Linux_Practical_Interview_1 100

Linux Practical Interview Questions (1-100)

Linux Basics

Q1: How do you check the current kernel version?

Answer:

# Check kernel version
uname -r
# or
cat /proc/version
# or
hostnamectl

Q2: How do you check system uptime?

Answer:

# Check uptime
uptime
# or
uptime -p  # pretty format
# or
cat /proc/uptime

Q3: How do you view system memory usage?

Answer:

# Check memory
free -h
# or
cat /proc/meminfo
# or
vmstat 1

Q4: How do you check disk usage?

Answer:

# Disk usage
df -h
# or
du -sh /path/to/directory
# or
lsblk

Q5: How do you check CPU information?

Answer:

# CPU info
cat /proc/cpuinfo
# or
lscpu
# or
top

---

File System Commands

Q6: How do you find files in Linux?

Answer:

# Find files
find /path -name "filename"
# Find by type
find /path -type f -name "*.log"
# Find by size
find /path -size +100M
# Find by modified time
find /path -mtime -7

Q7: How do you search inside files?

Answer:

# Search in files
grep -r "search_term" /path
# Case insensitive
grep -ri "search_term" /path
# Show line numbers
grep -n "search_term" file
# Use regex
grep -E "pattern" file

Q8: How do you use sed for text processing?

Answer:

# Replace text
sed 's/old/new/g' file
# In-place edit
sed -i 's/old/new/g' file
# Delete lines
sed '/pattern/d' file
# Print specific line
sed -n '5p' file

Q9: How do you use awk for text processing?

Answer:

# Print columns
awk '{print $1}' file
# Field separator
awk -F',' '{print $2}' file
# Conditional
awk '$3 > 50 {print $1}' file
# Sum values
awk '{sum+=$1} END {print sum}' file

Q10: How do you compress and decompress files?

Answer:

# gzip compression
gzip file
gunzip file.gz

# tar archive
tar -cvf archive.tar directory/
tar -xvf archive.tar
tar -czvf archive.tar.gz directory/
tar -xzvf archive.tar.gz

# zip
zip -r archive.zip directory/
unzip archive.zip

---

User and Permissions

Q11: How do you create and manage users?

Answer:

# Create user
useradd username
# or with home directory
useradd -m username

# Set password
passwd username

# Add to group
usermod -aG groupname username

# Delete user
userdel username

# Check user info
id username

Q12: How do you manage file permissions?

Answer:

# Change permissions
chmod 755 file
chmod +x script.sh
chmod -R 644 directory/

# Change owner
chown user:group file

# View permissions
ls -l file

Q13: How do special permissions work?

Answer:

# SUID (set user ID)
chmod 4755 file  # or chmod u+s file

# SGID (set group ID)
chmod 2755 directory  # or chmod g+s directory

# Sticky bit
chmod 1777 /tmp  # or chmod +t /tmp

# View
ls -l file  # shows s or t

Q14: How do you use sudo configuration?

Answer:

# Edit sudoers file
visudo

# Grant sudo access
username ALL=(ALL:ALL) ALL

# Passwordless sudo
username ALL=(ALL) NOPASSWD: ALL

Q15: How do you check user sessions?

Answer:

# Who is logged in
who
w
# Last login
last
lastlog
# Current user
whoami

---

Process Management

Q16: How do you view running processes?

Answer:

# View processes
ps
ps aux
ps -ef
# Interactive
top
htop
# Tree view
pstree

Q17: How do you kill processes?

Answer:

# Kill by PID
kill -15 pid  # SIGTERM (graceful)
kill -9 pid   # SIGKILL (force)
kill -2 pid   # SIGINT (Ctrl+C)

# Kill by name
pkill process_name
killall process_name

# Kill processes by pattern
pgrep pattern | xargs kill

Q18: How do you manage background jobs?

