CompTia Lesson 13, 14, 15, 16, 17, 18, 19, 20, 21, 22

What tar command-line options are commonly used together to extract and decompress files from a tar file? A. -cvf B. -zcvf C. -xvf D. -zxvf E. None of the above

- zxvf

Kernel modules files have a __ file extension and are typically located in a subdirectory of the __ directory.

.ko, /lib/modules/

Default UFW policies are stored in the __ configuration file. User-added UFW rules are stored in the ___file.

/etc/default/ufw, /etc/ufw/user/rules

PAM configuration files are located in the __ directory

/etc/pam.d/

Firewalls employ the __ file which documents the different standard application services names and their corresponding port numbers, protocols, and aliases.

/etc/services

The firewalld zone configuration files are stored in the ___ directory. Customized or user-created zone configuration files are stored in the ___ directory.

/usr/lib/firewalld/zones/, /etc/firewalld/zones/

Where are module files stored? Choose all that apply A. a/lib/modules/ KernelVersion/ subdirectory B. A/lib/modules/kernel/ subdirectory C. A/lib/kernel/modules subdirectory D. A/usr/lib/modules/ KernelVersion/ subdirectory E. A/usr/lib/modules/kernel/ subdirectory

A. A /lib/modules/ KernelVersion/ subdirectory D. A /usr/lib/modules/ KernelVersion/ subdirectory

Tom sees an attacker continually attempt to break into a user account on his Linux system from a specific IP address. What can he do to quickly mitigate this issue? A. Add the attack's IP address to the /etc/hosts.deny file. B. Add the user account to the /etc/cron/deny file. C. Place the application in a chroot jail. D. Add the nologin shell to the user account. E. None of the above

A. Add the attacker's IP address to the /etc/hosts.deny file.

Leigh encrypts a message with Luke's public key and the sends the message to Luke. After receiving the message, Luke decrypts the message with his private key. What does this describe? Choose all that apply. A. Asymmetric key encryption B. Symmetric key encryption C. Private key encryption D. Secret key encryption E. Public/private key encryption

A. Asymmetric key encryption E. Public/private key encryption

Which of the following is true concerning a kernel module? Choose all that apply. A. It allows the addition of functionality when required. B. It can be loaded when needed. C. It keeps the Linux kernel lighter and more agile. D. It is a self-contained driver library file. E. It is compiled into the Linux kernel.

A. It allows the addition of functionality when required. B. It can be loaded when needed. C. It keeps the Linux kernel lighter and more agile. D. It is a self-contained driver library file.

Which of the following are true concerning both DenyHosts and Fail2Ban?(Choose all that apply.) A. It is an intrusion detection system (IDS). B. It modifies the /etc/hosts.deny file. C. It only handles OpenSSH traffic. D. Its configuration file is named jail.conf. E. It can work with TCP Wrappers, iptables, and firewalld.

A. It is an intrusion detection system (IDS). B. It modifies the /etc/hosts.deny file.

You need to determine the dependencies of the unloaded xyz module. Which is the best utility to employ to accomplish this task? A. modprobe B. Ismod C. insmod D. dmesg E. None of the Above

A. None of the above -modinfo

Tony is trying to troubleshoot errors produced by an application on his Linux system but has to dig through lots of entries in the journal log file to find them. What journalctl match option would help him by only displaying journal entries related to the specific application? A. OBJECT_PID B. Kernel C. _TRANSPORT D. _UID E. _UDEV

A. OBJECT_PID

Which of the following will display failed login attempts? Choose all that apply. A. pam_tally2 B. pam_tally2.so C. pam_faillock D. faillock E. tally2

A. Pam_tally2 D. faillock

What permissions can be applied to a file or directory? Choose all that apply. A. Read B. Write C. Delete D. Modify E. Execute

