LPIC -2: Linux Engineer Certification Guide

Linux adoption continues to rise world-wide as individual users, government entities and industries ranging from automotive to space exploration embrace open source technologies. This expansion of open source in enterprise is redefining traditional Information and Communication Technology (ICT) job roles to require more Linux skills. Whether you’re starting your career in open source, or looking for advancement, independently verifying your skill set can help you stand out to hiring managers or your management team.

The Linux Essentials Professional Development Certificate (PDC) also serves as an ideal stepping-stone to the more advanced LPIC Professional Certification track for Linux Systems Administrators.

Current Version: 1.6 (Exam code 010-160)

Prerequisites: There are no prerequisites for this certification

Requirements: Passing the Linux Essentials 010 exam

Validity Period: Lifetime

Languages Support: English, German, Japanese.


Section 01: Capacity Planning

Section 02: Linux Kernel

Section 03: System Startup

Section 04: Filesystem and Devices

Section 05: Advanced Storage Device Administration

Section 06: Network Configuration

Section 07: System Maintenance

Section 08: Domain Name Server

Section 09: Web Services

Section 10: File Sharing

Section 11: Network Client Management

Section 12: E-mail Services

Section 13: System Security

Detailed Syllabus:

Section 01: Capacity Planning

Measure and Troubleshoot Resource Usage

Measure CPU usage
Measure memory usage
Measure disk I/O
Measure network I/O
Measure firewalling and routing throughput
Map client bandwidth usage
Match/correlate system symptoms with likely problems
Estimate throughput and identify bottlenecks in a system including networking

Predict Future Resource Needs

Use monitoring and measurement tools to monitor IT infrastructure usage
Predict capacity break point of a configuration
Observe growth rate of capacity usage
Graph the trend of capacity usage
Awareness of monitoring solutions such as Icinga2, Nagios, collected, MRTG and Cacti

Section 02: Linux Kernel

Kernel Components

Kernel 2.6.x, 3.x and 4.x documentation

Compiling a kernel

Kernel Makefiles
Kernel 2.6.x/3.x make targets
Customize the current kernel configuration
Build a new kernel and appropriate kernel modules.
Install a new kernel and any modules.
Ensure that the boot manager can locate the new kernel and associated files.
Module configuration files
Use DKMS to compile kernel modules.
Awareness of dracut

Kernel runtime management and troubleshooting

Use command-line utilities to get information about the currently running kernel and kernel modules
Manually load and unload kernel modules
Determine when modules can be unloaded
Determine what parameters a module accepts
Configure the system to load modules by name other than their file name
/proc filesystem
Content of /, /boot/, and /lib/modules/
Tools and utilities to analyze information about available hardware
Udev rules

Section 03: System Startup

Customizing SysV-init system startup

SysV init
Linux Standard Base Specification (LSB)

System Recovery

NVMe booting
GRUB version 2 and Legacy
Grub shell
Boot loader start and hand off to kernel
Kernel loading
Hardware initialisation and setup
Daemon/service initialisation and setup
Know the different boot loader install location on a hard disk or removable device.
Overwrite standard boot loader options and using boot loader shells
Use systemd rescue and emergency modes

Alternate Bootloaders

Understanding of PXE for both BIOS and UEFI
Awareness of systemd-boot and U-Boot

Section 04: Filesystem and Devices

Operating the Linux filesystem

The concept of the fstab configuration
Tools and utilities for handling swap partitions and files
Use of UUID for identifying and mounting file system
Understanding of systemd mount units

Maintaining a Linux filesystem

Tools and utilities to manipulate and ext2, ext3, and ext4
Tools and utilities to perform basic Btrfs operations, including subvolumes and snapshots
Tools and utilities to manipulate XFS
Awareness of ZFS

Creating and configuring filesystem options

Autofs configuration files
Understanding of automount units
UDF and ISO9660 tools and utilities
Awereness of other CD-ROM filesystems (HFS)
Awereness of CD-ROM filesystem extensions (Joliet, Rock Ridge, EI Torito)
Basic feature knowledge of data encryption (dm-crypt / LUKS)

Section 05: Advanced Storage Device Administration

Configuring RAID

Software RAID configuration files and utilities

Adjusting Storage Device Access

Tools and utilities to configure DMA for IDE devices including ATAPI and SATA
Tools and utilities to configure Solid State Drives including AHCI and NVMe
Tools and utilities to manipulate or analyse system resources (e.g. interrupts)
Awareness of sdparm command and its uses
Tools and utilities for iSCSI
Awareness of SAN, including relevant protocols (AoE, FCoE)

Logical Volume Manager

Tools in the LVM suite
Resizing, renaming, creating, and removing logical volumes, volume groups and physical volumes
Creating and maintaining snapshots
Activating volume groups

Section 06: Network Configuration

Basic networking configuration

Utilities to configure and manipulate Ethernet network interfaces
Configuring basic access to wireless networks

Advanced Network Configuration and Troubleshooting

Utilities to manipulate routing tables
Utilities to configure and manipulate Ethernet network interfaces
Utilities to analyze the status of the network devices
Utilities to monitor and analyze the TCP/IP traffic

Troubleshooting Network Issues

Location and content of access restriction files
Utilities to configure and manipulate Ethernet network interfaces
Utilities to manage routing tables
Utilities to list network states
Utilities to gain information about the network configuration
Methods of information about the recognized and used hardware devices
System initialization files and their contents (SysV init process)
Awareness of NetworkManager and its impact on network configuration

Section 07: System Maintenance

Make and install programs from source

Unpack source code using common compression and archive utilities
Understand basic of invoking make to compile programs
Apply Parameters to configure script
Know where source are stored by default

Backup operations

Knowledge about directories that have to be include in backups
Awareness of network backup solutions such as Amanda, Bacula, Bareos, and BackupPC
Knowledge of the benefits and drawbacks of tapes, CDR, disk or other backup media
Perform partial and manual backups
Verify the integrity of backup files.
Partially of fully restore backups.

