Professional Documents
Culture Documents
Exam Objectives Version: 4.5 (Exam code 202-450). Note: the exam with the v4.0 objectives (https://wiki.lpi.org/wiki/LPIC-2_Objectives_V4) (202-400) will remain available
until August 2017. You may write any version of the exams and they will count toward your LPIC-2 equally.
About Objective Weights: Each objective is assigned a weighting value. The weights indicate the relative importance of each objective on the exam. Objectives with higher
weights will be covered in the exam with more questions.
Web Services
File Sharing
Network Client
Management
E-Mail Services
System Security
Description:Candidates should be able to con gure BIND to function as a caching-only DNS server. This objective includes the ability to managing a running server and con guring
logging.
The following is a partial list of the used les, terms and utilities:
/etc/named.conf
/var/named/
/usr/sbin/rndc
kill
host
http://www.lpi.org/our-certications/exam-202-objectives 1/6
12/7/2017 Exam 202 Objectives | Linux Professional Institute
host Find Training (http://cs.lpi.org/caf/Xamman/partner) Register (https://cs.lpi.org/caf/Xamman/register)
dig
Verify LPI Credentials (https://cs.lpi.org/caf/Xamman/certi cation)
Description:Candidates should be able to create a zone le for a forward or reverse zone and hints for root level servers. This objective includes setting appropriate values for
records, adding hosts in zones and adding zones to the DNS. A candidate should also be able to delegate zones to another DNS server.
/var/named/
zone le syntax
resource record formats
named-checkzone
named-compilezone
master le-format
dig
nslookup
host
Description:Candidates should be able to con gure a DNS server to run as a non-root user and run in a chroot jail. This objective includes secure exchange of data between DNS
servers.
/etc/named.conf
/etc/passwd
DNSSEC
dnssec-keygen
dnssec-signzone
Description:Candidates should be able to install and con gure a web server. This objective includes monitoring the servers load and performance, restricting client user access,
con guring support for scripting languages as modules and setting up client user authentication. Also included is con guring server options to restrict usage of resources. Candidates
should be able to con gure a web server to use virtual hosts and customize le access.
Description:Candidates should be able to install and con gure a proxy server, including access policies, authentication and resource usage.
squid.conf
acl
http_access
Description:Candidates should be able to install and con gure a reverse proxy server, Nginx. Basic con guration of Nginx as a HTTP server is included.
Nginx
Reverse Proxy
Basic Web Server
/etc/nginx/
nginx
Description:Candidates should be able to set up a Samba server for various clients. This objective includes setting up Samba as a standalone server as well as integrating Samba as a
member in an Active Directory. Furthermore, the con guration of simple CIFS and printer shares is covered. Also covered is a con guring a Linux client to use a Samba server.
Troubleshooting installations is also tested.
Samba 4 documentation
Samba 4 con guration les
Samba 4 tools and utilities and daemons
Mounting CIFS shares on Linux
Mapping Windows user names to Linux user names
User-Level, Share-Level and AD security
Description:Candidates should be able to export lesystems using NFS. This objective includes access restrictions, mounting an NFS lesystem on a client and securing NFS.
/etc/exports
exportfs
showmount
nfsstat
http://www.lpi.org/our-certications/exam-202-objectives 3/6
12/7/2017 Exam 202 Objectives | Linux Professional Institute
nfsstat
Find Training (http://cs.lpi.org/caf/Xamman/partner) Register (https://cs.lpi.org/caf/Xamman/register)
/proc/mounts
/etc/fstab Verify LPI Credentials (https://cs.lpi.org/caf/Xamman/certi cation)
rpcinfo
mountd
portmapper
Description:Candidates should be able to con gure a DHCP server. This objective includes setting default and per client options, adding static hosts and BOOTP hosts. Also included
is con guring a DHCP relay agent and maintaining the DHCP server.
dhcpd.conf
dhcpd.leases
DHCP Log messages in syslog or systemd journal
arp
dhcpd
radvd
radvd.conf
Description:The candidate should be able to con gure PAM to support authentication using various available methods.This includes basic SSSD functionality.