A. Read B. Write E. Execute

Which of the following are true concerning TCP wrappers? Choose all that apply A. The /etc/hosts.allow file is consulted first. B. If an application is compiled with the libwrap library, it can employ TCP Wrappers. C. IP addresses of remote systems can be listed individually or as entire subnets. D. TCP Wrappers are considered to be deprecated by many distributions and firewalls should be used instead. E. The /etc/hosts.allow file should contain ALL:ALL to provide the best security

A. The /etc/hosts.allow file is consulted first. B. If an application is compiled with the libwrap library, it can employ TCP Wrappers. C. IP addresses of remote systems can be listed individually or as entire subnets. D. TCP Wrappers are considered to be deprecated by many distributions and firewalls should be used instead.

Fred was assigned the task of creating a new group on the company Linux server and now needs to assign permissions for that group to files and directories. What Linux utility should he use to change the group assigned to the files and directories? Choose all that apply. A. chgrp B. chown C. chmod D. chage E. ulimit

A. chgrp B. chown

What tools do you use to install packages from a Red Hat-based repository? Choose all that apply. A. dpkg B. tar C. yum D. apt-get E. dnf

A. dnf C. yum

What is the most common compiler used for open source Linux applications? A. gcc B. make C. configure D. dpkg E. None of the Above

A. gcc

For an application to use PAM, it needs to be compiled with which PAM library? A. libpam (also called libpam.so) library. B. pam_cracklib C. pam_unix.so D. pam_nologin.so E. None of the above

A. libpam (also called libpam.so) library.

You need to remove the xyz module and all of its dependencies. Which is the best command to employ? A. modprobe -r B. dmesg C. groupdel D. paste E. None of the Above

A. modporbe -r

Which of the following are PAM control flags? Choose all that apply. A. requisite B. required C. sufficient D. optional E. Allowed

A. requisite B. required C. sufficient D. optional

What application container format do Red Hat-based Linux distributions utilize for installing applications? A. rpm B. dpkg C. snap D. gcc E. None of the above

A. rpm

What configuration file does the rsyslogd application use by default? A. rsyslog.conf B. journald.conf C. syslogd.conf D. rsyslog.d E. syslog.d

A. rsyslog.conf

Which of the following is an example of UFW simple syntax for blocking all incoming and outgoing OpenSSH connections without providing a blocking message? A. sudo ufw deny 22/tcp B. sudo ufw drop 22/tcp C. sudo ufw reject 22/tcp D. sudo ufw accept 22/tcp E. sudo ufw block 22/tcp

A. sudo ufw deny 22/tcp

Which programs are used to download tarballs from an application's website? Choose all that apply. A. wget B. cURL C. dpkg D. rpm E. yum

A. wget B. cURL

Which of the following are OpenSSH configuration files? Choose all that apply. A. ~./ssh/config B. /etc/ssh/ssh_config C. /etc/ssh/sshd_config D. /etc/sshd/ssh_config E. /etc/sshd/sshd_config

A. ~./ssh/config B. /etc/ssh/ssh_config C. /etc/ssh/sshd_config

Which of the following files may be involved in authenticating with SSH keys? A. ~/.ssh/id_rsa B. ~/.ssh/id_rsa_key.pub C. ~/.ssh/id_rsa_key D. /etc/ssh/ssh_host_rsa_key.pub E. None of the Above

A. ~/.ssh/id_rsa

____ rules in iptables have target values for identified packets, which determine the action taken on them

ACL

Ned notices in the logs that a user account schedules a job every day at noon that uses all of the system resources. How can he prevent that user account from doing that? A. Add the user account to the /etc/hosts.deny file. B.Add the user account to the /etc/cron.deny file. C. Use nologin as the user's default shell D. Use chroot for the user account

Add the user account to the /etc/cron.deny file.

What would you do to prevent the root user account from logging in from any terminal on your Linux system?

