To secure OpenStack inter-service communication, you must enable TLS for RabbitMQ. How would you configure SSL encryption for RabbitMQ?
firewall -cmd --set-default -zone=public 2. Allow only required OpenStack service ports: firewall -cmd --permanent --add-service=keystone firewall -cmd --permanent --add-service=glance firewall -cmd --permanent --add-service=nova firewall -cmd --permanent --add-service=neutron 3. Reload firewall rules and verify: firewall -cmd --reload firewall -cmd --list-all To enhance OpenStack log security, you must configure auditd to track unauthorized access attempts. How would you set up auditd for OpenStack logs?
To meet security compliance, you must enable FIPS (Federal Information Processing Standards) mode in OpenStack. How would you configure OpenStack to run in FIPS mode?
methods = password, totp totp_driver = keystone.auth.plugins.totp.TOTP 3. Restart Keystone to apply changes: systemctl restart openstack -keystone 4. Assign a TOTP secret key to a user: openstack user set --totp-secret myuser 5. Verify authentication using password + TOTP token: openstack token issue --os-password <password> --os-totp <token> To protect OpenStack Swift Object Storage, you need to enforce access control policies for different users. How would you configure Swift container access policies?
3. Restart rsyslog service: systemctl restart rsyslog 4. Verify logs are being sent: logger "Test log from OpenStack" To enforce mandatory access controls, you need to restrict unauthorized access to OpenStack services using SELinux policies. How would you apply SELinux rules to OpenStack?
➢ TOTAL QUESTIONS: 290 You are responsible for managing the OpenStack control plane and ensuring all core services are running without failure. A user reports that OpenStack Compute (Nova) is not responding. Your task is to check the status of all OpenStack services on the control plane, restart any failed services, and verify that they are running correctly. How would you achieve this?
