Practice Test 3 RHCSA (EX200)

Question 1

1. Assume that you forget the root password. Reset the root password for ServerB. Change it to “passmypass” to gain
access to the system.
e
rd.break
Ctrl + X
mount -o remount rw /sysroot
chroot /sysroot
passwd root
/.autorelabel
exit
reboot

Question 2

2. RHEL Repository Server is available at "http://192.168.1.12". Configure your client-server “ServerB” to use this repository
and disable the usage of any other repositories.
mv /etc/yum.repos.d/*.repo /tmp/
subscription-manager clean
vi /etc/yum.repos.d/local.repo

File editor:

[LocalRepo_BaseOS]
name = BaseOS local repo in a server
baseurl = http://192.168.1.12/rhel9_repo/BaseOS
metadata_expire = -1
enabled = 1
gpgcheck = 0

[LocalRepo_AppStream]
name = AppStream local repo in a server
baseurl = http://192.168.1.12/rhel9_repo/AppStream
metadata_expire = -1
enabled = 1
gpgcheck = 0

dnf clean all

dnf repolist
dnf update -y

Question 3
 3. On ServerB, create a NetworkManager connection profile named "myprofile3" for the enp0s3 device with the following
settings statically:
Static IPv4 Address: 192.168.1.4/24
Static IPv6 Address: fd01::103/64
IPv4 default gateway: 192.168.1.1
IPv6 default gateway: fd01::100
IPv4 DNS servers: 8.8.8.8
IPv6 DNS server: fd01::111
DNS search domain: google.com
Use nmtui to add a connection profile named myprofil3 out of the device enp0s3
nmcli connection modify myprofile3 ipv4.addresses 192.168.1.4/24
nmcli connection modify myprofile3 ipv6.addresses fd01::103/64
nmcli connection modify myprofile3 ipv4.method manual
nmcli connection modify myprofile3 ipv6.method manual
nmcli connection modify myprofile3 ipv4.gateway 192.168.1.1
nmcli connection modify myprofile3 ipv6.gateway fd01::100
nmcli connection modify myprofile3 ipv4.dns 8.8.8.8
nmcli connection modify myprofile3 ipv6.dns fd01::101
vi /etc/resolv.conf
Add the line: search google.com
nmcli connection down myprofile3 && nmcli connection up myprofile3

Question 4

4. On ServerB, enable packet forwarding on IPV4.

sysctl net.ipv4.ip_forward
cd /etc/sysctl.d/
vi 99-sysctl.conf
Add the line: net.ipv4.ip_forward = 1
sysctl -p
sysctl net.ipv4.ip_forward

Question 5

5. Enable IPV6 packet forwarding on ServerB. This should persist after a reboot.
sysctl net.ipv6.conf.all.forwarding
vi /etc/sysctl.conf
Add the line: net.ipv6.conf.all.forwarding = 1
sysctl -p

Question 6

6. On the serverB, schedule a cron job that prints "Break Time!" Every two hours on weekdays on your current screen. Use
the root user as the user performing the cron job.
tty // Print the file name of the terminal connected to standard input.
crontab -e
 Add the line: 00 */2 * * 1-5 echo "Break Time!" > /dev/pts/0 // "/dev/pts/0" is the output of the "tty"
command.
crontab -l

Question 7

7. On ServerB, create a 512M partition using /dev/sdb, make it an ext4 file system, automatically mounted at startup under
“/mnt/data”.
fdisk /dev/sdb
n p 1 Enter +512M p w

mkfs.ext4 /dev/sdb1
mkdir -p /mnt/data
vi /etc/fstab
Add the line: /dev/sdb1 /mnt/data ext4 defaults 0 0
mount -a

Question 8

8. On ServerB, change the user sam login shell to bash.

grep sam /etc/passwd
usermod -s bin/bash sam

Question 9

9. On ServerB, create a user john with UID 1250 and expiry date 2027-12-21.
/useradd -u 1250 -e 2027-12-21 john
id john
chage -l john

Question 10

10. On ServerB, copy “/etc/hosts” file to the “/var/” directory with the name "nhosts", then do the following:
User sam can read, write, and execute the "nhosts" file.
User john can only read the "nhosts" file.
cp /etc/hosts /var/nhosts
setfacl -m u:sam:rwx /var/nhosts
setfacl -m u:john:r-- /var/nhosts
getfacl /var/nhosts

