Duration
Four days
Outline for LPIC-2 Exam Prep (Course 2) Training
Chapter 1. DNS CONCEPTS
LPI Objectives Covered
Naming Services
DNS – A Better Way
The Domain Name Space
Delegation and Zones
Server Roles
Resolving Names
Resolving IP Addresses
Basic BIND Administration
BIND Configuration Files
rndc Key Configuration
Configuring the Resolver
Testing Resolution
LAB TASKS
Configuring a Slave Name Server
Use rndc to Control named
Chapter 2. CREATING DNS HIERARCHIES
LPI Objectives Covered
named.conf Syntax
named.conf Options Block
Creating a Site-Wide Cache
Zones In named.conf
Zone Database File Syntax
SOA – Start of Authority
A, AAAA, & PTR – Address & Pointer Records
NS – Name Server
TXT, CNAME, & MX – Text, Alias, & Mail Host
Abbreviations and Gotchas
$GENERATE, $ORIGIN, and $INCLUDE
Subdomains and Delegation
Subdomains
Delegating Zones
in-addr.arpa. Delegation
Issues with in-addr.arpa.
RFC2317 & in-addr.arpa.
LAB TASKS
Configuring BIND Zone Files
Create a Subdomain in an Existing Domain
Subdomain Delegation
Chapter 3. SECURING DNS
LPI Objectives Covered
Split Namespaces
Split Namespace with Views
Address Match Lists & ACLs
Restricting Queries
Restricting Zone Transfers
Running BIND in a chroot
Securing DNS With TSIG
LAB TASKS
Securing BIND DNS
Chapter 4. IMPLEMENTING A WEB SERVER
LPI Objectives Covered
Apache Architecture
Dynamic HTTP Content
Configuring PHP
Securing PHP
Security Related php.ini Configuration
Installing PHP
Apache Configuration Files
httpd.conf – Server Settings
httpd.conf – Main Configuration
Adding Modules to Apache
Virtual Hosting DNS Implications
httpd.conf – VirtualHost Configuration
Port and IP based Virtual Hosts
Name-based Virtual Host
Apache Logging
Log Analysis
Delegating Administration
Apache Access Controls (mod_access)
HTTP User Authentication
Standard Auth Modules
HTTP Digest Authentication
Directory Protection
Directory Protection with AllowOverride
Common Uses for .htaccess
Apache Troubleshooting
LAB TASKS
Apache Architecture
Apache Content
Using .htaccess Files
CGI Scripts in Apache
Chapter 5. MAINTAINING A WEB SERVER
LPI Objectives Covered
HTTP Virtual Servers
Virtual Hosting DNS Implications
Virtual Hosting Security Implications
Port and IP based Virtual Hosts
Name-based Virtual Host
Scrubbing HTTP Headers
Symmetric Encryption Algorithms
Asymmetric Encryption Algorithms
Digital Certificates
TLS Using mod_ssl.so
LAB TASKS
Configuring Virtual Hosts
Using TLS Certificates with Apache
Using TLS Certificates with Apache
Create a TLS CA key pair
Using SSL CA Certificates with Apache
Enable Apache SSL Client Certificate Authentication
Chapter 6. NGINX, SQUID, AND DHCP
LPI Objectives Covered
Nginx
Squid Overview
Squid File Layout
Squid Access Control Lists
Applying Squid ACLs
Monitoring Squid
DHCP Protocol Operation
IP to MAC Address Mapping with ARP
Configuring a DHCP server
LAB TASKS
Nginx Web Basics
HTTPS and Reverse Proxy with Nginx
Installing and Configuring Squid
Squid Cache Manager CGI
Chapter 7. SAMBA SERVER CONFIGURATION
LPI Objectives Covered
Introducing Samba
Samba Daemons
Accessing Windows/Samba Shares from Linux
Samba Utilities
Samba Configuration Files
The smb.conf File
Share Authentication
Share-Level Access
User-Level Access
Mapping Users
Samba Account Database
