1. Which two of the following are log files that record authentication-related events?

A. syslog
B. authentication.log
C. auth.log
D. secure.log
E. secure

2. Which log file contains the current record about who is logged into the system and what they're doing?

A. /var/log/syslog
B. /var/log/utmp
C. /var/log/btmp
D. /var/run/utmp

3. Which of the following is the main logging system that runs on pretty much every modern Linux distro?

A. syslog
B. rsyslog
C. journald
D. syslog-ng

4. Which of the following is peculiar to RHEL 8 and its offspring, such as CentOS 8?

A. On RHEL 8 systems, journald collects log data from the rest of the system and sends it to rsyslog.
B. On RHEL 8 systems, journald has completely replaced rsyslog.
C. On RHEL 8 systems, rsyslog collects data from the rest of the system and sends it to journald.
D. RHEL 8 systems use syslog-ng.

5. Which of the following is a consideration when setting up stunnel?

A. On RHEL systems, FIPS mode is not available.
B. On Ubuntu systems, FIPS mode is not available.

C. On Ubuntu systems, FIPS mode is available, but only if you purchase a support contract.
D. On RHEL 8 and CentOS 8, FIPS mode is available, but only if you purchase a support contract.

6. Which of the following two statements are true about stunnel?

A. On RHEL systems, stunnel runs as a normal systemd service.
B. On RHEL systems, stunnel still runs under an old-fashioned init script.
C. On Ubuntu systems, stunnel runs as a normal systemd service.
D. On Ubuntu systems, stunnel runs under an old-fashioned init script.

7. _____  file must you edit to have the root user's messages forwarded to your own user account?
8. After you edit the file that's referenced in Question 7, _____ command must you run to transfer the information to a binary file that the system can read?
9. To create an stunnel setup for your remote log server, you must create a security certificate for both the server and for each client.

A. True
B. False

10. Which of the following commands would you use to find the fail text string in journald log files?

A. sudo grep fail /var/log/journal/messages
B. sudo journalctl -g fail
C. sudo journalctl -f fail
D. sudo less /var/log/journal/messages