Notify users on system-related issues

Automate communication with users through logon messages
Inform active users of system maintenance

Section 08: Domain Name Server

Basic DNS server configuration

BIND 9.x configuration files, terms and utilities
Defining the location of the BIND zone files in BIND configuration files
Reloading modified configuration and zone files
Awareness of dnsmasq, djbdns and PowerDNS as alternate name servers

Create and maintain DNS zones

BIND 9 configuration files, terms and utilities
Utilities to request information from the DNS server
Layout, content and file location of the BIND zone files
Various methods to add a new host in the zone files, including reverse zones

Securing a DNS server

BIND 9 configuration files
Configuring BIND to run in a chroot jail
Split configuration of BIND using the forwarders statement
Configuring and using transaction signatures (TSIG)
Awareness of DNSSEC and basic tools
Awareness of DANE and related records

Section 09: Web Services

Implementing a web server

Apache 2.4 configuration files, terms and utilities
Apache log files configuration and content
Access restriction methods and files
Mod_perl and PHP configuration
Client user authentication files and utilities
Configuration of maximum requests, minimum and maximum servers and clients
Apache 2.4 virtual host implementation (with and without dedicated IP addresses)
Using redirect statement in Apache’s configuration files to customize file access

Apache Configuration for HTTPS

SSL configuration files, tools and utilities
Generate a server private key and CSR for a commercial CA
Generate a self-signed Certificate
Install the key and certificate, including intermediate CAs
Configure Virtual Hosting using SNI
Awareness of the issues with Virtual Hosting and use of SSL
Security issue in SSL use, disable insecure protocols and ciphers

Implementing a proxy server

Squid 3.x configuration files, terms and utilities
Access restriction methods
Client user authentication methods
Layout and content of ACL in the Squid configuration files

Implementing Nginx as a web server and a reverse proxy

Reverse Proxy
Basic Web Server

Section 10: File Sharing

SAMBA Server Configuration

Samba 4 documentation
Samba 4 configuration files
Samba 4 tools and utilities and daemons
Mounting CIFS shares on Linux
Mapping Windows user names to Linux user names
User-Level, Share-Level and AD security

NFS Server Configuration

NFS version 3 configuration files
NFS tools and utilities
Access restrictions to certain hosts and/or subnets
Mount options on server and client
TCP Wrappers
Awareness of NFSv4

Section 11: Network Client Management

DHCP configuration

DHCP configuration files, terms and utilities
Subnet and dynamically-allocated range setup
Awareness of DHCPv6 and IPv6 Router Advertisements

PAM authentication

PAM configuration files, terms and utilities
Passwd and shadow passwords
Use sssd for LDAP authentication

LDAP client usage

LDAP utilities for data management and queries
Change user passwords
Querying the LDAP directory

Configuring an OpenLDAP server

Directory based configuration
Access Control
Distinuguished Names
Changetype Operations
Schemas and Whitepages
Object IDs, Attributes and Classes

Section 12: E-mail Services

Using e-mail servers

Configuring files for postfix
Basic TLS configuration for postfix
Basic knowledge of the SMTP protocol
Awareness of sendmail and exim

Managing E-mail Delivery

Understanding of Sieve functionality, syntax and operators
Use Sieve to filter and sort mail with respect to sender, recipient(s), headers and size.
Awareness of procmail

Managing Remote E-mail Delivery

Dovecot IMAP and POP3 configuration and administration
Basic TLS configuration for Dovecot
Awareness of Couries

Section 13: System Security

Configuring a router

Iptables and ip6tables configuration files, tools and utilities
Tools, commands and utilities to manage routing tables.
Private address ranges (IPv4) and Unique Local Addresses as well as Link Local Addresses (IPv6)
Port redirection and IP forwarding
List and write filtering and rules that accept or block IP packets based on source or destination protocol, port and address.
Save and reload filtering configurations

Securing FTP servers

Configuration files, tools and utilities for Pure-FTPd and vsftpd
Awareness of ProFTPd
Understanding of passive vs. active FTP connections

Secure shell (SSH)

OpenSSH configuration files, tools and utilities
Login restrictions for the superuser and the normal users
Managing and using server and client keys to login with and without password
Usage of multiple connections from multiple hosts to guard against loss of connection to remote host following configuration changes.

Security tasks

Tools and utilities to scan and test ports on server
Locations and organizations that report security alerts as Bugtraq, CERT or other sources
Tools and utilities to implement an instruction detection system (IDS)
Awareness of OpenVAS and Snort

Open VPN


Related Articles