Answer:

# Run in background
command &

# List jobs
jobs

# Bring to foreground
fg %1

# Send to background
Ctrl+Z
bg %1

# Run nohup
nohup command &

Q19: How do you check process resource usage?

Answer:

# CPU and memory
top
htop
# Per-process
ps aux --sort=-%cpu | head
ps aux --sort=-%mem | head
# Detailed
/proc/PID/status

Q20: How do you manage services?

Answer:

# SystemD
systemctl start service
systemctl stop service
systemctl restart service
systemctl status service
systemctl enable service
systemctl disable service

# SysV init
service service_name start
service service_name stop

---

Networking

Q21: How do you check network configuration?

Answer:

# IP addresses
ip addr
ip link show

# Routing table
ip route
route -n

# DNS
cat /etc/resolv.conf
nslookup domain
dig domain

# Network interfaces
ifconfig
ip link

Q22: How do you test network connectivity?

Answer:

# Ping
ping -c 4 host
ping -i 0.5 host  # interval

# Traceroute
traceroute host
tracepath host

# Port scanning
nc -zv host 1-1000
telnet host port

# DNS lookup
nslookup domain
dig domain
host domain

Q23: How do you configure firewall?

Answer:

# iptables
iptables -L -n
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -j DROP
iptables-save > /etc/iptables/rules.v4

# firewalld
firewall-cmd --list-all
firewall-cmd --add-service=ssh
firewall-cmd --add-port=8080/tcp
firewall-cmd --reload

# ufw
ufw status
ufw allow ssh
ufw enable

Q24: How do you configure network bonding?

Answer:

# Create bond interface
cat /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
BONDING_OPTS="mode=1 miimon=100"
IPADDR=192.168.1.10
NETMASK=255.255.255.0

# Add slave
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
MASTER=bond0
SLAVE=yes

Q25: How do you use SSH key authentication?

Answer:

# Generate key
ssh-keygen -t rsa -b 4096
ssh-keygen -t ed25519

# Copy to server
ssh-copy-id user@host
# or
ssh user@host 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys' < ~/.ssh/id_rsa.pub

# SSH config
cat ~/.ssh/config
Host server
    HostName 192.168.1.10
    User admin
    IdentityFile ~/.ssh/id_rsa

---

Disk Management

Q26: How do you create and manage partitions?

Answer:

# List partitions
fdisk -l
lsblk
parted -l

# Create partition
fdisk /dev/sdb
# n (new), p (primary), w (write)

# Format
mkfs.ext4 /dev/sdb1
mkfs.xfs /dev/sdb1

# Mount
mount /dev/sdb1 /mnt/data

Q27: How do you create LVM?

Answer:

# Create physical volume
pvcreate /dev/sdb1

# Create volume group
vgcreate vg_data /dev/sdb1

# Create logical volume
lvcreate -L 10G -n lv_data vg_data

# Format and mount
mkfs.ext4 /dev/vg_data/lv_data
mount /dev/vg_data/lv_data /mnt/data

Q28: How do you resize LVM?

Answer:

# Extend logical volume
lvextend -L +10G /dev/vg_data/lv_data
resize2fs /dev/vg_data/lv_data

# Reduce logical volume
umount /mnt/data
e2fsck -f /dev/vg_data/lv_data
resize2fs /dev/vg_data/lv_data 5G
lvreduce -L 5G /dev/vg_data/lv_data

Q29: How do you create RAID?

Answer:

# Create RAID5
mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/sdb1 /dev/sdc1 /dev/sdd1

# Monitor RAID
mdadm --detail /dev/md0

# Simulate failure
mdadm /dev/md0 --set faulty /dev/sdb1

# Remove failed drive
mdadm /dev/md0 --remove /dev/sdb1

Q30: How do you check disk health?

Answer:

# SMART status
smartctl -a /dev/sda
smartctl -H /dev/sda

# Disk usage
df -h
du -sh /*

# I/O stats
iostat -x 1
iotop

---

Package Management

Q31: How do you use yum/dnf?

