CHAPTER 14
CVE
Common Vulnerabilities and Exposures (CVE) A system used to catalog security vulnerabilities.
audit2why command
Displays and modifies the MAC address cache on a system.j
iftop command
Displays the bandwidth sent from the local computer to other host
/etc/sudoers
Where does the sudo command check to determine a user's privileges when they attempt to run the sudo command?
ulimit
Which command can increase the number of filehandles that programs can open in a shell?
Delegate responsibility.
Which of the following steps is not a common troubleshooting procedure?
nmap
nmap (network mapper) command Used to scan ports on network computers.
apparmor
A Linux kernel module and related software packages that prevent malicious software from accessing system resources.
LDP
Linux Documentation Project (LDP) A large collection of Linux resources, information, and help files supplied free of charge and maintained by the Linux community.
visudo command
Used to modify the contents of the /etc/sudoers file.
INPUT
What type of iptables chain targets traffic that is destined for the local computer?
False
When the fsck command cannot repair a non-root ( / ) filesystem, you should immediately restore all data from backup. True or False?
/etc/sudoers
Which file contains information regarding the users, computers, and commands used by the sudo command?
ufw status
Which of the following UFW commands can be used to view configured firewall rules?
ping
Which of the following commands can be used to determine the round trip time that a packet takes to traverse a network connection?
su
Which of the following commands will allow the root user to switch to another user account without having to enter that user account's password?
firewall-cmd --add-service ssh --permanent
Which of the following firewalld commands can be used to allow incoming SSH connections the next time the system is booted?
aa-trust
Which of the following is not a valid Apparmor command?
RSA and RSA
Which of the following is the default option for the kind of keys to be generated when using the gpg --gen-key command?
Kerberos
Which of the following packages should be installed in order to integrate certain authentication functions with Microsoft's Active Directory?
LUKS GPG
Which of the following technologies can encrypt files stored on a filesystem within a Linux system? (Choose all that apply.)
nmap
Which of the following utilities can be used by a system administrator to determine which services are responding to network requests?
vmstat
Which of the following utilities will allow you to view information about virtual memory usage on a Linux system?
-Z
Which option can be added to the ls or ps command to view the SELinux label?
ufw command
ufw (Uncomplicated Firewall) command Used to configure UFW.
SELinux
security Enhanced Linux (sELinux) A set of Linux kernel components and related software packages that prevent malicious software from accessing system resources.
iostat command
iostat (input/output statistics) command Displays input and output statistics for block storage devices on the system.
iotop command
iotop (input/output top) command Displays the processes on a Linux system that have the highest number of associated input/output requests to block storage devices.
aa-enforece
Setas an app armor profile to enforce mode
aa-complain
Sets an app armory profile to comaplain mode
getenforce command
Used to view whether SElinux is using enforcing or permissive mode
ip6tables
Which of the following can you use to configure firewall rules for IPv6 on a Linux system?
sudo
Which of the following commands allows a standard user to execute a single command as root without actually switching to the root account?
sar free vmstat
Which of the following commands can be used to display memory statistics? (Choose all that apply.)
nmap
Which of the following commands can be used to scan the available ports on computers within your organization?
edquota -u jsmith
Which of the following commands can be used to view the quota for a user?
Encrypt for the user id given.
Which of the following does the -r option for the gpg command specify?
/etc/hosts.allow and /etc/hosts.deny
Which of the following files does a TCP wrapper check before starting a network daemon?
sa19
Which of the following files is likely to be found in the /var/log/sa directory on a Fedora system over time?
restorecon command
Forces SELinux to set the default label on system files and directories.
aa-unconfined
List process that are not controlled by app armor
proactive maintenance
The measures taken to reduce future system problems.
reactive maintenance
The measures taken when system problems arise.
False
The pam_tally2.so PAM can be used to enforce complex passwords on a Linux system. True or False?
jabberin
The process by which failing hardware components send large amounts of information to the cpu
bus mastering
The process by which peripheral components perform tasks normally executed by the CPU.
sudoedit command
Used to edit text files as another user via entries in the /etc/sudoers file.
iperf command
Used to measure the bandwidth between two computers.
setsebool command
Used to modify SELinux settings within an SELinux policy.
ulimit command
Used to modify process limit parameters in the current shell.
tshark command
Used to start a command- line version of the graphical Wireshark program.
klist command
Used to view Kerberos authentication information.
udevadm command
Used to view and modify udev daemon configuration.
pam_Tally2 command
Used to view and modify user lockout setting
faillock command
Used to view and modify user lockout settings
aa-status
View the status of app armor and app armor profiles
Lock the server in a server closet. Ensure that SELinux or AppArmor is used to protect key services. Use encryption for files and network traffic.
What are best practices for securing a local Linux server? (Choose all that apply.)
Take 50 swap statistics every 3 seconds.