Question 11

11. On ServerB, using /dev/sdb, do the following:

1. Create a 4GiB LVM volume group named “vgroup”.
2. Create a 1GiB LVM logical volume named “lvol” inside the “vgroup” LVM volume group.
 3. The “lvol” LVM logical volume should be formatted with the ext4 filesystem and mounted persistently on the “/lvol”
directory.
4. Extend the ext4 filesystem on “lvol” by 100M.
fdisk /dev/sdb
n p 2 Enter +4 p l t 2 8e p w

pvcreate /dev/sdb2
pvdisplay
vgcreate /dev/sdb2 vgroup
vgdisplay
lvcreate -L 1G --name lvol vgroup
lvdisplay
mkfs.ext4 /dev/vgroup/lvol
mkdir /lvol
mount /dev/vgroup/lvol /lvol
df -h
vi /etc/fstab
Add the line: /dev/mapper/vgroup-lvol /lvol ext4 defaults 0 0
mount -a
lvextend -L +100M /dev/vgroup/lvol

Question 12

12. On ServerB, optimize the system to run in a virtual machine for the powersave use-case tuned profile.
systemctl start tuned
tuned-adm active
tuned-adm profile virtual-guest powersave
tuned-adm active

Question 13

13. On ServerB, write a script "/sum.sh" that can do the arithmetical operation by giving the sum of two integers entered by
any user.
vi /sum.sh

File editor:

echo "Enter number 1:"

read x
echo "Enter number 2:"
read y
(( sum = x + y))
echo "The result is = $sum"

chmod a+x /sum.sh

/sum.sh

Question 14
14. On ServerB, configure a basic web server that displays “Welcome to the RHCSA Practice Exam!” once connected to it.
Ensure the firewall allows http/https services.
dnf install httpd -y
systemctl start httpd
firewall-cmd --list-all
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
firewall-cmd --reload
vi /var/www/html/index.html
Add the line: Welcome to the RHCSA Practice Exam!
curl localhost

Question 15

15. On ServerB, find all files that are larger than 5MB in the “/etc” directory and copy them to “/find/5mfiles”.
mkdir -p /find/5mfiles
find /etc/ -size +5M -exec cp {} /find/5mfiles \;

Question 16

16. On ServerB, all new users should have a file name “Welcome” in their home folder after account creation.
touch /etc/skel/Welcome

Question 17

17. On ServerB, all user passwords should expire after 60 days and be at least 9 characters in length.
vi /etc/login.defs
Change line to: PASS_MAX_DAYS = 60
vi /etc/security/pwquality.conf
Change line to: minlen = 9

Question 18

18. On ServerB, create users alex, peter, carl, and dan, then do the following:
1. alex and peter are members of the accounting group. carl and dan are members of the finance group.
2. Create shared group directories “/groups/accounting” and “/groups/finance”.
3. Make the group “accounting” the owner group of the “/groups/accounting” directory, and the group “finance” the
owner group of the “/groups/finance” directory.
4. Grant the groups that own the accounting and finance directories full access to these directories.
5. Others don't have access to the (accounting/finance) directories.
6. New files created in the directories (accounting/finance) belong to the group of which the directory is a member.
7. Members of the group “finance” have read and execute permissions on the “/groups/accounting” directory and all of
its subdirectories and files.
groupadd accounting
groupadd finance
useradd alex && useradd peter && useradd carl && useradd dan
 usermod -aG accounting alex && usermod -aG accounting peter
usermod -aG finance carl && usermod -aG finance dan
cat /etc/passwd
mkdir -p /groups/accounting
mkdir -p /groups/finance
ls -ld /groups/accounting
chgrp accounting /groups/accounting
chgrp finance /groups/finance
chmod g+rwx /groups/accounting
chmod g+rwx /groups/finanace
chmod o-rwx /groups/accounting
chmod o-rwx /groups/finance
chmod g+s /groups/accounting
chmod g+s /groups/finance
setfacl -Rm g:finance:r-x /groups/accounting
getfacl /groups/accounting
ls -ld /groups/finance

Question 19

19. Set up SSH Passwordless root Login in ServerA.

ping 192.168.1.11
ssh-keygen
ssh-copy-id root@192.168.1.11
ssh root@192.168.1.11

Question 20

20. Permit root login on ServerB.

vi /etc/ssh/sshd_config
Change line to: PermitRootLogin yes

Question 21

21. On ServerB, set SELinux to “enforcing” mode.

getenforce
setenforce 1

OR
vi /etc/selinux/config
Change line to: SELINUX=enforcing

Question 22

22. On ServerB, do the following:

 1. Install container-tools.
2. Use podman to search for the official httpd container.
3. Inspect the httpd image using skopeo.
4. Use podman to pull the httpd image.
5. Set the "container_manage_cgroup" SELinux Boolean value to "on" and make it persistent.
dnf install container-tools -y
podman search httpd --filter=is-official
skopeo inspect docker://docker.io/library/httpd
podman pull docker.io/library/httpd
stesebool -P container_manage_cgroup

Question 23

23. Which of the following commands replaces each occurrence of 'sam' in the file letter with 'Sam' and writes the result to the
file newletter?
sed 's/sam/Sam/g' letter > newletter // We need the g term to keep searching for 'sam' patterns in the file
until the end.