Assign the root user's default shell in the /etc/passwd file as the /usr/sbin/nologin application

Which of the following options best describes packet filtering? A. Identifying network packets via their control information and allowing them into the system B. Identifying network packets via their control information and determining what to do based on ACL rules C. Identifying network packets via their payload and determining what to do based on ACL rules D. Identifying network packets by their source address and determining what to do based on ACL rules E. Identifying network packets by

B. Identifying network packets via their control information and determining what to do based on ACL rules

What syslog severity level represents normal but significant condition messages? A. crit B. notice C. info D. alert E. local0

B. Notice

What user categories can be assigned permissions in Linux? Choose all that apply. A. Root B. Owner C. Group D. Others E. Department

B. Owner C. Group D. Others

Which of the following protocols or frameworks might be involved in using VPN software as a client? Choose all that apply. A. Transport B. SSL/TLS C. Tunnel D. DTLS E. IPSec

B. SSL/TLS D. DTLS E. IPSec

Barbara wants to ensure that the journal log files will be saved after the next reboot of her Linux system. What systemd-journald configuration setting should she use? A. Storage=auto B. Storage=persistent C. ForwardToSyslog=on D. Storage=volatile E. ForardToSyslog=off

B. Storage=persistent

Where can a module's configuration information be stored? Choose all that apply. A. The /etc/modules.conf file B. The /etc/modprobe.d/*.cong files C. The /etc/modules.d/*.conf files D. The /lib/modprobe.d/*.conf files E. The /usr/lib/modprobe.d/*.conf files

B. The /etc/modprobe.d/*.cong files C. The /etc/modules.d/*.conf files D. The /lib/modprobe.d/*.conf files E. The /usr/lib/modprobe.d/*.conf files

Sam needs to allow standard users to run an application with root privileges. What special permissions bit should she apply to the application file? A. The sticky bit B. The SUID bit C. The GUID bit D. Execute E. Write

B. The SUID bit

Which of the following are true concerning firewalls on Linux? Choose all the apply. A. They detect malicious behavior. B. They use ACLs for allowing packets C. They employ configurations files for persistency D. They use iptables embedded in the Linux kernel. E. They inspect network packet control information.use

B. They use ACLs for allowing packets C. They employ configurations files for persistency E. They inspect network packet control information.use

Katie wants to display the most recent entries in the journal log on her Linux system. What journalctl option should she use?A. -a B. -l C. -r D. -e E. -n

C. -r

Which of the following are benefits of a stateful firewall over a stateless firewall?(Choose all that apply.) A. It operates faster. B. It is not as vulnerable to DDoS attacks. C. It determines if packets are fragmented. D. It operates faster for established connections. E. It is vulnerable to DDoS attacks.

C. It determines if packets are fragmented. D. It operates faster for established connections.

Ted wants to provide encryption at the disk level so users don't need to encrypt individual files as they store them. What Linux feature should he use? A. PKI B. Kerberos C. LUKS D. chroot E. None of the above

C. LUKS

Sherri is trying to compile an application from the source code. Before she can create the application executable file, which script should she run to create the make script? A. make B. Make install C. configure D. gcc E. None of the above

C. configure

When you install a USB device on a Linux system, it appears the device is not being detected. Which of the following is the best command to troubleshoot this particular situation? A. depmod B. insmod C. lsmod D. modinfo E. None of the Above

C. depmod

Sally needs to view the ACL permissions assigned to a file on her Linux server. What command should she use? A. ls -Z B. ls -l C. getfacl D. chmod E. setfacl

C. getfacl

Ted is tasked with documenting the SELinux security context assigned to a group of files in a directory. What command should he use? A. getsebool B. setsebool C. ls -Z D. getenforce E. ls -l

C. ls -Z

Fred received an application in source code format. Which script should he run to create the executable application program? A. rpm B. yum C. make D. wget E. None of the above

C. make

You need to install the xyz module, including all its needed dependencies. Which of the following utilities should you use? A. depmod B. Ismod C. modprobe D. modinfo E. None of the above