What will the command sar â "W 3 50 do?
tracepath mtr traceroute
When experiencing a network issue, you want to determine where the source of the problem is. Which of the three following commands can be used to determine whether there is an issue with a router in the normal route that the packets are attempting to take?
chains
The components of a firewall that specify the general type of network traffic to which rules apply.
file handles
The connections that a program makes to file on a system
firewall daemon (firewalld)
A daemon that can be used to simplify the configuration of netfilter firewall rules via network zones.
firewall-cmd command
A daemon that can be used to simplify the configuration of netfilter firewall rules via network zones.
gpg agent
A daemon that can be used to store private key pass phrases used by gpg
firewall configuration utility
A graphical firewall configuration utility used on Fedora systems.
automatic bug reporting tool daemon(abrtd)
A process that automatically sends application crash data to an online bug reporting service.
TCP wrapper
A program that can be used to run a network daemon with additional client restrictions specified in the /etc/hosts.allow and /etc/hosts.deny files.
apparmor profile
A text file within the /etc/ apparmor.d directory that lists application-specific restrictions.
CWE
Common Vulnerabilities and Exposures (CVE) A system used to catalog security vulnerabilities.
aa-disable
Disable an app armor profile
seinfo command
Displays Linux features
brctl
Displays and modifies Ethernet bridge configuration within the Linux kernel.
arp command
Displays and modifies the MAC address cache on a system.
dmidecode command
Displays hardware device information detected by the system BIOS.
tload command
Displays load average information for a Linux system.
vmstat command
Displays memory, CPU, and swap statistics on a Linux system
uptime command
Displays system uptime and load average information for a Linux system.
sestatus command
Displays the current status and functionality of the SELinux subsystem.
gpg
GNU Privacy Guard (GPG) An open source asymmetric encryption technology that can be used to encrypt and digitally sign files and email.
brctl
If a Linux system is running as a virtual machine, it may be using a bridge for the virtual network adapter within the virtual machine to the physical network adapter. Which of the following commands can be used to view or modify the bridge configuration used by the Linux kernel for your network adapter?
/etc/nologin.txt
If someone tries to log into a system using a daemon account, but the daemon account does not have a valid shell assigned to it, they would normally see a standard warning. If you want to customize the error, which of the following files can you put a message in that will display upon an attempted login?
LUKS
Linux Unified Key setup (LUKs) A technology that encrypts the contents of a Linux filesystem.
MCS
Multi-Category security (MCs) An optional SELinux policy scheme that prevents processes from accessing other processes that have similar attributes.
False
Network latency issues are often caused by SELinux or AppArmor restrictions. True or False?
monitoring
On which part of the maintenance cycle do Linux administrators spend the most time?
setenforce command
Used to change SELinux between enforcing and permissive mode.
chcom command
Used to change the type classification within SELinux labels on system files and directories.
ipset command
Used to configure IP sets.
iptables command
Used to configure IPv4 rules for a netfilter firewall.
ip6tables command
Used to configure IPv6 rules for a netfilter firewall.
cryptosetup command
Used to configure and manage LUKS
gpg command
Used to configure and manage gpg
getsebool
Used to display SElinux settings within a SELinux policy
free command
Used to display memory and swap statistics.
mpstat
mpstat (multiple processor statistics) command Displays CPU statistics on a Linux system.
pidstat command
pidstat (PID statistics) command Displays CPU statistics for each PID on a Linux system.
sar
sar (system activity reporter) command Displays various performance-related statistics on a Linux system.
sysstat
system statistics (sysstat) package A software package that contains common performance-monitoring utilities.
ip set
A list of hosts and networks that can be used within a firewall rule.
ifconfig eth0
You want to determine whether your Linux workstation was able to get assigned an IP address from the DHCP server once you connected it to the network. Which of the following legacy commands might help you determine this?
netfilter
The Linux kernel component that provides firewall and NAT capability on modern Linux systems.
DMZ
In which of the following zones might a system administrator put the web server hosting the company's publicly accessible website?
ioping command
Sends input output request5 to a block storage device and measures the speed at which they occur
True
To set udev rules on a Linux system, you must add the appropriate line to a file within the /etc/udev/rules.d directory. True or False?
kinit command
Used to authenticate to a Kerberos authentication service.
Users must use at least 3 characters as numbers in their passwords.
When looking at the password-auth file on a Fedora system, you notice part of the syntax that says dcredit=3. What is the significance of this part of the configuration?
Bad, because the processor is idle 10 percent of the time and perhaps a faster CPU is required
When performing a sar â "u command, you notice that %idle is consistently 10%. Is this good or bad?
Ensure that only necessary services are running.
Which of the following actions should you first take to secure your Linux computer against network attacks?
--use-agent
Which of the following options for the gpg command will attempt to use the gpg agent and if it cannot will ask for a passphrase?
