Cloud Infrastructure Engineer

Acme, Inc.

You have started the timed AbilityScreen for Acme, Inc.. You will have 60 minutes to complete this assessment. All of your solutions must survive a server reboot, so be sure to save any services and init files.

Step 1: Login to the server with your favorite SSH client, using the credentials below

Host: as-1234.ascreen.co (127.0.0.1)

User: root

Password: swhzYjLv4n

Step 2: Complete the following test scenarios

There are 11 scenarios below, spread over 4 technology areas (Apache, MySQL, General Linux, Networking). When you finish your exam return to this page and press "End Assessment" above.

Apache

    Install/Troubleshoot

    1. VirtualHost Troubleshooting Easy

      Apache is installed, and configured to serve the VirtualHost as-1234.ascreen.co, however due to a misconfiguration the service is failing to start. Resolve any issues with Apache, so that the service starts and the content for the site is served properly.

      You can test Apache by hitting http://as-1234.ascreen.co in your browser or via cURL.


    Configure

    1. VirtualHost Configuration with HTTP Authentication Medium

      Using the content from /root/files/apache/data, create a new VirtualHost in Apache based on the following specifications:

      • Name: admin.as-1234.ascreen.co
      • Documents served from: /var/www/vhosts/admin3/htdocs
      • Configure HTTP Basic Authentication, for only the sub-directory /private using the following specifications:
        • An authentication user file located at /var/www/vhosts/admin3/.htpasswd that supports the following user. All passwords must be encrypted with the SHA encryption algorithm:
          • User Bob password XYZjacob
        • An authentication group file located at /var/www/vhosts/admin2/.htgroup with the following:
          • Group users that includes the users pauland mary
          • Group admins that only includes the users sam, and jack
        • Allow access to /con to only users in the admins group

      The contents of the site should be accessible at http://admin.as-1234.ascreen.co without authentication, however http://admin2.as-1234.ascreen.co/con should only be accessible after authentication with one of the user in the admins group.


    Advanced

    1. Compile, Install, and Configure External DSO Module Difficult

      In the directory /root/files/apache/example_78cee is the source code for an example DSO module. You must complete the following tasks:

      • Compile the Apache module source code in /root/files/apache/example_78cee
      • Install the example_78cee module to the standard Apache module directory for this system

      You should be able to verify that your compiled module is functional by hitting http://http://as-1234.ascreen.co/example-78cee in your browser or via cURL.


General Linux

    Install/Troubleshoot

    1. User Management Easy

      Configure the server to meet the following requirements:

      1. Create a new user named with the following parameters:
        • Home Directory: /data/home//alice
        • Password: gabEGVB
        • Shell: Any Non-Interactive Shell
      2. The existing user brian is currently unable to login via SSH, Terminal, or even via the su command. Resolve whatever issue is preventing this user from obtaining a shell. Note that the user's password is GBk!2@3.
      3. The existing user chuck is unable to create any new files in their $HOME directory. Resolve whatever issue is preventing the user from creating files. Note that the user's password is KMVDS34.

    Configure

    1. System Logging Medium

      Configure the servers logging system to meet the following requirements:

      1. Configure Logrotate so that:
        1. The file /var/log/messages is rotated when it's size is 500MB or more.
      2. Configure Rsyslog so that:
        1. All logs are forwarded to the central log server address 192.168.2.5.
        2. Syslog messages sent to the local3 facility of any priority are logged to the file /var/log/local3.log

    Advanced

    1. System Performance and Tuning Difficult

      Configure the server to meet the following requirements:

      1. Limit the user tuser so that they are able to run no more than 10 processes at a time.
      2. Tune the server to use swap space 40% of the time rather than the current value of 85%.

MySQL

    Install/Troubleshoot

    1. Recover Root User Password Easy

      The current password for the MySQL root user account has been lost. Reset the MySQL root user password to BVC9!@.


    Configure

    1. Configure Localhost-Only Connectivity Medium

      Configure MySQL so that the only network interface it will respond to is localhost (127.0.0.1).


    Advanced

    1. Create a View Difficult

      Create a view in database D528 called high_codes that will only list entries from the codes table that have a value other than blue in the color column.


Networking

    Install/Troubleshoot


    Configure

    1. Configure The System to Ignore PING Requests Medium

      Configure the server so that it will not respond to ping requests from localhost, or from any external host.


    Advanced

    1. Configure IPTABLES Port Forwarding Medium

      Configure IPTABLES to forward SSH connections destined for port 2011 to the standard port of 22.


When you finish your exam return to this page and press "End Assessment".