C. modprobe

You need to unload the abc module from the Linux kernel. This module does not have any dependencies. What is the best utility to use? A. insmod B. unload C. rmmod D. modprobe E. None of the Above

C. rmmod

What filename extension does the Rocky Linux distribution use for packages? A. .tar B. .tgz C. .rpm D. .deb E. None of the above

C. rpm

Peter is a Linux system administrator of a system using the iptables service. He wants to add a rule to block only incoming ping packets and not send a rejection message to the source. What command should he employ? A. sudo iptables -P INPUT DROP B. sudo iptables -A INPUT -p icmp -j REJECT C. sudo iptables -A INPUT -p icmp -j DROP D. sudo iptables -D INPUT -p icmp -j DROP E. sudo iptables -A OUTPUT -p icmp -j REJECT

C. sudo iptables -A INPUT -p icmp -j DROP

Mary is required to log into her Linux system as a standard user but needs to run an application with administrator privileges. What commands can she use to do that? Choose all that apply. A. su B. wheel C. visudo D. sudo E. adm

C. visudo D. sudo

What user groups are commonly used to assign privileges for group members to run applications as the administrator? Choose all that apply. A. lp B. adm C. wheel D. sudo E. su

C. wheel D. sudo

Users on the system can share files in the /home/share/directory and are assigned to the Share group to do so. So that the regular users to be able to delete their files in the /home/share/ directory. the w group permission is set on the directory. However, one user cannot delete a specific file. Directory and file permissions are correctly set. What should you investigate?

Check that the immutable bit is set on the file.

Which of the following best describes a digital signature? A. A framework that proves authenticity and validation of keys as well as the people or devices that use them B. Ciphertext that has been turned into plaintext C. Plaintext that has been turned into ciphertext D. An original plaintext hash, which is encrypted with a private key and sent along with the cipher text E. None of the Above

D. An original plaintext hash, which is encrypted with a private key and sent along with the cipher text

Nancy wants to write a rsyslogd rule that separates event messages coming from the system job scheduler to a separate log file. Which syslog facility keyword should she use? A. console B. kern C. user D. cron E. local0

D. Cron

Despite his warnings, Fred continues to see users transfer files to his Linux server using unsecure FTP. How can he stop this? A. Place the user accounts in the /etc/hosts.deny file. B. Move the FTP application to a different network port. C. Place a message in the /etc/motd file telling users to stop. D. Disable the FTP application ports. E. None of the above

D. Disable the FTP application ports

Peter, a Linux system administrator, has been testing a new firewalld configuration. The test was successful. What should Peter do next? A. Using super user privileges, issue the reboot command. B. Using super user privileges, issue the firewall-cmd --panic-on command. C. Nothing. If the test was successful, the runtime environment is the permanent environment. D. Issue the firewall-cmd --runtime-to-permanent command using super user privileges. E. Issue another firewall-cmd command, but add the

D. Issue the firewall-cmd --runtime-to-permanent command using super user privileges.

What SELinux mode tracks policy violations but doesn't enforce them? A. Disabled B. Enforcing C. Targeted D. Permissive E. MLS

D. Permissive

Sally needs to install a new package on her Ubuntu Linux system. The package was distributed as a DEB file. What tool should she use? A. yum B. rpm C. tar D. dpkg E. None of the above

D. dpkg

You need to insert the abc module into the Linux kernel. This module does not have any dependencies. What is the best utility to use? A. modinfo B. dmesg C. depmod D. insmod E. None of the above

D. insmod

James needs to log all kernel messages that have a severity level of warning or higher to a separate log file. What facility and priority setting should he use? A. kern.=warn B. kern.* C. *.info D. kern.warn E. kern.alert

D. kern.warn

What syslog application is known for its rocket-fast speed? A. systemd-journald B. syslog-ng C. syslogd D. rsyslogd E. klogd

