1. Point out the correct statement.
a) Hadoop does have the definition of group by itself
b) MapReduce JobHistory server run as same user such as mapred
c) SSO environment is managed using Kerberos with LDAP for Hadoop in secure mode
d) None of the mentioned
Explanation: You can change a way of mapping by specifying the name of mapping provider as a value of hadoop.security.group.mapping.
2. The simplest way to do authentication is using _________ command of Kerberos.
a) auth
b) kinit
c) authorize
d) all of the mentioned
Explanation: HTTP web-consoles should be served by principal different from RPC’s one.
3. Data transfer between Web-console and clients are protected by using _________
a) SSL
b) Kerberos
c) SSH
d) None of the mentioned
Explanation: AES offers the greatest cryptographic strength and the best performance.
4. Point out the wrong statement.
a) Data transfer protocol of DataNode does not use the RPC framework of Hadoop
b) Apache Oozie which access the services of Hadoop on behalf of end users need to be able to impersonate end users
c) DataNode must authenticate itself by using privileged ports which are specified by dfs.datanode.address and dfs.datanode.http.address
d) None of the mentioned
Explanation: Authentication is based on the assumption that the attacker won’t be able to get root privileges.
5. In order to turn on RPC authentication in hadoop, set the value of hadoop.security.authentication property to _________
a) zero
b) kerberos
c) false
d) none of the mentioned
Explanation: Security settings need to be modified properly for robustness.
6. The __________ provides a proxy between the web applications exported by an application and an end user.
a) ProxyServer
b) WebAppProxy
c) WebProxy
d) None of the mentioned
Explanation: If security is enabled it will warn users before accessing a potentially unsafe web application. Authentication and authorization using the proxy is handled just like any other privileged web application.
7. ___________ used by YARN framework which defines how any container launched and controlled.
a) Container
b) ContainerExecutor
c) Executor
d) All of the mentioned
Explanation: The container process has the same Unix user as the NodeManager.
8. The ____________ requires that paths including and leading up to the directories specified in yarn.nodemanager.local-dirs.
a) TaskController
b) LinuxTaskController
c) LinuxController
d) None of the mentioned
Explanation: LinuxTaskController keeps track of all paths and directories on datanode.
9. The configuration file must be owned by the user running _________
a) DataManager
b) NodeManager
c) ValidationManager
d) None of the mentioned
Explanation: To recap, local file-system permissions need to be modified.
10. __________ storage is a solution to decouple growing storage capacity from compute capacity.
a) DataNode
b) Archival
c) Policy
d) None of the mentioned
Explanation: Nodes with higher density and less expensive storage with low compute power are becoming available.