Question 24

24. Which of the following command sequences overwrites the file sample.txt?
echo "Hello There!" > sample.txt

Question 25

25. What is the default nice level when a process is started using the nice command?
10

Question 26

26. Which of the following settings for umask ensures that new files have the default permissions -rw-r----- ?
-rw-r----- = 640
666 - 640 = 027 // Rememebr base permission for files is 666 and has to be usbtracted by the umask value in order
to get the actual default permissions
0027

Question 27

27. Which of the following commands set the sticky bit for the directory /tmp? (Choose TWO correct s.)
chmod +t /tmp
chmod 1775 /tmp
the '1' at the start of the octal value indicates to have 's' and 't' terms on permissions
Question 28

28. What is the output of the following command?

for code in a b c; do
echo -n ${code};
done
abc

Question 29

29. Which command makes the shell variable named VARIABLE visible to subshells?
export VARIABLE

Question 30

30. Which command is used to sync the hardware clock to the system clock? (Specify ONLY the command without any path or
parameters.)
hwclock
ntpd // Not a command
timesync // Not a command
timedatectl // Does not sync hw clock with sys clock
hwclock is the correct answer

Question 31

31. The output of the program date should be saved in the variable actdate. What is the correct statement?
actdate= date
date | actdate
actdate=date
set actdate='date'
actdate = `date`

Question 32

32. After issuing:

function myfunction { echo $1 $2 ; }
in Bash, which output does:
myfunction A B C
Produce?
BC
CBA
AB
ABC
AB
Please note how functions are structured (the '{ }' signs and spaces are required as well as the ';' sign to end
command)
Question 33

33. On ServerB, search the user sam data in the “/etc/passwd” file and append the output in “/users/data”.
mkdir /users
touch /users/data
grep sam /etc/passwd >> /users/data

Question 34

34. On ServerB, build an image named "are_you_ready" from a Containerfile that shows "Are You Ready?" when you run a
container. You are required to run a new container from the "are_you_ready" image and name it "are_you_ready_run ".
The Containerfile should follow these instructions:
Base Image: Red Hat Universal Base Image 8 (ubi8/ubi).
The container should display "Are You Ready?" once you run it.
mkdir ~/Are_You_Ready
cd ~/Are_You_Ready
vi are_you_ready_cp
Add the line: echo "Are You Ready???????"
chmod 755 are_you_ready_cp // In order for it to be executable
podman search ubi8 // Get the ubi8/ubi image name
vi Containerfile

File editor:

FROM registry.access.redhat.com/ubi8/ubi
COPY are_you_ready_cp /usr/local/bin
ENTRYPOINT "/usr/local/bin/are_you_ready" # ENTRYPOINT ["echo", "Are you Ready?"] (also works)

Note are_you_ready is the name of the file in the host directory that will be copied to the container
In this case /usr/local/bin can be replaced by whatever other location in the container, even just / would also work
The ENTRYPOINT keyword works as the CMD keyword but without having the option to enter command-line parameters
In this case the ENTRYPOINT is being used to run a "script"
buildah build -t are_you_ready . // Build image based on a Containerfile
podman run --name are_you_ready_run are_you_ready

Question 35

35. On ServerB, using disk /dev/sdb, do the following:

1. Create a 5T thin provisioned volume "mythinvol" under the 2G thin pool "mythinpool" in the 4G volume group "myvg".
2. Extend the size of "mythinpool" by 1G.
3. Rename the thin pool from "mythinpool" to "thinpool1".
4. Rename the thin provisioned volume from "mythinvol" to "thinvol1".
lsblk
fdisk /dev/sdb
p n p 3 Enter +4G p l t 3 8e p w
lsblk
pvcreate /dev/sdb3
pvs
 vgcreate myvg /dev/sdb3
vgs
lvcreate -L 2G --thinpool mythinpool myvg
lvcreate -V 5T -T -n mythinvol myvg/mythinpool
Note the -V option stands for "virtual size" and the -T specifies to create a thin volume.
lvs
lvextend -L +1G /dev/myvg/mythinpool
lvrename /dev/myvg/mythinpool thinpool1
lvrename /dev/myvg/mythinvol thinvol1
lvs

