Linux

Linux Professional Institute LPIC2-202

Linux Professional Institute LPIC2-202

Share This Learning Path

Need more info? Contact us

LPIC-2 is the second certification in the multi-level professional certification program of the Linux Professional Institute (LPI). The LPIC-2 will validate the candidate's ability to administer small to medium–sized mixed networks.

Audience Profile

This course is designed to reflect current research and validate a candidate’s proficiency in real world system administration. The objectives are tied to real-world job skills, which we determine through job task analysis surveying during exam development.

Prerequisites

  • The candidate must have an active LPIC-1 certification to receive the LPIC-2 certification.

Course outline

Module 1: Domain Name Server
Module Overview

This module gives you the knowledge and skills needed to configure BIND to function as an authoritative and as a recursive, caching-only DNS server, to manage a running server and configuring logging, to create a zone file for a forward or reverse zone and hints for root level servers include setting appropriate values for records, adding hosts in zones and adding zones to the DNS and to delegate zones to another DNS server, to configure a DNS server to run as a non-root user and run in a chroot jail, at last this module include secure exchange of data between DNS servers.

Lessons

Basic DNS server configuration
Create and maintain DNS zones
Securing a DNS server

Lab Sessions

This lab session aligns to the learning objectives for the 202-450 exam.

Lab Lessons

Lab lessons not available

After completing this module, students will be able to:

BIND 9.x configuration files, terms and utilities.
Defining the location of the BIND zone files in BIND configuration files.
Reloading modified configuration and zone files.
Awareness of dnsmasq, djbdns and PowerDNS as alternate name servers.
BIND 9 configuration files, terms and utilities.
Utilities to request information from the DNS server.
Layout, content and file location of the BIND zone files.
Various methods to add a new host in the zone files, including reverse zones.
BIND 9 configuration files.
Configuring BIND to run in a chroot jail.
Split configuration of BIND using the forwarders statement.
Configuring and using transaction signatures (TSIG).
Awareness of DNSSEC and basic tools.
Awareness of DANE and related records.

Module 2: HTTP Services
Module Overview

This module gives you the knowledge and skills needed to install and configure a web server included monitoring the server’s load and performance, restricting client user access, configuring support for scripting languages as modules and setting up client user authentication, also included is configuring server options to restrict usage of resources, at last this module gives you the knowledge and skills to configure a web server to use virtual hosts and customise file access and to configure a web server to provide HTTPS, to install and configure a proxy server, including access policies, authentication and resource usage and install/configure a reverse proxy server, Nginx, basic configuration of Nginx as a HTTP server is included.

Lessons

Basic Apache configuration
Apache configuration for HTTPS
Implementing Squid as a caching proxy
Implementing Nginx as a web server and a reverse proxy

Lab Sessions

This lab session aligns to the learning objectives for the 202-450 exam.

Lab Lessons

Lab lessons not available

After completing this module, students will be able to:

Apache 2.4 configuration files, terms and utilities.
Apache log files configuration and content.
Access restriction methods and files.
mod_perl and PHP configuration.
Client user authentication files and utilities.
Configuration of maximum requests, minimum and maximum servers and clients.
Apache 2.4 virtual host implementation (with and without dedicated IP addresses).
Using redirect statements in Apache’s configuration files to customise file access.
SSL configuration files, tools and utilities.
Generate a server private key and CSR for a commercial CA.
Generate a self-signed Certificate.
Install the key and certificate, including intermediate CAs.
Configure Virtual Hosting using SNI.
Awareness of the issues with Virtual Hosting and use of SSL.
Security issues in SSL use, disable insecure protocols and ciphers.
Squid 3.x configuration files, terms and utilities.
Access restriction methods.
Client user authentication methods.
Layout and content of ACL in the Squid configuration files.
Nginx.
Reverse Proxy.
Basic Web Server.

Module 3: File Sharing
Module Overview

This module gives you the knowledge and skills needed to set up a Samba server for various clients, included setting up Samba as a standalone server as well as integrating Samba as a member in an Active Directory. Furthermore, the configuration of simple CIFS and printer shares is covered. Also covered is a configuring a Linux client to use a Samba server. Troubleshooting installations is also tested. At last this module included export filesystems using NFS, access restrictions, mounting an NFS filesystem on a client and securing NFS.

Lessons

Samba Server Configuration
NFS Server Configuration

Lab Sessions

This lab session aligns to the learning objectives for the 202-450 exam.

Lab Lessons

Lab lessons not available

After completing this module, students will be able to:

Samba 4 documentation.
Samba 4 configuration files.
Samba 4 tools and utilities and daemons.
Mounting CIFS shares on Linux.
Mapping Windows user names to Linux user names.
User-Level, Share-Level and AD security.
NFS version 3 configuration files.
NFS tools and utilities.
Access restrictions to certain hosts and/or subnets.
Mount options on server and client.
TCP Wrappers.
Awareness of NFSv4.