D. rsyslogd

Which of the following commands will allow you to view the various rules in a UFW firewall with their associated numbers? A. sudo ufw show numeric B. sudo ufw status C. sudo ufw status verbose D. sudo ufw status numbered E. sudo ufw enable

D. sudo ufw status numbered

What protocol became a de facto standard in Linux for tracking system event messages? A. SMTP B. FTP C. NTP D. syslog E. journalctl

D. syslog

Harry has finished writing his application source code but needs to package it for distribution. What tool should he use so that it can be extracted in any Linux system. A. rpm B. yum C. apt-get D. tar E. None of the above

D. tar

The OpenSSH application keeps track of any previously connected hosts and their public keys in what file? A. /etc/ssh/authorized_keys B. /etc/ssh/known_hosts C. ~/.ssh/authorized_keys D. ~/.ssh/known_hosts E. None of the Above

D. ~/.ssh/known_hosts

The __ application helps protect against brute-force attacks coming through Open SSH. It monitors sshd log messages and modifies the ___ file to block an identified attack.

DenyHosts, /etc/hosts.deny

The ___ application helps protect against brute-force attacks coming through Open SSH. It monitors sshd log messages and modifies the ___ file to block and identified

DenyHosts, /etc/hosts.deny

The modprobe utility uses the __ file to determine any module dependencies. A. /lib/modules B. /usr/lib/modules C. /etc/modprobe.d D. /lib/modprobe.d E. None of the above

E None of the above modules.dep

Which authentication method issues tickets to users and help with implementing the single sign-on feature in a network of servers? A. RADIUS B. TACACS+ C. Biometrics D. LDAP E. None of the above

E. None of the above Correct answer Kerberos

The firewalld service uses _____ , which is a predefined rule set. A. netfilter B. firewall-cmd C. Services D. reject E. Zones

E. Zones

What syslog severity level has the highest priority ranking in rsyslogd? A. alert B. crit C. err D. notice E. emerg

E. emerg

Virginia is administering a Linux system with a firewall. She has already set up an IPset and named it BlockThem. A new attack has begun to occur from the 72.32.138.96 address. Along with super user privileges, what command should she issue to add this IPv4 address to the IPset? A. ipset create BlockThem hash:net B. ipset -n BlockThem hash:net C. ipset save -f /etc/ipset.conf D. ipset -A BlockThem 72.32.138.0/24 E. ipset add BlockThem 72.32.138.96

E. ipset add BlockThem 72.32.138.96

What are the equivalent symbolic permissions for the octal mode value of 644? A. rwxrw-r-- B. -w--w--w- C. -w-r--r-- D.rwxrw-rw- E. rw-r--r--

E. rw-r--r--

What are the eight severity levels available in the syslog logging protocol?

From lowest to highest they are deb, info, notice, warning, err, crit alert, and emerg.

The __ utility displays all the currently loaded modules, the number of processes and other modules using them, and the other module's name. The __ program displays detailed information concerning a module, including its dependencies.

Ismod, modinfo

What authentication method uses a hierarchical tree structure for storing information about network users and resources?

Lightweight Directory Access Protocol (LDAP)

What three classifications does Linux use while applying for standard file and directory permissions?

Linux uses three categories: the owner, a group, and everyone else.

Older Linux distributions use a single file, __, as their kernel module configuration file. More modern distributions use configuration directories, which can be ___, ___, ___, and/or the ___ directory.

Older Linux distributions use a single file, /etc/modules.conf, as their kernel modules configuration file. More modern distributions use configuration directories, which can be /etc/modprobe.d/, /lib/modprobe.d/, /usr/lib/modprobe.d/, and/or the /run/modprobe.d/ directory.

What tools should you use to work with packages stored in a Red Hat-based repository?

Red Hat-based systems use the yum and dnf package tools to install, update, or remove packages. The openSUSE Linux distribution uses the zypper utility.

VPN software establishes a secure encrypted connection between two systems, and the protocols involved may be ____, _____, and _____.

