EX407 Free Practice Test

CORRECT TEXT
Create a file called mysecret.yml on the control host using ansible vault in home/bob/ansible. Set the password to 'notasafepass' and inside the file create a variable called dev_pass with the value of devops. Save the file. Then go back in the file and change dev_pass value to devops123. Then change the vault password of mysecret.yml to
verysafepass
Solution:
ansible-vault create lock.yml
New Vault Password: reallysafepw Confirm: reallysafepw


Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

CORRECT TEXT
=====================================================================
==============
control.realmX.example.com _ workstation.lab.example.com node1.realmX.example.com _ servera.lab.example.com node2.realmX.example.com _ serverb.lab.example.com node3.realmX.example.com _ serverc.lab.example.com node4.realmX.example.com _ serverd.lab.example.com node5.realmX.example.com
- username:root, password:redhat
- username:admin, password:redhat
note1. don??t change ??root?? or ??admin?? password.
note2. no need to create ssh-keygen for access, its pre-defined
note3. SELinux is in enforcing mode and firewalld is disabled/stop on whole managed hosts.
=====================================================================
==============
Create user accounts
------------------------
--> A list of users to be created can be found in the file called user_list.yml
which you should download from http://classroom.example.com/user_list.yml and save to /home/admin/ansible/
--> Using the password vault created elsewhere in this exam, create a playbook called create_user.yml
that creates user accounts as follows:
--> Users with a job description of developer should be:
--> created on managed nodes in the "dev" and "test" host groups assigned the password from the "dev_pass"
variable and these user should be member of supplementary group "devops".
--> Users with a job description of manager should be:
--> created on managed nodes in the "prod" host group assigned the password from the "mgr_pass" variable
and these user should be member of supplementary group "opsmgr"
--> Passwords should use the "SHA512" hash format. Your playbook should work using the vault password file
created elsewhere in this exam.
while practising you to create these file hear. But in exam have to download as per questation.
user_list.yml file consist:
---
user:
- name: user1 job: developer
- name: user2 job: manager
Solution:
Solution as:
# pwd
/home/admin/ansible
# wget http://classroom.example.com/user_list.yml
# cat user_list.yml
# vim create_user.yml
---
- name: hosts: all vars_files:
- ./user_list.yml
- ./vault.yml tasks:
- name: creating groups group:
name: "{{ item }}" state: present
loop:
- devops
- opsmgr
- name: creating user user:
name: "{{ item.name }}" state: present
groups: devops
password: "{{ dev_pass|password_hash ('sha512') }}" loop: "{{ user }}"
when: (inventory_hostname in groups['dev'] or inventory_hostname in groups['test']) and item.job == "developer"
- name: creating user user:
name: "{{ item.name }}" state: present
groups: opsmgr
password: "{{ mgr_pass|password_hash ('sha512') }}" loop: "{{ user }}"
when: inventory_hostname in groups['prod'] and item.job == "manager" wq!
# ansible-playbook create_user.yml -–vault-password-file=password.txt -–syntax-check
# ansible-playbook create_user.yml -–vault-password-file=password.txt

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A