Module 4: Network Client Management
Module Overview

This module gives you the knowledge and skills needed to configure a DHCP server, setting default and per client options, adding static hosts and BOOTP hosts, also included is configuring a DHCP relay agent and maintaining the DHCP server, at last included configure PAM to support authentication using various available methods, basic SSSD functionality, perform queries and updates to an LDAP server, importing and adding items, as well as adding and managing users and configure a basic OpenLDAP server including knowledge of LDIF format and essential access controls.

Lessons

DHCP configuration
PAM authentication
LDAP client usage
Configuring an OpenLDAP server

Lab Sessions

This lab session aligns to the learning objectives for the 202-450 exam.

Lab Lessons

Lab lessons not available

After completing this module, students will be able to:

DHCP configuration files, terms and utilities.
Subnet and dynamically-allocated range setup.
Awareness of DHCPv6 and IPv6 Router Advertisements.
PAM configuration files, terms and utilities.
passwd and shadow passwords.
Use sssd for LDAP authentication.
LDAP utilities for data management and queries.
Change user passwords.
Querying the LDAP directory.
OpenLDAP.
Directory based configuration.
Access Control.
Distinguished Names.
Changetype Operations.
Schemas and Whitepages.
Directories.
Object IDs, Attributes and Classes.

Module 5: E-Mail Services
Module Overview

This module gives you the knowledge and skills needed to manage an e-mail server, including the configuration of e-mail aliases, e-mail quotas and virtual e-mail domains, configuring internal e-mail relays and monitoring e-mail servers, at last included implement client e-mail management software to filter, sort and monitor incoming user e-mail and install/configure POP and IMAP daemons.

Lessons

Using e-mail servers
Managing E-Mail Delivery
Managing Mailbox Access

Lab Sessions

This lab session aligns to the learning objectives for the 202-450 exam.

Lab Lessons

Lab lessons not available

After completing this module, students will be able to:

Configuration files for postfix.
Basic TLS configuration for postfix.
Basic knowledge of the SMTP protocol.
Awareness of sendmail and exim.
Understanding of Sieve functionality, syntax and operators.
Use Sieve to filter and sort mail with respect to sender, recipient(s), headers and size.
Awareness of procmail.
Dovecot IMAP and POP3 configuration and administration.
Basic TLS configuration for Dovecot.
Awareness of Courier.

Module 6: System Security
Module Overview

This module gives you the knowledge and skills needed to configure a system to forward IP packet and perform network address translation (NAT, IP masquerading) and state its significance in protecting a network, included configuring port redirection, managing filter rules and averting attacks, configure an FTP server for anonymous downloads and uploads, included precautions to be taken if anonymous uploads are permitted and configuring user access. At last this module gives you the knowledge and skills needed to configure and secure an SSH daemon, managing keys and configuring SSH for users, to forward an application protocol over SSH and manage the SSH login,to receive security alerts from various sources, install, configure and run intrusion detection systems and apply security patches and bugfixes, to configure a VPN (Virtual Private Network) and create secure point-to-point or site-to-site connections.

Lessons

Configuring a router
Managing FTP servers
Secure shell
Security tasks
OpenVPN

Lab Sessions

This lab session aligns to the learning objectives for the 202-450 exam.

Lab Lessons

Lab lessons not available

After completing this module, students will be able to:

Iptables and ip6tables configuration files, tools and utilities.
Tools, commands and utilities to manage routing tables.
Private address ranges (IPv4) and Unique Local Addresses as well as Link Local Addresses (IPv6).
Port redirection and IP forwarding.
List and write filtering and rules that accept or block IP packets based on source or destination protocol, port and address.
Save and reload filtering configurations.
Configuration files, tools and utilities for Pure-FTPd and vsftpd.
Awareness of ProFTPd.
Understanding of passive vs. active FTP connections.
OpenSSH configuration files, tools and utilities.
Login restrictions for the superuser and the normal users.
Managing and using server and client keys to login with and without password.
Usage of multiple connections from multiple hosts to guard against loss of connection to remote host following configuration changes.
Tools and utilities to scan and test ports on a server.
Locations and organisations that report security alerts as Bugtraq, CERT or other sources.
Tools and utilities to implement an intrusion detection system (IDS).
Awareness of OpenVAS and Snort.
OpenVPN.

Book Your Seat​

Find Learning Paths​

  • Search Paths

  • Vendors

Latest Learning Paths​

Join our community of certified professionals

Sign Up to our newsletter, and stay always up to date with latest IT certifications

About Us

ICTC is the leader in technical certification courses and exams. Our labs consist of a latest tech PCs and our instructors are certified from each vendor

Policy for the Prevention and Combating of Violence and Harassment in the Workplace.

Facebook Linkedin

Learn

View all the provided certifications and there relevant courses. Book online for a certification exam.

Explore

Contact Us

International Computer Training Center

Copyright reserved to ICTC. Proudly Crafted by GTP Works

Choose how to get more info...

Give as a call

211 500 2 900

Let us, call you

Send us an email