discuss: Progress of Peer Review on LPI Certification Self-Study Guide
Subject:
Re: Progress of Peer Review on LPI Certification Self-Study Guide
From:
Tor Slettnes ####@####.####
Date:
31 Jul 2004 00:23:28 -0000
Message-Id: <1091233378.13457.58.camel@knausen>
On Fri, 2004-07-30 at 16:29, s. keeling wrote:
> Incoming from Tabatha Marshall:
> > I wanted to check in with everyone and see how the peer review is going
> > on this document. Is there some content that could be added to help it,
> I thought review of this was on hold since it's only a meatless
> skeleton so far.
I also wonder about some of the "practice questions" and answers
provided: Were these actual questions on an exam?
I am asking because a number of them (both questions and answers) seem
dubious at best, and in some cases, factually wrong.
For instance:
- >Your /etc/inittab file has a line that reads "id:3:initdefault:" What
>mode will the system enter when it is booted?
>
> A. Single user mode
> B. Non-network multi-user mode
> C. Network multi-user mode
> D. GUI mode
The answer given is (C). This is true for RedHat; but not e.g.
Debian or other UNIXen. In Debian, there is no run-level distinction
between B, C, and D; runlevels 2 - 5 are all "multi-user", "network",
and if a display manager is installed, "GUI".
- >Several of your company's employees have asked for the ability to
>check their work email from home via the Internet. You have
>configured IMAP to accomodate them, but in order to complete the set
>up you must ask the firewall administrator to open the correct port
>and allow inbound connections. Which port should be opened?
>
> A. 23
> B. 25
> C. 110
> D. 143
The answer given is "D". However, this is a bad practice. Not only
is allowing inbound traffic through a firewall bad (at the very least,
the destination IP address should be restricted); but this also allows
both encrypted and unencrypted IMAP connections (encrypted after the
"STARTTLS" IMAP command). To enforce encrypted connections, use the
993 ("imaps") service -- where the client and server will start TLS
immediately on connect. In fact, this is the default port number
chosen by IMAP clients such as Outlook Express and Apple's Mail.app
once the user checks the "use encryption"/"SSL" option.
- >During a freak electrical storm both the primary and secondary DNS
>servers on your network were simultaneously struck by lightning and
>are no longer operational. In the absense of name servers which file
>can be used to do hostname to IP address lookups? (give the full
>path)
The answer give is "/etc/hosts". This is true if "dns" is specified
in /etc/nsswitch.conf (usually it is); but there are other
possibilities (e.g. using winbindd/"wins", LDAP, NIS...)
There are more examples -- but if these are actual questions and answers
provided by LPI, then they are not neccessarily "mistakes" as far as the
HOWTO is concerned.
-tor