SLS/TLS, DTLS, IPsec

What is the benefit of creating a separate partition for the /home directory?

Since user directories are stored in the /home directory, creating a separate partition for the /home directory prevents any single user from taking up al the disk space for the operating system

Symmetric key encryption uses only a ____ key for both encrypting and decrypting data. Asymmetric key encryption uses a ___ key pair, where commonly, the ____ key is used for encryption and the ___ key is used for decryption.

Symmetric key encryption uses only a private key for both encrypting and decrypting data. Asymmetric key encryption uses a public/private key pair, where commonly, the public key is used for encryption and the private key is used for decryption

List the command-line tools used for Debian and Red Hat-based package management.

The Debian package management system uses the dpkg command to create and install packages, and the Red Hat package management system uses the rpm command.

What tools should you use to work with packages stored in a Debian-based repository?

The Debian system uses the apt-get utility to install, update, or remove packages, and it uses the apt-cache utility to manage the package database on the system. The apt utility is a front-end script that allows you to use command options for both apt-get and apt-cache in one place.

Explain how you can assign permission for a file or directory to multiple users and/or groups.

The Linux access control list (ACL) feature allows you to assign permissions for multiple users and groups for files and directories. Use the setfacl command to assign permissions and the getfacl command to view existing permissions.

What feature is available in Red Hat-- based Linux distributions that apply mandatory access control (MAC) to files, directories, and applications?

The Security-Enhanced Linux (SELinux) application implements MAC security by allowing you to set policy rules for controlling access between various types of objects on the Linux system.

The __ utility requires a full module file name in order to insert a module into the kernel and does not load any module dependencies. The __ utility only requires the module's name and searches the __ file to determine and load any module dependencies.

The insmod utility requires a full module file name in order to insert a module into the kernel and does not load any module dependencies. THe modprobe utility only requires the modul's name and searches the modules.dep file to determine and load any module dependencies.

What tool can you use to create your own log entries from your shell scripts?

The logger utility allows you to create entries in the standard log. You can also use the -p option to set the severity level of the message.

The __ utility unlinks a module from the kernel but does not upload any module dependencies. The __ utility, using the __ option, will upload the module and unlink any module dependencies.

The rmmod utility unlinks a module from the kernel but does not upload any module dependencies. The modprobe utility, using the -r option, will unload the module and unlink any module dependencies.

How do you define what events to log, and how to log them, with the rsyslogd application?

The rsyslogd application reads the /etc/rsyslogd.conf configuration file for rules to know what events to listen to and what to do when they trigger. Each line defines a facility and severity, along with an action to take.

If you use the command sudo from the command line, what are you trying to do?

The sudo command runs a specified application as another user account, including the root user.

How do Linux systems using the systemd services package log events?

The systemd-journald application reads the /etc/systemd/journald.conf configuration file to determine what events to log and how to log them.

How do you view logs generated by the systemd-journald application?

Unfortunately, the log files created by the systemd-journald application are not text files, so you can't read them directly. Instead, you must use the journalctl command to view the log entries.

What scripts do you usually need to run to install an application from the source code?

When an application is distributed in source code format, you normally need to run the configure script to detect the library files required to compile the application. After the configure script, run the make script to build the executable file. Finally, run the make script again with the install option to install the application in the appropriate directories.

What two commands can you use to change the group assigned to a file or directory?

You can use the chgrp command to directly change the group, or you can use the chown command and change the owner and group both at the same time.

Applications can enforce strong passwords via the three PAM modules: ____, ____, and ____.

pam_unix.so, pam_pwhistory.so and pam_pwquality.so (formerly called pam_cracklib.so)

If OpenSSH keys need to be regenerated or you are setting up a password-less login, you can employ the ____ utility to create the needed keys.

ssh-keygen

Users on the system can share files in the /home/share/directory and are assigned to the Share group to do so. For the regular users to be able to create a file in the /home/share/ directory, the __ group permission must be set on the directory.

w