers - setup and configuration and awareness and knowledge of lightDM, KDM, and GDM
    • Knowledge of accessibility technologies - accessibility settings (accessX), visual settings and themes, accessibility technologies (ATs)
    • Awareness of setup and uses of Sticky/Repeat Keys, Slow/Bounce/Toggle Keys, Mouse Keys, High Contrast/Large Print Desktop Themes, Screen Reader, Braille Display, Screen Magnifier, On-Screen Keyboard, Gestures (used at login, for example GDM) , Orca, GOK, emacspeak
  • Managing Users and Groups and their associated accounts in a Professional Way
    • Adding, removing, changing and suspending user accounts
    • Adding, modifying and removing users and groups
    • Managing user/group info in password/group databases
    • Creating and managing special purpose and limited accounts
    • Implementing scripts for handling employees who are made redundant or sacked.
    • Devising and enforcing a password ageing policy
    • Key Commands and utilities - chage, getent, groupadd, groupdel, groupmod, passwd, useradd, userdel, usermod
    • Key Files - /etc/passwd, /etc/shadow, /etc/group, /etc/skel/
  • Automation of Administration Tasks by scheduling admin jobs
    • Using cron or anacron to run jobs at regular intervals
    • Use at to run jobs at a specific time
      • Knowing how to
      • Manage cron and at jobs
      • Configure user access to cron and at services
      • Configure anacron
  • Handling localisation and internationalisation
      • Localizing a system in a language other than English. Understanding the use of LANG=C in the context of shell scripts Understanding encodings including such as UTF-8 , ISO-8859 , ASCII , Unicode Key files - /etc/timezone, /etc/localtime, /usr/share/zoneinfo/, /usr/bin/locale Key Utilities - tzselect, timedatectl, date, iconv Key variables and parameters - LC_*, LC_ALL, LANG, TZ
  • Management of Key System Services - System Time, System Logging, Mail, Printer services
    • System Time - Knowing how to
      • Set the system date and time
      • Set the hardware clock to the correct time in UTC
      • Configure the correct timezone
      • Knowledge of basic NTP configuration and synchronisation of the system clock with NTP
      • Knowing how to make use of the pool.ntp.org service
      • Understanding and knowing how to use the ntpq command
      • Key files - /usr/share/zoneinfo/, /etc/timezone, /etc/localtime, /etc/ntp.conf
      • Key Utilities - date, hwclock, ntpd, ntpdate
    • System Logging
      • Understanding Linux Auditing and Reporting
      • Configuring the logging daemon to send log output to a central log server or accept log output as a central log server
      • Understanding the log file formats and priorities and actions associated with logging
      • Configuring and using the systemd journal subsystem.
      • Planning and configuring logrotate
      • Key files and directories - /var/log/, /etc/logrotate.conf, /etc/logrotate.d/, /etc/systemd/journald.conf, /var/log/journal/
      • Key daemons and utilities - syslogd, klogd, logger, logrotate, journalctl
    • Linux MTA (Mail Transfer Agent) - Installation, Administration and Configuration
      • Overview of SMTP and Linux SMTP Servers - Postfix, Sendmail, Qmail, Exim
      • Setting up mail forwarding and alias configuration
      • Working with Sendmail emulation commands
      • Linux mail command - sending mail from the command line and sending mail from shell scripts.
    • Managing Printers , Print Queues and Print Jobs
      • Understanding the Linux printing framework
      • CUPS configuration principles for local and remote printer access
      • Managing user print queues
      • Adding and removing jobs from configured printer queues
      • Shell scripts to control printing and run print jobs periodically
      • Working with CUPS - filter and backend shell scripting
      • Working with the CUPS lpd legacy interface using lpr, lprm and lpq commands.
  • Linux TCP/IP Networking for System Administrators
    • IPv4 addressing - dotted decimal notation, subnet masks and CIDR
    • Private vs. public IPv4 addresses
    • Common TCP and UDP services and their associated well know port numbers
    • ICMP
    • IPv4 and IPv6 compared and essentials of IPv6
    • Use and contents of /etc/services
    • Configuration and network settings on client hosts
    • Contents and uses of /etc/hostname , /etc/hosts , /etc/nsswitch.conf
    • Command line tools and utilities for network configuration and troubleshooting - ifconfig, ifup, ifdown, ip, route, ping
    • Manual and automatic configuration of network interfaces and routing tables - knowing how to add, start, stop, restart, delete or reconfigure network interfaces
    • Knowing how to Change, view, or configure the routing table and correct an improperly set default route manually
    • Being able to identify and Debug common problems associated with the network configuration
    • Using command line tools and utilities for network management and troubleshooting - ifconfig, ip, ifup, ifdown, route, host, hostname, dig, netstat, ping, ping6, traceroute, traceroute6, tracepath, tracepath6, netcat
    • Configure and troubleshoot client side DNS settings - Knowing how to and knowing about
      • Query remote DNS servers
      • Configure local name resolution and use remote DNS servers
      • Modify the order in which name resolution is done
      • Contents and purposes of files /etc/hosts , /etc/resolv.conf , /etc/nsswitch.conf
      • Command line tools and utilities - host, dig, getent
  • Foundations of system security administration - knowing how to and knowing about
    • Audit a system to find files with the suid/sgid bit set
    • Set or change user passwords and password ageing information
    • Use nmap and netstat to discover open ports on a system
    • Set up limits on user logins, processes and memory usage
    • Determine which users have logged in to the system or are currently logged in
    • Basic sudo configuration and usage - knowing about the contents and purpose of /etc/sudoers
    • knowing the purpose and uses of command such as - find, passwd, fuser, lsof, nmap, chage, netstat, sudo, su, usermod, ulimit, who, w, last
    • Being able to setup basic host security
      • Awareness of shadow passwords and how they work
      • Being able to Turn off network services not in use
      • Understanding the role of TCP wrappers
      • Knowledge of the purpose and contents of the file systems - /etc/nologin, /etc/passwd, /etc/shadow, /etc/xinetd.d/, /etc/xinetd.conf, /etc/inetd.d/, /etc/inetd.conf, /etc/inittab, /etc/init.d/, /etc/hosts.allow, /etc/hosts.deny
      • Knowing the basics of using encryption to secure data using public key techniques
        • Performing basic OpenSSH 2 client configuration and usage
        • Understanding the role of OpenSSH 2 server host keys
        • Basic GnuPG configuration, usage and revocation
        • Understanding SSH port tunnels (including X11 tunnels)
        • Knowing uses and contents of files ~/.ssh/id_rsa and id_rsa.pub ~/.ssh/id_dsa and id_dsa.pub , /etc/ssh/ssh_host_rsa_key and ssh_host_rsa_key.pub , /etc/ssh/ssh_host_dsa_key and ssh_host_dsa_key.pub , ~/.ssh/authorized_keys , ~/.gnupg/
        • Use and purpose of the command line tools and utilities - ssh-keygen, ssh-agent, ssh-add, ssh_known_hosts

    Call us:

    Technical enqiries: 020 8669 0769
    Sales enquiries: 020 8647 1939, 020 77681 40786