While cleaning out my desk today, I ran across an old CS exam for a System Administration I class. It's not directly *nix security related, but I didn't think it was a General Chit-Chat kind of post. One problem. No answer key. I'll leave my answers at the bottom. If anyone disagrees with one of my answers, I'd love to be corrected! The questions range from general commands to filesystems to ethics to networking to service configuration. I hope it gives you some good brain exercise.

This test was given on 11/28/2000 by Professor John Sechrest. Good luck!

1) You notice that there is a lot of mail going through your system. It seems that someone has invented a new program that will send large attatchments to your mail aliases. You are afraid that your system will run out of spool space for your users as this program keeps sending lots of large attachments around. How do you find out how much space you have available on your mail spool partition?

a) df -k /var/spool/mail
b) ls -ldg /var/spool/mail
c) dd if=/var/spool/mail of=/var/spool
d) ls -s /var/spool/mail/* | wc
e) quotacheck /var/spool/mail

2) Your monitoring software pages you and tells you that SMTP on your mail relay host is down. You decide to log onto the machine and see if it is down for real. Which of the following will be the way to find if an smtp service is running?

a) ps -aux | grep -i sendmail
b) ps -ae | grep -i smtp
c) ls /proc/* | grep -i sendmail
d) cat /etc/inetd.conf | grep -i sendmail
e) cat /etc/services | grep -i smtp

3) When you create an account on the linux system, the useradd command can create the account. To delete the account, you have to reverse the process. Which of the following is NOT something that needs to be done when removing a users account:

a) remove the password and group file entries
b) remove fstab entries for this user
c) remove the mail spool entry
d) remove crontab entries for this user
e) remove files owned by the user on the various file systems

4) You find that cleaning up a bunch of files is taking a long time. You have a program called "clean.files". So you think that it would be wise to run a job and leave it running while you log out, but you want to watch its progress while you are currently logged in. Which of the following would let you do that?

a) clean.files < clean.output ; tail clean.output &
b) clean.files | clean.output &; tail clean.output
c) clean.files & | tail - f
d) clean.output < clean.files &; tail -f clean.output
e) clean.files > clean.output &; tail -f clean.output

5) If you want a file called "xyz" to have the permissions -rwSrwsr-x, which command would you use:

a) chmod 3775 xyz
b) chmod 0775 xyz
c) chmod 2775 xyz
d) chmod 3755 xyz
e) chmod 6675 xyz

6) If you had a service providing telnet, and you decided that you wanted to move which port that telnet was running on, which command would you run:

a) go into the tcpd configuration file and change the port for telnet
b) change the definition of telnet in the services file
c) change the rpcinfo file entry of telnet to another number
c) run telnet from inetd or xinetd
e) edit the inetd/xinetd telnet line to use UDP, so that you don't need a port number

7) As you look at your new DSL modem, you notice that there are several configurations that it can set to, but you use the default and notice that the IP address of your neighbor is on the same network as you. In this case the DSL modem is being used as:

a) a packet filter
b) a bridge
c) a router
d) a gateway
e) an ATM filter

8) Given the strings:

vail
aspen
alta

Which regular expression below will match the first two but not the third?

a) *[il]*
b) [av]*
c) [^v]*s*
d) *[^a]$
e) *l*

9) I have a program called "RiverSite" that reports the water levels of Mary's River. I want to create a service that reports this to people. How can I take my existing program and trivially make it provide service to some specific IP addresses?

a) write a program to put the data into a database and use Cold Fusion to build a web page
b) write a network program wrapper and use it to connect to the network
c) put a line in the /etc/services for RiverSite
d) put a line in /etc/inetd with appropriate lines in /etc/hosts.allow, /etc/hosts.deny
e) write a CGI program that calls this program and puts the resutls in a file in HTML

10) As you are reading the mail for postmaster, you find several bounced mail messages. In one of them, the address was a typo and the message was therefore bounced to the postmaster address. Before you notice the typo address, you read the message for any blaring invalid control characters. In this email, the content of the message is an internal note about a plan to disrupt the career of a friend of yours. What do you do about this message?

a) send a note to your friend that his job is in danger and save the message
b) send a note to the originator and his boss outlining your opinions of his diabolical strategy
c) send a note back to the originator of the message telling them that the message was sent to the wrong place because it bounced and that you read the message in the process
d) do nothing and delete the message
e) do nothing, but save the message for later just in case

11) Your system has a BIOS problem where it does not set the clock correctly after 1/1/2000. The correct solution is to upgrade the BIOS or to reburn a PROM to fix the underlying problem. However, given that you don't have a PROM burner, you decide you need to just set the clock when the machine is booting. You have found a command rdate that will force the clock to be read from another machine.

Where is the best place to put this command so it will be run at the right time?

a) in /etc/rc.local at the end of the file
b) in a cron job that gets run every hour
c) in the root account .login file
d) in the /etc/rc.sysinit, making adjustments when it is reading the hardware clock
e) in the /etc/nsswitch.conf file

12) You are installing a new system running Apache. You want to create a dynamically created database driven website. You install Postgres SQL. And you want to run PHP to connect the database to the web server.

What file needs to be changed to connect the PHP services to Apache?

a) the inetd.conf file
b) the .htaccess file
c) the httpd.conf file
d) the Postgres postmaster.conf file
e) the /etc/services file

13) I was wandering around this morning and I was looking at the web logs for all of the systems we have. I found a directory that puzzled me:

# cd /export/var/log/httpd
# ls -ald OLD

drwxrwxrwx 2 www info 1548288 Jun 4 13:27 OLD/

What information can you deduce from this output?

a) this directory is old and is never accessed. it just has junk in it.
b) this directory is a high security and well protected directory
c) this is a small directory that has been accessed recently
d) this directory must have many files in it and will likely be very slow to access the files within it
e) this is a file that can only hold about 1500 files, because the blocksize is 1024

14) You are working at an ISP. This ISP has two dedicated T1's to the outside network and 4 dedicated T1's to down stream clients. All of these clients use your ISP as their sole route to the network.

Which routing protocol should you run on your router?

a) BGP
b) RIP
c) IGP
d) ICMP
e) none, use static routes

15) You are starting up a new system on the network.

You are going to create a configuration by hand.
You know the IP address is 198.68.22.21
You know the subnet mask is 255.255.255.128
You know the broadcast address is 198.68.22.127

How many hosts can you put on this network, including the router?

a) 127
b) 22
c) 126
d) 253
e) 222

================================ My Answers ============================









roswell1329's answers:
1. a
2. a
3. b
4. e
5. e
6. b
7. b -- I said a bridge, because I couldn't see any other way that you would get your neighbor's address without some kind of broadcast ping like a bridged environment
8. d
9. b
10. c
11. a
12. c
13. d
14. a (?)
15. c -- I think it's 127 minus the .127 address that's reserved. Is that right?