Hardware and System Configuration - 21%

• GRUB
• GRUB2

2.Boot options

• UEFI/EFI
• PXE
• NFS
• Boot from ISO
• Boot from HTTP/FTP

2.File locations

• /etc/default/grub
• /etc/grub2.cfg
• /boot
• /boot/grub
• /boot/grub2
• /boot/ef

3.Boot modules and files

• Commands
  mkinitrd
  dracut
  grub2-install
  grub2-mkconfig
• initramfs
• efi files
• vmlinuz
• vmlinux

4.Kernel panic

• lsmod
• insmod
• modprobe
• modinfo
• dmesg
• rmmod
• depmod

2.Locations

• /usr/lib/modules/[kernelversion]
• /usr/lib/modules
• /etc/modprobe.conf
• /etc/modprobe.d/

• ping
• netstat
• nslookup
• dig
• host
• route
• ip
• ethtool
• ss
• iwconfig
• nmcli
• brctl
• nmtui

2.Configuration files

• /etc/sysconfig/network-scripts/
• /etc/sysconfig/network
• /etc/hosts
• /etc/network
• /etc/nsswitch.conf
• /etc/resolv.conf
• /etc/netplan
• /etc/sysctl.conf
• /etc/dhcp/dhclient.conf

3.Bonding

• Aggregation
• Active/passive
• Load balancing

• Raw devices
• GPT
• MBR

2.File system hierarchy

• Real file systems
• Virtual file systems
• Relative paths
• Absolute paths

3.Device mapper

• LVM
• mdadm
• Multipath

4.Tools

• XFS tools
• LVM tools
• EXT tools
• Commands
  mdadm
  fdisk
  parted
  mkfs
  iostat
  df
  du
  mount
  umount
  lsblk
  blkid
  dumpe2fs
  resize2fs
  fsck
  tune2fs
  e2label

5.Location

• /etc/fstab
• /etc/crypttab
• /dev/
• /dev/mapper
• /dev/disk/by-
  id
  uuid
  path
  multipath
• /etc/mtab
• /sys/block
• /proc/partitions
• /proc/mounts

6.File system types

• ext3
• ext4
• xfs
• nfs
• smb
• cifs
• ntfs

• VM
• OVA
• OVF
• JSON
• YAML
• Container images

2.Bootstrapping

• Cloud-init
• Anaconda
• Kickstart

3.Storage

• Thin vs. thick provisioning
• Persistent volumes
• Blob
• Block

4.Network considerations

• Bridging
• Overlay networks
• NAT
• Local
• Dual-homed

5.Types of hypervisors
6.Tools

• libvirt
• virsh
• vmm

• /etc/timezone
• /usr/share/zoneinfo

2.Commands

• localectl
• timedatectl
• date
• hwclock

3.Environment variables

• LC_*
• LC_ALL
• LANG
• TZ

4.Character sets

• UTF-8
• ASCII
• Unicode

Systems Operation and Maintenance - 26%

• .rpm
• .deb
• .tar
• .tgz
• .gz

2.Installation tools

• RPM
• Dpkg
• APT
• YUM
• DNF
• Zypper

3.Build tools

• Commands
  make
  make install
  ldd
• Compilers
• Shared libraries

4.Repositories

• Configuration
• Creation
• Syncing
• Locations

5.Acquisition commands

• wget
• curl

• useradd
• groupadd

2.Modification

• usermod
• groupmod
• passwd
• chage

3.Deletion

• userdel
• groupdel

4.Queries

• id
• whoami
• who
• w
• last

5.Quotas

• User quota
• Group quota

6.Profiles

• Bash parameters
  User entries
  - .bashrc
  - .bash_profile
  - .profile
• Global entries
  /etc/bashrc
  /etc/profile.d/
  /etc/skel
  /etc/profile

7.Important files and file contents

• /etc/passwd
• /etc/group
• /etc/shadow

• nano
• vi

2.File readers

• grep
• cat
• tail
• head
• less
• more

3.Output redirection

• <
• >
• |
• <<
• >>
• 2>
• &>
• stdin
• stdout
• stderr
• /dev/null
• /dev/tty
• xargs
• tee
• Here documents

4.Text processing

• grep
• tr
• echo
• sort
• awk
• sed
• cut
• printf
• egrep
• wc
• paste

5.File and directory operations

• touch
• mv
• cp
• rm
• scp
• ls
• rsync
• mkdir
• rmdir
• ln
  Symbolic (soft)
  Hard
• unlink
• inodes
• find
• locate
• grep
• which
• whereis
• diff
• updatedb

• Systemctl
  Enabled
  Disabled
  Start
  Stop
  Mask
  Restart
  Status
  Daemon-reload
• Systemd-analyze blame
• Unit files
  Directory locations
  Environment parameters
• Targets
• Hostnamectl
• Automount

2.SysVinit

• chkconfig
  on
  off
  level
• Runlevels
  Definitions of 0–6
  /etc/init.d
  /etc/rc.d
  /etc/rc.local
  /etc/inittab
  Commands
  -runlevel
  -telinit
• Service
  Restart
  Status
  Stop
  Start
  Reload

• Client devices
• Bluetooth
• WiFi
• USB
• Monitors
• GPIO
• Network adapters
• PCI
• HBA
• SATA
• SCSI
• Printers
• Video
• Audio

2.Monitoring and configuration tools

• lsdev
• lsusb
• lspci
• lsblk
• dmesg
• lpr
• lpq
• abrt
• CUPS
• udevadm
  add
  reload-rules
  control
  trigger

3.File locations

• /proc
• /sys
• /dev
• /dev/mapper
• /etc/X11

4.Hot pluggable devices

• /usr/lib/udev/rules.d (System rules - Lowest priority)
• /run/udev/rules.d (Volatile Rules)
• /etc/udev/rules.d (Local Administration - Highest priority)
• /etc/udev/rules.d

• Wayland
• X11

2.GUI

• Gnome
• Unity
• Cinnamon
• MATE
• KDE

3.Remote desktop

• VNC
• XRDP
• NX
• Spice

4.Console redirection

• SSH port forwarding
  Local
  Remote
  X11 forwarding
  VNC

5.Accessibility

Security - 19%

• Read, write, execute
• User, group, other
• SUID
• Octal notation
• umask
• Sticky bit
• SGID
• Inheritance
• Utilities
  chmod
  chown
  chgrp
  getfacl
  setfacl
  ls
  ulimit
  chage

2.Context-based permissions

• SELinux configurations
  disabled
  permissive
  enforcing
• SELinux policy
  targeted
• SELinux tools
  setenforce
  getenforce
  sestatus
  setsebool
  getsebool
  chcon
  restorecon
  ls -Z
  ps -Z
• AppArmor
  aa-disable
  aa-complain
  aa-unconfined
  /etc/apparmor.d/
  /etc/apparmor.d/tunables

3.Privilege escalation

• su
• sudo
• wheel
• visudo
• sudoedit

4.User types

• Root
• Standard
• Service

• Password policies
• LDAP integration
• User lockouts
• Required, optional, or sufficient
• /etc/pam.d/
• pam_tally2
• faillock

2.SSH

• ~/.ssh/
  known_hosts
  authorized_keys
  config
  id_rsa
  id_rsa.pub
• User-specific access
• TCP wrappers
• /etc/ssh/
  ssh_config
  sshd_config
• ssh-copy-id
• ssh-keygen
• ssh-add

3.TTYs

• /etc/securetty
• /dev/tty#

4.PTYs
5.PKI

• Self-signed
• Private keys
• Public keys
• Hashing
• Digital signatures
• Message digest

6.VPN as a client

• SSL/TLS
• Transport mode
• Tunnel mode
• IPSec
• DTLS

• Boot loader password
• UEFI/BIOS password

2.Additional authentication methods

• Multifactor authentication
  Tokens
  -Hardware
  -Software
  OTP
  Biometrics
• RADIUS
• TACACS+
• LDAP
• Kerberos
  kinit
  klist

3.Importance of disabling root login via SSH
4.Password-less login

• Enforce use of PKI

5.Chroot jail services
6. No shared IDs
7.Importance of denying hosts
8.Separation of OS data from application data

• Disk partition to maximize system availability

9.Change default ports
10.Importance of disabling or uninstalling unused and unsecure services

• FTP
• Telnet
• Finger
• Sendmail
• Postfix

11.Importance of enabling SSL/TLS
12.Importance of enabling auditd
13.CVE monitoring
14.Discouraging use of USB devices
15.Disk encryption

