Question No : 1
Set up Kerberized curl health check from the client to verify a web service protected by SPNEGO.
정답:
Explanation:
Question No : 2
Configure the client to prefer a specific IdM server and fallback to replica if needed.
정답:
Explanation:
Question No : 3
Troubleshoot client enrollment time/DNS issues quickly.
정답:
Explanation:
Question No : 4
Create a service keytab for a custom daemon on app1 that needs Kerberos to call an HTTP backend.
정답:
Explanation:
Question No : 5
Switch SSSD to use KCM credential cache and verify automatic ticket renewal for logins.
정답:
Explanation:
Question No : 6
Set up GSSAPI delegation so Alice can hop from ws1 ® app1 ® db1 without re-auth.
정답:
Explanation:
Question No : 7
Configure SSH authorized keys from IdM (not strictly Kerberos, but client-side IdM integration).
정답:
Explanation:
Question No : 8
Enable home-dir auto-creation via PAM/oddjob for IdM logins on a client already enrolled.
정답:
Explanation:
Question No : 9
Use ldapsearch with Kerberos (SASL/GSSAPI) from a client to query IdM.
정답:
Explanation:
Question No : 10
Configure PostgreSQL on db1 for Kerberos logins by IdM users.
정답:
Explanation:
Question No : 11
Protect Apache on the client with Kerberos SSO for /secure/ using mod_auth_gssapi.
정답:
Explanation:
Question No : 12
Configure IdM automount maps on the client to auto-mount /home via IdM.
정답:
Explanation:
Question No : 13
Configure NFSv4 with Kerberos (krb5p): export /srv/projects from nfs1 and mount on app1.
정답:
Explanation:
Question No : 14
Enable SSH Kerberos SSO (GSSAPI) from workstation ws1 to server app1.
정답:
Explanation:
Question No : 15
Tune SSSD on the client to enable sudo and SSH responders and add SSSD to sudoers resolution.
정답:
Explanation:
