Examination: Linux Administration Expert
Examination Code: ICT-LAE-1
The letters in bold are the domain ID.
|
| A. Linux Kernel |
| A1. Basic of Linux Kernel |
A1.1 Know the purpose of kernel.
A1.2 Know the characteristic of Linux kernel
A1.3 Able to identify stable and development kernel
A1.4 Understand modules of Linux kernel
A1.5 Know how to load and unload Linux kernel modules
A1.6 Able to change the parameter of Linux kernel via proc filesystem or sysctl |
| A2. Linux Kernel Compiling |
A2.1 Know how to validate the Linux kernel source code via digital signature
A2.2 Able to disable or enable a specific features of the Linux kernel
A2.3 Able to compile a Linux kernel and kernel modules
A2.4 Know when and how to clean the kernel source
A2.5 Able to install compiled Linux kernel and kernel modules |
| A3. Linux Kernel Patching |
A3.1 Know what is patch file
A3.2 Able to how to apply a patch |
| A4. Linux Kernel initrd image |
A4.1 Know what is initrd image
A4.2 Know when we need initrd image
A4.3 Able to how to create initrd image on Debian system |
| B. Linux Disk I/O |
| B1. Linux Software RAID |
B1.1 Understand the RAID 0, 1 and 5
B1.2 Able to setup software RAID on GNU/Linux
B1.3 Able to maintain and recover software RAID on GNU/Linux |
| B2. Linux Logical Volume Management |
B2.1 Understand the LVM on GNU/Linux
B2.2 Able to setup LVM on GNU/Linux
B2.3 Able to maintain and recover LVM on GNU/Linux |
| C. GNU/Linux File and Printer Sharing |
| C1. CIFS on GNU/Linux |
C1.1 Able to access CIFS shared directory from GNU/Linux
C1.2 Able to setup a Samba server
C1.3 Able to add and configure a shared directory on Samba
C1.4 Able to add and configure a shared printer on Samba |
| C2. NFS on GNU/Linux |
C2.1 Able to access NFS exported directory from GNU/Linux
C2.2 Able to setup an NFS server on GNU/Linux
C2.3 Able to add and control the access of a exported directory on NFS server
|
| C3. CUPS on GNU/Linux |
C3.1 Able to print on remote printer via CUPS from GNU/Linux
C3.2 Able to setup a CUPS on GNU/Linux
C3.3 Able to add and configure a printer and printer class on CUPS |
| D. System Maintenance |
| D1. System Logging on GNU/Linux |
D1.1 Able to configure syslogd as a central network log server
D1.2 Able to configure syslogd to send log to a central network log server
D1.3 Able to use egrep and other text utils for simple log analysis |
| D2. Packaging Software for GNU/Linux |
D2.1 Understand the basic structure of RPM and DPKG package
D2.2 Able to extract a DPKG package without dpkg tool
D2.3 Able to build and rebuild a RPM package
D2.4 Able to build and rebuild a DPKG package |
| D3. Filesystem Hierarchy Standard |
D3.1 Understand FHS 2.3
D3.2 Know how to place file properly |
| E. System Automation |
| E1. Intermediate Shell Programming |
E1.1 Able to do simple calculation with awk
E1.2 Able to do simple modification with sed |
| F. Network Configuration |
| F1. Basic Network Configuration |
F1.1 Able to configure GNU/Linux to connect to a local network |
| F2. Advanced Network Configuration |
F2.1 Able to configure a multi-homed network device
F2.2 Able to resolve networking communication problems |
| G. Mail Services |
| G1. Basic Mail Services |
G1.1 Understand the components of the e-mail system including MTA, MUA, MDA and MRA
G1.2 Know the name of popular open-source MTA
G1.3 Understand the problem of open relay mail server
G1.4 Know the different between maildir and mbox format |
| G2. Using Postfix |
G2.1 Setup a simple Internet e-mail server with Postfix
G2.2 Able to setup a simple mailing list with mail aliasing
G2.3 Able to setup Postfix to handle several domain |
| H. DNS |
| H1. Basic BIND 8 configuration |
H1.1 Able to configure BIND to function as a caching-only DNS server
H1.2 Able to reload BIND server
H1.3 Able to create zone file for forward or reverse zone server |
| I. WWW Services |
| I1. Basic Apache Services |
I1.1 Able to setup a simple Apache WWW server
I1.2 Able to configure Apache to use virtual hosts for websites without dedicated IP address
I1.3 Able to restrict client user access by IP address, User and Browser
I1.4 Know the Multi-Processing Module of Apache
I1.5 Able to configure Apache server option such as maximum requests, minimum and maximum servers and clients |
| I2. Intermediate Apache Services |
I2.1 Able to create an SSL certification for Apache and defining SSL definitions in configuration using OpenSSL
I2.2 Able to customizing file access by implementing redirect, alias and rewrite statement in Apache's configuration files |
| I3. Implementing a proxy server |
I3.1 Able to install and configure a proxy server using Squid
I3.2 Able to implement access policies, setting up authentication and utilizing memory usage |
| J. Network Client management |
| J1. DHCP configuration |
J1.1 Able to configure a DHCP server and set default options, create subnet, and create a dynamically-allocated range.
J1.2 Able to adding a static host, setting options for a single host |
| K. System Security |
| K1. Configuring a router |
K1.1 Able to configure iptables to perform IP masquerading and state the significance of Network Address Translation and Private Network Address in protecting a network
K1.2 Able to configure port redirection, list filtering rules, and writing rules that accept or block datagrams based upon source or destination protocol, port and address |
| K2. Secure Shell |
K2.1 Able to configure openssh server to allow or deny root logins, enable or disable X forwarding.
K2.2 Able to generating server keys, generating a user's public/private key pair, adding configure a user account to allow ssh access via public/private key authentication
K2.3 Able to configure port forwarding to tunnel an application protocol over ssh |
| K3. TCP Wrappers |
K3.1 Able to configure tcp wrapper to allow connection to specified server from only certain hosts or subnets. |
| K4. Security Tasks |
K4.1 Know where to receive security alerts |
Certification 
