Security Questions

Which firewall management tool uses zones to group interfaces and apply different trust levels, and is the default firewall manager on RHEL and Fedora...

An administrator hardens an SSH server to prevent the root account from logging in directly via SSH while allowing other users to authenticate. Which ...

An administrator needs to allow a junior administrator to run only the command `systemctl restart apache2` as root using sudo, without granting broade...

An administrator needs to enforce a minimum password length of 12 characters using PAM on a Linux system. Which PAM module and configuration location ...

Which file is the primary configuration file for the SSH server daemon (`sshd`) on a Linux system?

An administrator configures AppArmor on Ubuntu to test a new application profile before enforcing it. Which AppArmor mode logs violations without bloc...

An administrator needs to generate a SHA-512 password hash from the command line to use in `/etc/shadow` or an Ansible playbook. Which command generat...

An administrator needs to generate a new RSA SSH key pair for use with SSH public key authentication. Which command creates the key pair?

An administrator needs to create a self-signed TLS certificate and private key for a test HTTPS server using a single OpenSSL command. Which command i...

An administrator needs to configure a Linux workstation for Kerberos-based single sign-on to a corporate Active Directory domain. Which file is the pr...

An administrator implements account lockout using `pam_faillock` to lock accounts after 3 failed login attempts. During testing, root can still log in...

An administrator uses firewalld and needs to permanently allow the `http` service in the `public` zone. Which command adds this rule persistently?

An administrator uses nftables and needs to make firewall rules persist across reboots on a RHEL 9 system. Which approach ensures nftables rules are a...