Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon

Final Practice Exam

*This course is not approved or sponsored by Red Hat.* The Red Hat Certified Systems Administrator, or EX 200, exam is one of the most highly regarded entry-level exams in the Linux world. The skills you learn while preparing for the exam will not only prepare you to pass the exam itself, but also to perform real-world activities in a real production environment. Instead of a multiple-choice test, the exam takes place in a real environment. This makes the RHCSA an extremely desirable certification. This hands-on lab will walk you through similar scenarios to those you may find on the exam and will provide insight to the preparations you need to make to pass the exam. Please note, this exam should be taken after you have completed the RHCSA course. This practice exam should not necessarily be used as a study guide, but as a readiness indicator. The repo/GPG key required for the exam can be found here:

Google Cloud Platform icon

Path Info

Clock icon Intermediate
Clock icon 2h 0m
Clock icon Apr 05, 2019

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Start the Guest VM

    Get the VM's name from virsh list --all, and start it using virsh start <VMNAME>.

  2. Challenge

    Create Three Users (Derek, Tom, and Kenny) that All Belong to the `instructors` Group. Prevent Tom's User from Accessing a Shell, and Make His Account Expire Ten Days from Now.

    We need to create three users that must belong to the instructors group. Their names are Derek, Tom, and Kenny. We want to make sure that Tom can't get to a shell, and we want his account to expire ten days from now.

    You can create the users using the useradd command. Group and shell modifications are done with usermod, and you can set an expiration date using the chage command.

  3. Challenge

    Download and Configure Apache to Serve `index.html` from `/var/web` and Access It from the Host Machine

    Install Apache using yum install httpd. Then edit /etc/httpd/conf/httpd.conf to change the DocumentRoot as required.

  4. Challenge

    Configure Umask to Ensure All Files Created by Any User Cannot Be Accessed by "other" Users

    The default umask for all users is set in the /etc/profile and /etc/bashrc files.

  5. Challenge

    Find All Files in `/etc` (Not Subdirectories) that Are Older Than 720 Days, and Output a List to `/root/oldfiles`

    The find command has numerous flags that can help with this.

    -maxdepth 1 will search only /etc and not any subdirectories.

    -mtime +720 will match on files that were modified more than 720 days ago.

    A complete command is:

    find /etc/ -maxdepth 1 -mtime +720 > /root/oldfiles

  6. Challenge

    Find All Log Messages in `/var/log/messages` That Contain "ACPI", and Export Them to a File Called `/root/logs`. Then Archive All of `/var/log` and Save It to `/tmp/log_archive.tgz`

    To find matching lines in a file you should use grep.

    grep ACPI /var/log/messages > /root/logs

    Then you need to compress /var/log.

    tar -czf /tmp/log_archive.tgz /var/log/

  7. Challenge

    Modify the GRUB Timeout and Make It 1 Second Instead of 5

    Edit /etc/default/grub and change the timeout to 1.

    Then run grub2-mkconfig -o /boot/grub2/grub.cfg to rebuild the GRUB configuration and make the change take effect.

  8. Challenge

    Create a Daily Cron Job at 4:27pm for the `derek` User that Runs `cat /etc/redhat-release` and Redirects the Output to `/home/derek/release`

    To edit a user's crontab you can run:

    crontab -e -u derek

    And then the format of the line for this task would be this:

    27 16 * * * cat /etc/redhat-release > /home/derek/release

  9. Challenge

    Configure `` as the Only NTP Server

    The NTP client in RHEL and CentOS is chrony. The configuration file for chrony is /etc/chrony.conf.

    Edit that file, remove the default lines that begin with server, and write a new one like this:


  10. Challenge

    Create an 800M Swap Partition on the `vdb` Disk and Use the UUID to Ensure That It Is Persistent

    First we need to create a new partition:

    Run fdisk /dev/vdb.

    • Press n to create a new partition.
    • Accept the default for the partition number.
    • Accept the default for the starting sector.
    • Use +800M for the ending sector.
    • Press t to set the partition type (use 82 to set it to Linux Swap).
    • Press w to write the changes.

    Run partprobe to make sure the kernel knows about the changes.

    Run mkswap /dev/vdbX, where X is the partition number.

    Run blkid to get the UUID of the partition.

    Add the following to /etc/fstab:

    UUID="LONG-UUID-STRING-COPIED-FROM-blkid" swap swap defaults 0 0

    Save and exit, then run swapon -a.

    Run free to verify that everything is correct.

  11. Challenge

    Create a New Logical Volume (LV-A) with a Size of 30 Extents that Belongs to the Volume Group VG-A (with a PE Size of 32M). After Creating the Volume, Configure the Server to Mount It Persistently on `/mnt`.

    First we need to create a physical volume. Let's assume your disk is /dev/vdc:

    pvcreate /dev/vdc

    Then we need to create the Volume Group named VG-A with a 32M physical extent size:

    vgcreate VG-A /dev/vdc -s 32m

    Finally, we create the Logical Volume named LV-A with 30 extents:

    lvcreate -n LV-A -l 30 VG-A

    Now we can format the volume:

    mkfs.xfs /dev/VG-A/LV-A

    And finally, we can edit /etc/fstab to add the following line:

    /dev/mapper/VG--A-LV--A /mnt xfs defaults 0 0

  12. Challenge

    On the Host, Not the Guest VM, Utilize for SSO, and Configure AutoFS to Mount Users' Home Directories on Login. Make Sure to Use Kerberos.

    The server is The Kerberos certificate is located at

    First, we need to install the required packages.

    • yum install -y authconfig-gtk nss-pam-ldapd pam_krb5 autofs nfs-utils openldap-clients

    Now we can run authconfig-gtk.

    • Set the Search Base DN to "dc=linuxacademy,dc=com".
    • Set the LDAP Server to
    • Select Use TLS, and enter to download the cert.
    • Switch to the Advanced tab and select Create Home directories on the first login.
    • Select Apply.

    Edit /etc/auto.master.d/ldap.autofs, and add the following line:

    • /home/guests /etc/auto.ldap

    Edit /etc/auto.ldap, and add the following line:

    • * -rw

    Edit /etc/pam.d/sshd, and add the following to the first section:

    • auth sufficient

    Restart sshd with systemctl restart sshd.

    Now you should be able to verify by running su - ldapuser3.

  13. Challenge

    Change the Hostname of the Guest to "rhcsa"

    For this task you can use hostnamectl.

    hostnamectl set-hostname rhcsa

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans