4612 Final (ONLY STUDY THE STARRED STUFF)
Which of the following uses the ping command to display a list of active systems on a network?
nmap -sP 10.0.0.0/8
Regarding SELinux, which of the following files includes lists of critical files and services to be watched for changes?
sestatus.conf
An executable file with the _________ allows other users to run that command, with the permissions assigned to that user owner.
set user ID (SUID) bit
Which command do you use to apply administrative privileges to another command without logging in as root? su -a, su -c, su -f, or su -h
su -c
In a Linux system, _________ is responsible for locating the kernel and loading it into memory so it can run.
the boot loader
The read, write, and execute permissions of a file are an example of a ________.
discretionary access control
Linux unified key setup (LUKS) is a specification for ________.
disk encryption
Fedora and Ubuntu are examples of ______.
distributions
What is the primary AppArmor configuration file?
logprof.conf
Which file permission is NOT an example of discretionary access control? 1) Read 2) Write 3) Execute 4) Boolean
Boolean
Whereas the cron service is a scheduler for jobs to be run on a one-time basis, the at service is a scheduler for jobs to be run on a regular basis. True or False?
False
Each line in a ____ configuration file is set up in the following format: module_type control_flag module_file (arguments)
PAM
GNOME and KDE are __________.
graphical desktop environments
Which of the following control flags used in pluggable authentication modules (PAM) approves user access assuming that there are no previous failures?
sufficient
A discretionary access control for a file is a control mechanism that is set by _______.
the user owner of the file
Lightweight Directory Access Protocol (LDAP) uses an encryption certificate to avoid transmitting passwords over a network in cleartext. True or False?
true
Which mounting option enables user quotas on a filesytem? 1) usrquota 2) enable quotas 3) edquota 4) rw
usrquota
Which of the following is associated with wireless intrusion detection system (WIDS)?
Wi-Fi Protected Access (WPA)
Which of the following should no longer be used because of weak security?
Wired Equivalent Privacy (WEP)
What is a valid reason for setting up the /home/ directory as a separate filesystem?
You can upgrade the distribution at a later date with little risk to user files.
The iptables program is used to configure ___________.
a firewall
The /usr/ directory contains programs that are generally accessible to all users. This directory can be secured by mounting it ______.
as read-only
You set up an FTP server and configured it to allow users to access their home directories. Which directive should you also include in the configuration file for security purposes?
chroot_local_user = YES
Console kit packages, such as polkit, contain three primary commands. Which of the following is NOT included? ck-permissions, ck-history, ck-list-sessions, ck-launch-session
ck-permissions
You want to allow members of the users group to use fdisk on the /dev/sda drive (and only that drive) and to use the yum command to update and install packages. Which command do you run?
%users ALL=/sbin/fdisk /dev/sda, /usr/bin/yum
The Linux open source license, referred to as GNU General Public License (GPL), requires which of the following?
Any software based on GPLed software retains the same rights as the original software
A server has the following TCP Wrappers configuration: /etc/hosts.deny ALL : ALL What is the result of this configuration?
Denies access to all daemons from all clients
Which of the following is an open source license? GNU General Public License (GPL), C-I-A, Red Hat, or Unix
GNU General Public License (GPL)
What can you use to ensure the integrity of a downloaded package?
GNU Privacy Guard (GPG) keys
Ensuring that the data that is sent is the data that is received describes which tenet of the C-I-A triad?
Integrity
You want to find out which ports are associated with certain TCP/IP services. Which organization specifies default port numbers and protocols for thousands of services?
Internet Assigned Numbers Authority (IANA)
What does Red Hat Enterprise Linux use to install software packages?
Red Hat Package Manager (RPM) and Yellowdog Update, Modified (yum)
A user needs access to execute networking-related commands only. What type of access should be granted using the principle of least privilege?
The user should be given sudo access to NETWORKING.
Which Linux partition type is used for standard partitions with data?
83
Which of the following is usually about preventing a party involved in a transaction from denying that the transaction occurred?
Nonrepudiation
What is the CUPS service associated with?
Printing
A rainbow table is a set of precomputed stored hashes that are mapped to a plaintext password. True or False?
True
Alternate attack vectors include connections through telephone modems and serial ports. True or False?
True
The GRUB configuration file is generally located in the ______ directory.
/boot/
Which file is used to configure the various mounting options of a filesystem upon boot?
/etc/fstab
Configuring a user account policy with minimum password length, maximum days for using a password, and various user logins can be performed by editing the ________ file.
/etc/login.defs
From which of the following files does the iptables command read ports of well-known services?
/etc/services
Which of the following files is NOT a part of the shadow password suite? 1) /etc/shadow 2) /etc/group 3) /etc/passwd 4) /etc/sudoers
/etc/sudoers
Which directory renders many applications unusable, including logging into the graphical user interface (GUI), if the space allocated to the /tmp/ filesystem is full?
/tmp/
You used a protocol analyzer to capture some network traffic. You want to focus on FTP traffic. What port should be used?
21
You used a protocol analyzer to capture some network traffic. You want to focus on FTP traffic. Which port number do you include in the filter?
21
What is Apache?
A Web server
What is the best definition of a bastion?
A fortified place
________ is the software that manages and runs virtual machines.
A hypervisor
What is a salt?
A value added to a hash
Which of the following is NOT an SELinux mode?
Allow
A polkit mechanism includes a subject, an object, and an action. Which of the following is the subject?
An administrative tool
What is Snort?
An intrusion detection service
What is Tripwire?
An intrusion detection system
What does the Parkerian hexad include that the C-I-A triad does not?
Authenticity
A denial of service (DoS) attack jeopardizes which tenet of the C-I-A triad?
Availability
The ls -p command displays file and folder permissions. True or False?
False
Keeping secrets is the essence of which tenet of the C-I-A triad?
Confidentiality
A black-hat can use Van Eck phreaking to exploit which of the following?
Electromagnetic output from CRT and LCD monitors
Assuming a demilitarized zone (DMZ) is configured, there's no need to set up a separate firewall between the DMZ network and the internal network. True or False?
False
The identifiers ext4, FAT32, and NTFS are types of kernels. True or False?
False
The iptables -s <ip_address> rule is applied to packets that come from the noteddestination address. True or False?
False
Which of the following is the development distribution for Red Hat? Fedora, Ubuntu, Mint, Debian
Fedora
What is the best definition of a firewall?
Hardware or software capable of blocking networking communications based on established criteria, or rules
What are the advantages of virtualization in a Linux infrastructure? I. Cost savings by purchasing less hardware II. Managing a single physical system with many different functions III. Managing several physical systems each with a unique function
I, II, and III are correct
Which of the following is NOT true of Nessus? -Can perform local scans -Can perform remote scans -Is released under an open source license -Is available through a Web browser
Is released under an open source license
The following are true of system hardening EXCEPT: 1) A hardened system is more resistant to attack. 2) It involves removing all but the most critical users from the system. 3) A hardened system usually has more packages to update than an unhardened system. 4) It involves ensuring permissions are restricted on files and directories.
It involves removing all but the most critical users from the system.
Which tool is generally NOT used to decrypt and test passwords? RainbowCrack, Nessus, Hydra, or John the Ripper
Nessus
Which of the following is the best choice for network authentication?
Network Information Service (NIS)
Which of the following is true regarding open source software versus commercial software?
Open source projects put their source code out on the open Internet at public repositories.
Which of the following statements is true about using a mandatory access control system on Linux?
Properly setting up a mandatory access control system requires discipline and configuration knowledge.
What defines the services to be run in Linux?
Runlevel
The security test tool SAINT began as the open source version of __________.
SATAN
The default mandatory access control system used for Red Hat distributions is ______.
SELinux
Postfix and Exim are types of _____________.
SMTP server packages
Which of the following enables a Linux system to be used as a Windows domain controller to authenticate Windows users? 1) Samba 2) A modular kernel 3) GRUB 4) LILO
Samba
Which of the following represents a type of mandatory access control? 1) A user cannot open the /etc/shadow file to read because the file is owned by user and group root. 2) The FTP service is allowed to interact with directories other than users' home directories. 3) A user gives a group permission to read the /var/log file. 4) A user can give read, write, and execute permissions to a file.
The FTP service is allowed to interact with directories other than users' home directories.
What is Canonical?
The company behind Ubuntu
You run the encrypt-setup-private command to encrypt a user directory. What is one thing you are prompted to enter?
The login passphrase
What user account information can be found in the /etc/passwd file?
The user's basic information, such as the default login shell
What is the purpose of the following iptables command? iptables -A Firewall-INPUT -p icmp --icmp-type any -j ACCEPT
To allow all incoming ICMP messages
Cron is a service for running administrative jobs on a regular basis. True or False?
True
Files on a device are accessible only when they're mounted on a Linux directory. True or False?
True
If the kernel file is overwritten with a binary that doesn't work or if the file is erased, the system won't boot again until the kernel file is replaced. True or False?
True
In Linux, three major services that network files and folders are the Network File System (NFS), Samba, and the File Transfer Protocol (FTP). True or False?
True
Pluggable authentication modules (PAM) offers a number of ways for users to be authenticated on a Linux system. True or False?
True
The cron and at services enable you to schedule tasks in Linux. True or False?
True
The iptables -R command replaces a rule in a chain of rules. True or False?
True
The iptables -j DROP and -j REJECT command options both drop packets. True or False?
True
The most common standard for file encryption on Linux is based on GNU Privacy Guard (GPG). True or False?
True
When configuring obscure ports for a service, configuring different ports for clients and servers is not enough. You also need to configure an open port in the firewall. True or False?
True
Wireless encryption algorithms such as WPA and WPA2 may be cracked if they use weak pre-shared keys based on dictionary words. True or False?
True
You can use specific iptables rules to prevent denial of service (DoS) attacks. True or False?
True
You want to use TCP Wrappers to protect services dynamically linked to libwrap.so.0. Which command do you run to determine if a dynamic link already exists between the noted service and TCP Wrappers?
ldd
Suppose a scanner discovers a new port, 8888, which is open on a Web server. Which one of the following commands will provide information on the particular network-related process that has opened the port?
lsof -ni
Which command formats all Linux filesystems, Microsoft VFAT, and NTFS filesystems?
mkfs
The _________ part of the kernel contains drivers and options essential to the kernel boot process.
monolithic
Which command is associated with netcat, a service that reads and writes over network connections?
nc
Linux implements _________ to determine how a user is to be authenticated and whether there are password policies associated with password databases.
pluggable authentication modules (PAM)
Which command starts the SELinux Troubleshooter?
sealert -b