Level 2
CompTIA Linux+ Level 2 progression articles for intermediate technicians.
OpenVPN and WireGuard: site-to-site VPN on Linux
Build site-to-site VPN tunnels with OpenVPN using easy-rsa PKI and with WireGuard using kernel-level encryption,...
OpenSSH advanced: tunneling, certificates, and hardening
Configure SSH tunnels for local, remote, and dynamic forwarding, deploy certificate-based authentication with an SSH...
Intrusion detection with AIDE, fail2ban, and auditd
Deploy AIDE for filesystem integrity monitoring, configure fail2ban jails with custom filters, and build auditd rules...
Linux server security: nftables, firewalld, and port scanning defense
Build layered firewall defenses with nftables and firewalld, detect and block port scans with rate limiting and...
OpenLDAP directory services: setup and client integration
Install and configure OpenLDAP with OLC (cn=config), manage directory entries with LDIF, set up TLS encryption,...
DHCP server configuration with Kea and ISC dhcpd
Deploy DHCP services using Kea and legacy ISC dhcpd, configure subnets and reservations, integrate PXE boot and DDNS,...
NFS exports and mounts: NFSv4, Kerberos, and performance tuning
Set up NFSv4 exports with pseudo filesystems, configure Kerberos security flavors, tune mount options for throughput,...
Samba file server: shares, authentication, and Windows integration
Configure Samba 4.x file shares with smb.conf, manage user authentication via tdbsam, join Active Directory domains,...
Nginx web server: configuration, reverse proxy, and load balancing
Configure Nginx server blocks, reverse proxy with upstream load balancing, SSL/TLS termination, HTTP/2 and HTTP/3,...
Apache HTTP Server: virtual hosts, modules, and HTTPS
Deploy Apache with MPM tuning, name-based virtual hosts, mod_rewrite and mod_proxy, SSL/TLS via Let's Encrypt with HSTS...
DNSSEC implementation: signing zones and chain of trust
Implement DNSSEC with inline signing in BIND9, manage ZSK/KSK rollovers, submit DS records, validate with delv, and...
BIND DNS server: named.conf and zone management
Configure BIND9 from named.conf structure through zone files, zone transfers with TSIG, split-horizon DNS, rndc...