Answer:

# Install package
yum install package
dnf install package

# Update
yum update
dnf update

# Search
yum search package
dnf search package

# Remove
yum remove package
dnf autoremove

# List installed
yum list installed
dnf list installed

Q32: How do you use apt?

Answer:

# Update
apt update
apt upgrade

# Install
apt install package
apt-get install package

# Remove
apt remove package
apt autoremove

# Search
apt search package

# List installed
apt list --installed

Q33: How do you use zypper?

Answer:

# Install
zypper install package

# Update
zypper update

# Remove
zypper remove package

# Search
zypper search package

Q34: How do you build from source?

Answer:

# Download and extract
wget url
tar -xzvf file.tar.gz

# Configure
./configure --prefix=/usr/local

# Build
make

# Install
make install
# or
sudo make install

Q35: How do you manage repositories?

bash:

# yum add repo
yum-config-manager --add-repo http://repo.example.com.repo

# apt add repo
add-apt-repository ppa:name/ppa
# or
echo "deb url" > /etc/apt/sources.list.d/file.list
apt update

---

Log Management

Q36: How do you view system logs?

Answer:

# System logs
tail -f /var/log/messages
tail -f /var/log/syslog

# Auth logs
tail -f /var/log/auth.log
tail -f /var/log/secure

# Application logs
tail -f /var/log/nginx/access.log

# Journal
journalctl
journalctl -u service
journalctl -f

Q37: How do you rotate logs?

Answer:

# Logrotate config
cat /etc/logrotate.d/nginx
/var/log/nginx/*.log {
    daily
    missingok
    rotate 14
    compress
    delaycompress
    notifempty
    create 0640 www-data adm
    sharedscripts
    postrotate
        systemctl reload nginx > /dev/null
    endscript
}

Q38: How do you analyze logs efficiently?

Answer:

# Grep patterns
grep ERROR /var/log/messages
grep -c "pattern" file

# Awk analysis
awk '/ERROR/ {count++} END {print count}' file

# Sort and count
awk '{print $5}' access.log | sort | uniq -c | sort -rn

# Time-based
awk '$4 >= "[10/Oct/2023:10:00"' access.log

Q39: How do you manage syslog?

Answer:

# Rsyslog config
cat /etc/rsyslog.conf
# Rules
*.info;mail.none;authpriv.none /var/log/messages
authpriv.* /var/log/secure

# Filter by facility
:programname, isequal, "nginx" /var/log/nginx.log
& ~

Q40: How do you use systemd journal?

Answer:

# View logs
journalctl
journalctl -u nginx.service
journalctl --since "1 hour ago"
journalctl --since "2023-01-01"

# Priority
journalctl -p err

# Follow
journalctl -f

---

Shell Scripting

Q41: How do you write a basic shell script?

Answer:

#!/bin/bash
# Comments

# Variables
NAME="John"
echo "Hello $NAME"

# User input
read -p "Enter name: " NAME

# Conditionals
if [ "$NAME" == "John" ]; then
    echo "Hello John"
fi

# Loops
for i in {1..5}; do
    echo $i
done

# Functions
function greet() {
    echo "Hello $1"
}
greet "World"

Q42: How do you handle arguments?

Answer:

#!/bin/bash
# Arguments
echo $0    # Script name
echo $1    # First argument
echo $#    # Number of arguments
echo $@    # All arguments
echo $$    # PID

# Loop through arguments
for arg in "$@"; do
    echo $arg
done

# Getopts
while getopts "hvc:" opt; do
    case $opt in
        h) echo "Help";;
        v) echo "Version";;
        c) echo "Config: $OPTARG";;
    esac
done

Q43: How do you use arrays?

Answer:

# Define array
arr=(one two three)
arr[0]="one"

# Access elements
echo ${arr[0]}
echo ${arr[@]}

# Length
echo ${#arr[@]}

# Loop
for item in "${arr[@]}"; do
    echo $item
done

# Add elements
arr+=("four")

Q44: How do you use string operations?

Answer:

# Length
${#string}

# Substring
${string:position}
${string:position:length}

# Replace
${string/pattern/replacement}
${string//pattern/replacement}

# Pattern removal
${string#pattern}  # shortest match
${string##pattern} # longest match

# Case conversion
${string^^}
${string,,}

Q45: How do you handle errors?

Answer:

#!/bin/bash
# Exit on error
set -e

# Debug mode
set -x

# Capture exit code
command
echo $?

# Trap errors
trap 'echo "Error on line $LINENO"' ERR

# Custom error
if [ ! -f "$file" ]; then
    echo "File not found" >&2
    exit 1
fi

---

System Performance

Q46: How do you monitor CPU usage?

Answer:

# Real-time
top
htop
# or
glances

# Per-process
ps aux --sort=-%cpu | head
# or
pidstat 1

# System-wide
mpstat -P ALL 1
sar -u 1

Q47: How do you monitor memory usage?

Answer:

# Check memory
free -h
# or
cat /proc/meminfo

# Per-process
ps aux --sort=-%mem | head
# or
pmap -X PID

# Trends
vmstat 1
sar -r 1

Q48: How do you monitor I/O?

Answer:

# I/O stats
iostat -x 1

# Per-process I/O
iotop

# Check I/O wait
vmstat 1
# Look at 'wa' column

# Block devices
lsblk
blktrace

Q49: How do you monitor network?

Answer:

# Network stats
netstat -s
ss -s

# Per-connection
netstat -ant
ss -ant

# Bandwidth
nethogs
iftop
bmon

Q50: How do you find performance bottlenecks?

Answer:

# System resource summary
sar -A 1

# Load average
uptime
# or
cat /proc/loadavg

# Process analysis
strace -p PID  # system calls
ltrace -p PID  # library calls
perf top

---

Boot and Kernel

Q51: How do you manage systemd services?

Answer:

# Start/stop
systemctl start nginx
systemctl stop nginx
systemctl restart nginx

# Enable/disable boot
systemctl enable nginx
systemctl disable nginx

# Status
systemctl status nginx
systemctl is-active nginx

# List
systemctl list-units --type=service
systemctl list-unit-files --type=service

Q52: How do you modify kernel parameters?

Answer:

# Temporarily
sysctl -w net.ipv4.tcp_fin_timeout=30

# Persistently
echo "net.ipv4.tcp_fin_timeout=30" >> /etc/sysctl.conf
sysctl -p

# View current
sysctl -a
sysctl net.ipv4.tcp_fin_timeout

Q53: How do you manage initramfs?

Answer:

# Update initramfs
update-initramfs -u
# or
dracut -f

# List modules
lsinitramfs /boot/initrd.img-$(uname -r)

Q54: How do you manage kernel modules?

Answer:

# List loaded
lsmod

# Load module
modprobe module_name

# Unload module
modprobe -r module_name

# View module info
modinfo module_name

# Blacklist
echo "blacklist module_name" >> /etc/modprobe.d/blacklist.conf

Q55: How do you troubleshoot boot issues?

Answer:

# Check boot logs
journalctl -b
dmesg
dmesg | grep -i error

# Check failed services
systemctl --failed

# Boot options
# Edit GRUB and add: systemd.unit=emergency.target

---

Backup and Recovery

Q56: How do you create backups?

Answer:

# Using tar
tar -czpf backup.tar.gz /path

# Using rsync
rsync -avz /source/ /destination/

# Using dd
dd if=/dev/sda of=/backup/sda.img

# Using dump/restore
dump -0f /backup.dump /
restore -rf /backup.dump

Q57: How do you automate backups?

Answer:

# Cron job
crontab -e
# Add: 0 2 * * * /backup.sh

# /backup.sh
#!/bin/bash
tar -czpf /backup/$(date +%Y%m%d).tar.gz /data
find /backup -type f -mtime +30 -delete

Q58: How do you restore from backup?

Answer:

# Extract tar
tar -xzf backup.tar.gz -C /restore/path

# Rsync restore
rsync -avz /backup/ /restore/

# dd restore
dd if=/backup/sda.img of=/dev/sda

Q59: How do you use LVM snapshots?

Answer:

# Create snapshot
lvcreate -L 10G -s -n snap_name /dev/vg/lv

# Mount snapshot
mount /dev/vg/snap /mnt/snap

# Remove snapshot
lvremove /dev/vg/snap

Q60: How do you use rsync?

Answer:

# Basic sync
rsync -avz source/ destination/

# Dry run
rsync -avzn source/ destination/

# Delete files not in source
rsync -avz --delete source/ destination/

# Exclude patterns
rsync -avz --exclude='*.log' source/ destination/

# Progress
rsync -avz --progress source/ destination/

---

Security

Q61: How do you secure SSH?

Answer:

# Edit /etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
Port 2222
MaxAuthTries 3
ClientAliveInterval 300

# Restart
systemctl restart sshd

Q62: How do you configure SELinux?

Answer:

# Check status
getenforce
sestatus

# Set mode
setenforce 0  # permissive
setenforce 1  # enforcing

# Persistently
# Edit /etc/selinux/config
SELINUX=enforcing

# Manage contexts
chcon -t httpd_sys_content_t /var/www/html
semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?"

Q63: How do you use fail2ban?

Answer:

# Install
apt install fail2ban
yum install fail2ban

# Configure
cat /etc/fail2ban/jail.local
[sshd]
enabled = true
port = ssh
maxretry = 3
bantime = 3600

# Check status
fail2ban-client status
fail2ban-client status sshd

Q64: How do you audit file access?

Answer:

# Install audit
apt install auditd

# Configure rules
auditctl -w /etc/passwd -p wa -k passwd_changes
auditctl -w /var/www/html -p r -k web_access

# View logs
ausearch -k passwd_changes
aureport -f

Q65: How do you encrypt partitions?

Answer:

# LUKS encryption
cryptsetup luksFormat /dev/sdb1
cryptsetup luksOpen /dev/sdb1 crypt_vol
mkfs.ext4 /dev/mapper/crypt_vol
mount /dev/mapper/crypt_vol /mnt/data

# Close
umount /mnt/data
cryptsetup luksClose crypt_vol

---

Virtualization

Q66: How do you use Docker?

Answer:

# List containers
docker ps -a

# Run container
docker run -d -p 8080:80 --name web nginx

# Build image
docker build -t myimage .

# Manage
docker start/stop/restart container
docker exec -it container /bin/bash
docker logs -f container
docker rm container

Q67: How do you manage Docker images?

Answer:

# List images
docker images

# Pull image
docker pull nginx:latest

# Build
docker build -t myimage .

# Tag
docker tag myimage registry/myimage:v1

# Push
docker push registry/myimage:v1

# Remove
docker rmi image

Q68: How do you use Docker Compose?

Answer:

docker-compose.yml

version: '3'
services:
  web:
    image: nginx
    ports:
      - "80:80"
    volumes:
      - ./html:/usr/share/nginx/html
  db:
    image: mysql
    environment:
      MYSQL_ROOT_PASSWORD: secret

# Commands
docker-compose up -d
docker-compose down
docker-compose ps
docker-compose logs -f

Q69: How do you use KVM/QEMU?

Answer:

# Install
apt install qemu-kvm libvirt-daemon

# Create VM
virt-install --name vm1 --ram 2048 --disk size=20 --os-variant ubuntu20.04 --location http://archive.ubuntu.com/ubuntu/dists/focal/main/installer-amd64/

# Manage
virsh list --all
virsh start vm1
virsh shutdown vm1
virsh destroy vm1

Q70: How do you configure libvirt?

Answer:

# Pool management
virsh pool-define-as default dir - - - - /var/lib/libvirt/images
virsh pool-start default
virsh pool-autostart default

# Network
virsh net-define /etc/libvirt/qemu/networks/default.xml
virsh net-start default

---

Monitoring and alerting

Q71: How do you set up Prometheus?

Answer:

# Install
docker run -d -p 9090:9090 prom/prometheus

# prometheus.yml
global:
  scrape_interval: 15s
scrape_configs:
  - job_name: 'node'
    static_configs:
      - targets: ['localhost:9100']

# Add node exporter
docker run -d -p 9100:9100 prom/node-exporter

Q72: How do you use Nagios?

Answer:

# Install
apt install nagios4

# Add check to commands.cfg
define command{
    command_name check_disk
    command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$
}

# Add service
define service{
    host_name localhost
    service_description Disk
    check_command check_disk!20%!10%
}

Q73: How do you set up Zabbix?

Answer:

# Install Zabbix server
apt install zabbix-server-mysql zabbix-frontend-php

# Configure database
mysql -e "create database zabbix character set utf8 collate utf8_bin;"
mysql zabbix < /usr/share/zabbix-sql.sql

# Add agent
apt install zabbix-agent
# Edit /etc/zabbix/zabbix_agentd.conf
Server=192.168.1.10

Q74: How do you use Grafana?

Answer:

# Install
docker run -d -p 3000:3000 grafana/grafana

# Add data source
# POST /api/datasources
{
  "name": "Prometheus",
  "type": "prometheus",
  "url": "http://localhost:9090"
}

# Create dashboard
# Add panels with Prometheus queries

Q75: How do you set up ELK Stack?

Answer:

# Install Elasticsearch
docker run -d -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch

# Install Kibana
docker run -d -p 5601:5601 kibana

# Install Logstash
docker run -d -p 5044:5044 logstash

# Configure filebeat on clients
filebeat.modules:
  - system
output.logstash:
  hosts: ["logstash:5044"]

---

Automation

Q76: How do you use Ansible?

Answer:

inventory.ini

[webservers]
web1 ansible_host=192.168.1.10
web2 ansible_host=192.168.1.11

# playbook.yml
- hosts: webservers
  become: yes
  tasks:
    - name: Install nginx
      apt:
        name: nginx
        state: present
    - name: Start nginx
      service:
        name: nginx
        state: started

Q77: How do you use Puppet?

Answer:

init.pp

class nginx {
  package { 'nginx':
    ensure => installed,
  }
  service { 'nginx':
    ensure => running,
    enable => true,
  }
}
node 'webserver' {
  include nginx
}

Q78: How do you use Chef?

Answer:

recipe.rb

package 'nginx' do
  action :install
end

service 'nginx' do
  action [:enable, :start]
end

template '/etc/nginx/nginx.conf' do
  source 'nginx.conf.erb'
  notifies :restart, 'service[nginx]'
end

Q79: How do you use Salt?

Answer:

/srv/salt/nginx.sls

nginx:
  pkg.installed:
    - name: nginx

  service.running:
    - name: nginx
    - enable: True

# /srv/pillar/top.sls
base:
  'web*':
    - nginx

Q80: How do you use cron jobs?

Answer:

# Edit crontab
crontab -e

# Examples
# Run daily at 2am
0 2 * * * /backup.sh

# Run every 5 minutes
*/5 * * * * /monitor.sh

# Run on specific days
0 0 * * 0 /weekly.sh

# System cron (runs even if user not logged in)
/etc/cron.d/mycron

---

Troubleshooting

Q81: How do you troubleshoot network issues?

Answer:

# Check connectivity
ping 8.8.8.8
ping google.com

# Check DNS
nslookup google.com
dig google.com

# Check routes
ip route
traceroute google.com

# Check ports
netstat -tulpn
ss -tulpn

# Check firewall
iptables -L -n
firewall-cmd --list-all

# Check DNS resolution
cat /etc/resolv.conf

Q82: How do you troubleshoot disk issues?

Answer:

# Check disk space
df -h

# Check inodes
df -i

# Find large files
du -sh /* 2>/dev/null | sort -rh | head

# Check disk health
smartctl -a /dev/sda

# Check for bad blocks
badblocks -sv /dev/sda

# Check filesystem
fsck /dev/sda1

Q83: How do you troubleshoot high load?

Answer:

# Check load
uptime
top
htop

# Check processes
ps aux --sort=-%cpu | head

# Check memory
free -h

# Check I/O
iostat -x 1
iotop

# Check for zombie processes
ps aux | grep zombie

Q84: How do you troubleshoot service failures?

Answer:

# Check status
systemctl status service

# Check logs
journalctl -u service -n 50
tail -f /var/log/messages

# Test manually
/usr/sbin/nginx -t

# Check dependencies
systemctl list-dependencies nginx

# Check ports
netstat -tulpn | grep LISTEN
ss -tulpn | grep LISTEN

Q85: How do you recover from forgotten root password?

Answer:

# Boot into recovery mode
# 1. Restart system
# 2. Press Shift during boot
# 3. Select "Advanced options"
# 4. Select recovery mode
# 5. Select "root"

# Mount filesystem
mount -o remount,rw /

# Change password
passwd root

# Reboot
reboot

---

DNS and DHCP

Q86: How do you configure BIND DNS?

Answer:

/etc/named.conf

zone "example.com" {
    type master;
    file "forward.zone";
};

zone "1.168.192.in-addr.arpa" {
    type master;
    file "reverse.zone";
};

# forward.zone
$TTL 86400
@  IN  SOA ns1.example.com. admin.example.com. (
        2023010101 ; Serial
        3600       ; Refresh
        1800       ; Retry
        604800     ; Expire
        86400 )    ; Minimum TTL
@       IN  NS      ns1.example.com.
ns1     IN  A       192.168.1.10
www     IN  A       192.168.1.20

Q87: How do you configure DHCP server?

Answer:

/etc/dhcp/dhcpd.conf

subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.100 192.168.1.200;
    option routers 192.168.1.1;
    option subnet-mask 255.255.255.0;
    option domain-name-servers 8.8.8.8, 8.8.4.4;
    default-lease-time 600;
    max-lease-time 7200;
}

Q88: How do you use dig for DNS queries?

Answer:

# Basic query
dig example.com

# Query specific record
dig A example.com
dig MX example.com
dig NS example.com

# Reverse lookup
dig -x 192.168.1.1

# Trace
dig +trace example.com

# Query specific server
dig @8.8.8.8 example.com

Q89: How do you manage DNS zones?

Answer:

# Add record
named-checkzone example.com forward.zone

# Reload
rndc reload

# Add zone
named-checkconf -z /etc/named.conf

# Test resolution
dig @localhost example.com
nslookup example.com localhost

Q90: How do you configure dynamic DNS?

Answer:

/etc/dhcp/ddclient.conf

# Client side (dhclient)
protocol=dhcp
use=if, if=eth0
server=dynupdate.example.com
login=username
password=secret
mydomain.example.com

# Server side (nsupdate)
nsupdate
server ns1.example.com
update add host.example.com 3600 A 192.168.1.50
send

---

Web Servers

Q91: How do you configure Nginx?

Answer:

/etc/nginx/nginx.conf

worker_processes auto;
worker_rlimit_nofile 65535;

events {
    worker_connections 4096;
    use epoll;
}

http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log main;
    error_log /var/log/nginx/error.log;

    include /etc/nginx/conf.d/*.conf;
}

Q92: How do you configure Apache?