User Share Restrictions
LAB TASKS
Samba Share-Level Access
Chapter 8. NFS SERVER CONFIGURATION & SECURING FTP SERVERS
LPI Objectives Covered
File Sharing via NFS
NFSv4+
NFS Clients
TCP Wrappers
The /etc/hosts.allow & /etc/hosts.deny Files
/etc/hosts.{allow,deny} Shortcuts
Advanced TCP Wrappers
NFS Server Configuration
The FTP Protocol
Active Mode FTP
Passive Mode FTP
vsftpd
Configuring vsftpd
Anonymous FTP with vsftpd
Pure-FTPd
ProFTPD
LAB TASKS
NFS Server Configuration
Configuring vsftpd
Chapter 9. PAM AUTHENTICATION
LPI Objectives Covered
PAM Overview
PAM Module Types
PAM Order of Processing
PAM Control Statements
PAM Modules
pam_unix
pam_limits.so
pam_cracklib.so
pam_listfile.so
pam_tally2.so
pam_console.so
LAB TASKS
Setting Limits with the pam_limits Modules
Using pam_limits to Restrict Simultaneous Logins
Chapter 10. CONFIGURING AN OPENLDAP SERVER AND CLIENT
LPI Objectives Covered
LDAP
What LDAP Provides
LDAP Concepts
LDAP Organization
Entry Referencing
Online LDAP Data Manipulation
Querying LDAP Databases
OpenLDAP: Server Architecture
OpenLDAP: Backends
OpenLDAP: Replication
OpenLDAP: Configuration Options
OpenLDAP: Configuration Sections
OpenLDAP: Global Parameters
OpenLDAP: Database Parameters
OpenLDAP Server Tools
Enabling LDAP-based Login
System Security Services Daemon (SSSD)
LAB TASKS
Querying LDAP
Building An OpenLDAP Server
Enabling TLS For An OpenLDAP Server
Enabling LDAP-based Logins
Chapter 11. USING E-MAIL SERVERS
LPI Objectives Covered
SMTP
SMTP Terminology
SMTP Architecture
SMTP Commands
SMTP Session
Sendmail Architecture
Sendmail Configuration
Sendmail Remote Configuration
Controlling Access
Sending Email with sendmail
Exim
Postfix Features
Postfix Architecture
Postfix Components
Postfix Configuration
master.cf
main.cf
Virtual Domains
Configuration Commands
Postfix Logging
Advanced Postfix Options
LAB TASKS
Configuring Sendmail
Configuring Postfix
Postfix Virtual Host Configuration
Postfix Network Configuration
Postfix SMTP AUTH Configuration
Postfix STARTTLS Configuration
SUSE Postfix Configuration Cleanup
Chapter 12. MANAGING LOCAL AND REMOTE E-MAIL DELIVERY
LPI Objectives Covered
Filtering Email
Procmail
SpamAssassin
Accessing Email
The IMAP4 Protocol
Courier IMAP
Dovecot POP3/IMAP Server
LAB TASKS
Configuring Procmail & SpamAssassin
Dovecot Setup
Chapter 13. CONFIGURING A ROUTER AND SECURITY TASKS
LPI Objectives Covered
IPv4 Fundamentals
TCP/UDP Fundamentals
Security Advisories
Discovering Hosts
nmap
Netcat
Nessus/OpenVAS Insecurity Scanner
Configuring OpenVAS
Intrusion Detection Systems
Snort Rules
Writing Snort Rules
Linux as a Router
Configuring Routing Tables
SUSE Basic Firewall Configuration
Using the iptables Command
Netfilter Rule Syntax
Netfilter Concepts
Targets
Common match_specs
Netfilter: Stateful Packet Filter Firewall
Connection Tracking
Address Translation
Configuring NAT and PAT
LAB TASKS
NMAP
OpenVAS
Securing Services with SuSEfirewall2
Securing Services with Netfilter
Chapter 14. OPENSSH AND OPENVPN
LPI Objectives Covered
Secure Shell
OpenSSH Client & Server Configuration
Accessing Remote Shells
SSH Port Forwarding
Transferring Files
SSH Key Management
ssh-agent
OpenVPN
LAB TASKS
Introduction to ssh and scp
SSH Key-based User Authentication
Using ssh-agent
OpenVPN