/etc/pam.d/
pam.conf
nsswitch.conf
pam_unix, pam_cracklib, pam_limits, pam_list le, pam_sss
sssd.conf
Description:Candidates should be able to perform queries and updates to an LDAP server. Also included is importing and adding items, as well as adding and managing users.
ldapsearch
ldappasswd
ldapadd
ldapdelete
Description:Candidates should be able to con gure a basic OpenLDAP server including knowledge of LDIF format and essential access controls.
OpenLDAP
Directory based con guration
Access Control
Distinguished Names
Changetype Operations
Schemas and Whitepages
Directories
Object IDs, Attributes and Classes
slapd
slapd-con g
LDIF
slapadd
slapcat
slapindex
/var/lib/ldap/
loglevel
http://www.lpi.org/our-certications/exam-202-objectives 4/6
12/7/2017 Exam 202 Objectives | Linux Professional Institute
Topic 211: E-Mail Services Find Training (http://cs.lpi.org/caf/Xamman/partner) Register (https://cs.lpi.org/caf/Xamman/register)
Weight:4
Description:Candidates should be able to manage an e-mail server, including the con guration of e-mail aliases, e-mail quotas and virtual e-mail domains. This objective includes
con guring internal e-mail relays and monitoring e-mail servers.
Description:Candidates should be able to implement client e-mail management software to lter, sort and monitor incoming user e-mail.
211.3 Managing Remote E-Mail Delivery
Weight:2
Description:Candidates should be able to install and con gure POP and IMAP daemons.
/etc/dovecot/
dovecot.conf
doveconf
doveadm
Description:Candidates should be able to con gure a system to forward IP packet and perform network address translation (NAT, IP masquerading) and state its signi cance in
protecting a network. This objective includes con guring port redirection, managing lter rules and averting attacks.
/proc/sys/net/ipv4/
/proc/sys/net/ipv6/
/etc/services
iptables
ip6tables
Description:Candidates should be able to con gure an FTP server for anonymous downloads and uploads. This objective includes precautions to be taken if anonymous uploads are
permitted and con guring user access.
Con guration les, tools and utilities for Pure-FTPd and vsftpd
Awareness of ProFTPd
Understanding of passive vs. active FTP connections
http://www.lpi.org/our-certications/exam-202-objectives 5/6
12/7/2017 Exam 202 Objectives | Linux Professional Institute
Understanding of passive vs. active FTP connections
Find Training (http://cs.lpi.org/caf/Xamman/partner) Register (https://cs.lpi.org/caf/Xamman/register)
Description:Candidates should be able to con gure and secure an SSH daemon. This objective includes managing keys and con guring SSH for users. Candidates should also be
able to forward an application protocol over SSH and manage the SSH login.
ssh
sshd
/etc/ssh/sshd_con g
/etc/ssh/
Private and public key les
PermitRootLogin, PubKeyAuthentication, AllowUsers, PasswordAuthentication, Protocol
Description:Candidates should be able to receive security alerts from various sources, install, con gure and run intrusion detection systems and apply security patches and bug xes.
telnet
nmap
fail2ban
nc
iptables
212.5 OpenVPN
Weight:2
Description:Candidates should be able to con gure a VPN (Virtual Private Network) and create secure point-to-point or site-to-site connections.
OpenVPN
/etc/openvpn/
openvpn
LPI is the global certi cation standard and career support organization for open source professionals. With more than500,000 exams delivered, it's the worlds rst and largest
vendor-neutral Linux and open source certi cation body. LPI has certi ed professionals in over 180 countries, delivers exams in 9 languages, and has over 400 training partners.
Our purpose is to enable economic and creative opportunities for everybody by making open source knowledge and skills certi cation universally accessible.
(https://www.linkedin.com/company/3513
(https://www.facebook.com/LPIConnec
(https://twitter.com/lpiconnect)
Contact Us (http://www.lpi.org/about-lpi/contact-us)
Privacy and Cookie Policy (http://www.lpi.org/privacy-and-cookie-policy)
Copyright 1999-2017 The Linux Professional Institute Inc. All rights reserved.
http://www.lpi.org/our-certications/exam-202-objectives 6/6