Answer:

/etc/apache2/apache2.conf

ServerRoot "/etc/apache2"
Listen 80

LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
LoadModule authz_core_module modules/mod_authz_core.so

IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf

# Virtual host
<VirtualHost *:80>
    ServerName example.com
    DocumentRoot /var/www/html
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Q93: How do you configure reverse proxy?

Answer:

# Nginx reverse proxy
server {
    listen 80;
    server_name api.example.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_cache_bypass $http_upgrade;
    }
}

Q94: How do you configure SSL/TLS?

Answer:

# Generate CSR
openssl req -new -newkey rsa:4096 -nodes -keyout server.key -out server.csr

# Generate self-signed
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

# Nginx config
server {
    listen 443 ssl http2;
    ssl_certificate /etc/ssl/certs/server.crt;
    ssl_certificate_key /etc/ssl/private/server.key;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
}

Q95: How do you configure load balancing?

Answer:

# Nginx load balancer
upstream backend {
    least_conn;
    server 192.168.1.10:80 weight=3;
    server 192.168.1.11:80;
    server 192.168.1.12:80 backup;
}

server {
    location / {
        proxy_pass http://backend;
    }
}

---

Database

Q96: How do you manage MySQL/MariaDB?

Answer:

# Install
apt install mariadb-server

# Secure installation
mysql_secure_installation

# Connect
mysql -u root -p

# Common commands
SHOW DATABASES;
CREATE DATABASE dbname;
USE dbname;
SHOW TABLES;
DESCRIBE tablename;

# Backup
mysqldump -u root -p dbname > backup.sql

# Restore
mysql -u root -p dbname < backup.sql

Q97: How do you configure PostgreSQL?

Answer:

# Install
apt install postgresql

# Connect
sudo -u postgres psql

# Commands
\list  # list databases
\dt    # list tables
\du    # list users

# Create database
CREATE DATABASE mydb;
CREATE USER myuser WITH PASSWORD 'secret';
GRANT ALL PRIVILEGES ON DATABASE mydb TO myuser;

# Backup
pg_dump -U user dbname > backup.sql

# Restore
psql -U user dbname < backup.sql

Q98: How do you optimize MySQL?

Answer:

/etc/mysql/my.cnf

[mysqld]
innodb_buffer_pool_size = 4G
innodb_log_file_size = 1G
max_connections = 500
query_cache_size = 0
table_open_cache = 4000
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 2

# Key parameters
# innodb_buffer_pool - 70-80% of RAM
# max_connections - based on expected concurrent connections
# query_cache - deprecated in MySQL 8.0

Q99: How do you configure database replication?

Answer:

# Master config
[mysqld]
server-id = 1
log_bin = /var/log/mysql/mysql-bin
binlog_do_db = mydb

# Slave config
[mysqld]
server-id = 2
relay-log = /var/log/mysql/mysql-relay-bin

# On master
GRANT REPLICATION SLAVE ON *.* TO 'repl'@'%' IDENTIFIED BY 'password';
FLUSH TABLES WITH READ LOCK;
SHOW MASTER STATUS;

# On slave
CHANGE MASTER TO MASTER_HOST='master_ip', MASTER_USER='repl', MASTER_PASSWORD='password', MASTER_LOG_FILE='mysql-bin.000001', MASTER_LOG_POS=xxx;
START SLAVE;
SHOW SLAVE STATUS\G;

Q100: How do you secure databases?

Answer:

# MySQL security
# 1. Remove anonymous users
DELETE FROM mysql.user WHERE User='';

# 2. Remove remote root
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1');

# 3. Create application user
CREATE USER 'appuser'@'localhost' IDENTIFIED BY 'strongpassword';
GRANT SELECT, INSERT, UPDATE, DELETE ON appdb.* TO 'appuser'@'localhost';
FLUSH PRIVILEGES;

# 4. Use SSL for connections
# 5. Enable firewall for port 3306
# 6. Regular backups

---

Questions 101-200 continue with more advanced Linux topics…