• LUKS

16.Restrict cron access
17.Disable Ctrl+Alt+Del
18.Add banner
19.MOTD

• /var/log/secure
• /var/log/messages
• /var/log/[application]
• /var/log/kern.log

2.Log management

• Third-party agents
• logrotate
• /etc/rsyslog.conf
• journald
  journalctl

3.lastb

• Source
• Destination
• Ports
• Protocol
• Logging
• Stateful vs. stateless
• Accept
• Reject
• Drop
• Log

2.Technologies

• firewalld
  Zones
  Run time
• iptables
  Persistency
  Chains
• ufw
  /etc/default/ufw
  /etc/ufw/
• Netfilter

3.IP forwarding

• /proc/sys/net/ipv4/ip_forward
• /proc/sys/net/ipv6/conf/all/forwarding

4.Dynamic rule sets

• DenyHosts
• Fail2ban
• IPset

5.Common application firewall configurations

• /etc/services
• Privileged ports

• tar
• cpio
• dd

2.Compression

• gzip
• xz
• bzip2
• zip

3.Backup types

• Incremental
• Full
• Snapshot clones
• Differential
• Image

4.Off-site/off-system storage

• SFTP
• SCP
• rsync

5.Integrity checks

• MD5
• SHA

Linux Troubleshooting and Diagnostics - 20%

• Latency
  Bandwidth
  Throughput
• Routing
• Saturation
• Packet drop
• Timeouts
• Name resolution
• Localhost vs. Unix socket
• Adapters
  RDMA drivers
• Interface configurations
• Commands
  nmap
  netstat
  iftop
  route
  iperf
  tcpdump
  ipset
  Wireshark
  - tshark
  netcat
  traceroute
  mtr
  arp
  nslookup
  dig
  host
  whois
  ping
  nmcli
  ip
  tracepath

2.Storage monitoring and configuration

• iostat
• ioping
• IO scheduling
  cfq
  noop
  deadline
• du
• df
• LVM tools
• fsck
• partprobe

3.CPU monitoring and configuration

• /proc/cpuinfo
• uptime
• loadaverage
• sar
• sysctl

4.Memory monitoring and configuration

• swapon
• swapoff
• mkswap
• vmstat
• Out of memory killer
• free
• /proc/meminfo
• Buffer cache output

5.Lost root password

• Single user mode

• Process states
  Zombie
  Uninterruptible sleep
  Interruptible sleep
  Running
• Priorities
• Kill signals
• Commands
  nice
  renice
  top
  time
  ps
  lsof
  pgrep
  pkill
• PIDs

• File
• Directory

2.Access

• Local
• Remote

3.Authentication

• Local
• External
• Policy violations

4.File creation

• Quotas
• Storage
• Inode exhaustion
• Immutable files

5.Insufficient privileges for authorization

• SELinux violations

6.Environment and shell issues

• Degraded storage
• Missing devices
• Missing volumes
• Missing mount point
• Performance issues
• Resource exhaustion
• Adapters
  SCSI
  RAID
  SATA
  HBA
  - /sys/class/scsi_host/host#/scan
• Storage integrity
  Bad blocks

3.Firewall

• Restrictive ACLs
• Blocked ports
• Blocked protocols

4.Permission

• Ownership
• Executables
• Inheritance
• Service accounts
• Group memberships

5.Dependencies

• Patching
• Update issues
• Versioning
• Libraries
• Environment variables
• GCC compatibility
• Repositories

6.Troubleshooting additional hardware issues

• Memory
• Printers
• Video
  GPU drivers
• Communications ports
• USB
• Keyboard mapping
• Hardware or softwarecompatibility issues
• Commands
  dmidecode
  lshw

Automation and Scripting - 14%

• PATH
• Global
• Local
• export
• env
• set
• printenv
• echo

2.#!/bin/bash
3.Sourcing scripts
4.Directory and file permissions

• chmod

5.Extensions
6.Commenting

• #

7.File globbing
8.Shell expansions

• ${}
• $()
• ` `

8.Redirection and piping
9.Exit codes

• stderr
• stdin
• stdout

10.Metacharacters
11.Positional parameters
12.Looping constructs

• while
• for
• until

13.Conditional statements

• if
• case

14.Escaping characters

• clone
• push
• pull
• commit
• merge
• branch
• log
• init
• config

2.Files

• gitignore
• .git/