Question 36

36. On ServerB, configure autofs to mount the "/home" directory of the remote NFS server at boot time. The remote NFS
server's IP address is "192.168.1.100" and the exported directory is "/nfs/home". Ensure that the mount is accessible to all
users on the local system.
dnf install autofs -y
dnf install nfs-utils -y
vi /etc/auto.master
Add the line: /home /etc/auto.nfs --ghost --timeout 30
vi /etc/auto.nfs
Add the line: * -fstype=nfs,rw,soft,initr 192.168.1.100:/nfs/home
systemctl enable autofs --now

!!! Question 37

37. Which of the following commands overwrites the bootloader located on /dev/sda without overwriting the partition table or
any data following it?

# dd if=/dev/zero of=/dev/sda bs=512

# dd if=/dev/zero of=/dev/sda bs=440 count=1
# dd if=/dev/zero of=/dev/sdabs=512 count=1
# dd if=/dev/zero of=/dev/sda bs=440
# dd if=/dev/zero of=/dev/sda bs=440 count=1

Overall explanation
The MBR is 512 bytes. The partition table is at the end, in the area after 440 bytes so, if you wanted to overwrite the
bootloader located on /dev/sda without overwriting the partition table or any data following it, then you could use the
command:
dd if=/dev/zero of=/dev/sda bs=440 count=1

Note that

This command is used to overwrite the first 440 bytes (or 1 boot sector) of the hard disk drive with zeros. This can be
used as a security measure to prevent data recovery or to remove a boot loader, as it removes the boot loader code
from the drive.

Important
 It is important to note that this command should be used with caution, as it can permanently erase data and render
the drive unusable if not used correctly.

Question 38

38. On ServerB, write a script named “/find_rf.sh” that prints out a list of files owned by root and with the SUID bit set in /usr.

- `vi /find_rf.sh`

File editor:

#!/bin/bash
find /usr/ -type f -user root -perm -u=s

Note the -perm option as well as how the 'mode' has a - first in -u=s , this allow us to find files that have that
permissions but not necessarily only that permission.
chmod a+x /find_rf.sh
/find_rf.sh

Question 39

39. Which of the following commands will send output from the program myapp to both standard output (stdout) and the file
myfile.log?
myapp | cat > myfile.log
myapp | tee myfile.log
cat < myapp | cat > myfile.log
myapp 0>&1 | cat > myfile.log
myapp | tee myfile.log
The tee command outputs text to both files and stdout

Question 40

40. Which of the following is the device file name for the second partition on the only SCSI drive?
/dev/sd1p2
/dev/sda2
/dev/sd0a2
/dev/hda1
/dev/sda2
If the SCSI is the only drive in the machine it is probable that its file name is /dev/sda2

Question 41

41. Which signal is missing from the following command that is commonly used to instruct a daemon to reinitialize itself,
including reading configuration files?
 # killall -s _______ daemon
KILL, SIGKILL, 9
STOP, SIGSTOP, 19
INT, SIGINT, 2
HUP, SIGHUP, 1
HUP, SIGHUP, 1
Note you can list all the signals by doing kill -l
The SIGHUP signal disconnects a process from the parent process. This an also be used to restart processes.
For example, "killall -SIGUP compiz" will restart Compiz. This is useful for daemons with memory leaks.

Question 42

42. On ServerB, please complete the following tasks for the file "/home/$USER/myFile" which currently has the permissions "-
rw-r--r--":
1. Grant execute permission to the file owner.
2. Revoke read and write permissions for both group and other users.
touch /home/$USER/myFile
ls -l /home/$USER
stat -c %a myFile
The stat command can display file or file system status in various formats when the -c option is specified
The %a format allows us to see the permission bits of a file in octal value
chmod u+x /home/$USER/myFile
chmod go-rw /home/$USER/myFile
ls -l /home/$USER

Question 43

43. While trying to access the "/home/Passwords" file on ServerA, you received a "Permission Denied" error message. You
suspect there may be a file permission issue. Please diagnose and correct the problem.

Assuming the following:

The user trying to access the file is Sam.

The file group owner should be admins.

Note
You must create the file like the following to create the error that you are responsible for resolving as required by the task,
by following these steps:
touch /home/Passwords
chmod 000 /home/Passwords
groups
usermod -aG admins Sam
chown Sam /home/Passwords
chmod u+rw /home/Passwords
chmod g+rw /home/Passwords