Chapter 14: Security, Troubleshooting, and Performance

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

seinfo command

Displays SELinux features

brctl command

Displays and modifies Ethernet bridge configuration within the Linux Kernel

arp command

Displays and modifies the MAC address cache on a system

dmidecode command

Displays hardware device information detected by the system BIOS

iostat (input/output staticstics)

Displays input and output statistics for block storage devices on the system

tload command

Displays load average information for a Linux system

vmstat command

Displays memory, CPU, and swap statistics on a Linux system

uptime command

Displays system uptime and load average information for a Linux system

iftop command

Displays the bandwidth sent from the local computer to other hosts

audit2why command

Displays the description and purpose of SELinux log entries

iotop (input/output top) command

Displays the processes on a Linux system that have the highest number of associated input/output requests to block storage devices

multi-factor authentication

The process whereby multiple separate mechanisms are used to validate a user's identity

iperf command

Used to measure the bandwidth between two computers

setsebool command

Used to modify SELinux settings within an SELinux policy

nmap (network mapper) command

Used to scan ports on network computers

tshark command

Used to start a command-line version of the graphical Wireshark program

firewall-cmd command

Used to view and configure firewalld zones, services, and rules

udevadm command

Used to view and modify udev daemon configuration

pam_tally2 command, faillock command

Used to view and modify user lockout settings

klist command

Used to view kerberos authentication information

aa-status command

Used to view the status of AppArmor and AppArmor profiles

getenforce command

Used to view whether SELinux is using enforcing or permissive mode

transport mode

VPN mode whereby traffic is encrypted between two computers

Proactive maintenance

Measures taken to reduce future system problems

Reactive maintenance

Measures taken when system problems arise

free command

Used to display memory and swap statistics

network zone

A component of firewalld that defines a level of trust for network connections

Stateful Packet Filters

A packet filter that applies rules to related packets within the same network session

baseline

Measure of normal system activity

AppArmor profile

A text file within the /etc/apparmor.d directory that lists application-specific restrictions

buffer overrun

An attack in which a network service is altered in memory

Lightweight Directory Access Protocol (LDAP)

An industry standard protocol used for accessing and managing information within a directory service; an application protocol for querying and modifying data using directory services running over TCP/IP.

rules

Components of a firewall that match specific network traffic that is to be allowed or dropped

memory leak

Condition whereby a process continually uses more and more memory within a system, until there is no more memory available

Network Latency

Condtion where replies to network requests are slow or intermittent

file handles

Connections that a program makes to files on a filesystem

sar (system activity reporter) command

Dispalys various performance-related statistics on a Linux system

pidstat (PID statistics) command

Displays CPU staticstics for each PID on a Linux system

mpstat (multiple processor statistics) command

Displays CPU statistics on a Linux system

restorecon command

Forces SELinux to set the default label on system files and directories

Firewall Configuration Utility

Graphical firewall configuration utility used on fedora systems

Wireshark

Graphical program used to display the network traffic passing through a network interface

netfilter

Linux kernel component that provides firewall and NAT capability on modern Linux systems

AppArmor

Linux kernel module and related software packages that prevent malicious software from accessing system resources

IP set

List of hosts and networks that can be used within a firewall rule

aa-unconfined command

Lists process that aren't controlled by AppArmor

GNU privacy guard (GPG)

Open source assymetric encryption technology that can be used to encrypt and digitally sign files and email

Multi-Category Security (MCS)

Optional SELinux policy scheme that prevents processes from accessing other processes that have similar attributes

Multi-Level Security (MLS)

Optional SELinux policy scheme that uses custom attributes

One time password (OTP)

Password used to validate a user once only

jabbering

Process by which failing hardware components send large amounts of information to the CPU

Monitoring

Process by which system areas are observed for problems or irregularities

Automatic Bug Reporting Tool Daemon (ABRTD)

Process that automatically sends application crash data to an online bug reporting service

TCP wrapper

Program that can be used to run a network daemon with additional client restrictions. Specified in the /etc/hosts.allow and etc/hosts.deny files.

Server Closet

Secured room that stores servers within the organization

ioping (input/output ping) command

Sends input/output requests to a block storage device and measures the speed at which they occur

aa-enforce command

Sets an AppArmor profile to enforce mode

Uncomplicated firewall (UFW)

Software component that can be used to simplify the configuration of netfilter firewall rules

System Statistics (sysstat) package

Software package that contains common performance-monitoring utilities

vulnerability scanner

Software that is used to scan a system for known vulnerabilities

Security Information and Event Management (SIEM)

Software used to monitor security events and vulnerabilities on systems across a network

Common Vulnerabilities and Exposures (CVE), Common weakness Enumeration (CWE)

System used to catalog security vulnerabilities

sestatus command

The command that displays the current status and functionality of the SELinux subsystem.

ulimit command

The command used to modify process limit parameters in the current shell.

chains

The component of a firewall that specify the general type of network traffic to which rules apply.

Pluggable Authentication Modules (PAM)

The component that handles authentication requests by daemons on a Linux system.

biometric

Type of authentication that uses physical human attributes

kinit command

Used to authenticate to a Kerberos authentication service

setenforce command

Used to change SELinux between enforcing and permissive mode

chcon command

Used to change the type classification within SELinux labels on system files and directories

ipset command

Used to configure IP sets

iptables command

Used to configure IPv4 rules for a netfiler firewall

ip6tables command

Used to configure IPv6 rules for a netfilter firewall

ufw command

Used to configure UFW

getsebool command

Used to display SELinux settings within an SELinux policy

login banner

a message that is displayed to users after logging into a system

self-signed certificate

certifcate that was digitally signed by the computer that generated the public key within

GPG agent

daemon that can be used to store the private key passphrase used by GPG

firewall daemon (firewalld)

daemon used to simply the configuration of netfilter rules via network zones

aa-disable command

disables an AppArmor profile

label

identifier that SELinux places on a file, directory, or process

bus mastering

process by which peripheral components perform tasks normally executed by the cpu

hashes, message digests

see checksum

Remote Dial In User Service (RADIUS), Terminal Access Controller Access Control System Plus (TACACS+)

service that provides centralized authentication, logging, and policy restrictions on a network

Security Enhanced Linux (SELinux)

set of linux kernel components and related software packages that prevent malicious software from accessing system resources

aa-complain command

sets an AppArmor profile to complain mode

Documentation

system info that is stored in a file or log book for future reference

troubleshooting procedures

tasks performed when solving system problems

Linux Unified Key Setup (LUKS)

technology that encrypts the contents of a Linux filesystem

cryptsetup command

used to configure and manage LUKS

gpg command

used to configure and manage gpg

tcpdump command

used to display the network traffic passing through a network interface

sudoedit command

used to edit text files as another user

visudo command

used to modify /etc/sudoers file

sudo command

used to perform commands as another user via entries within the /etc/sudoers file

tunnel mode

vpn mode whereby traffic is encrypted between two routers


Ensembles d'études connexes

Business Essentials Ch 14 - Spr 2020

View Set

Unit 2: Contracts - Quiz Material

View Set

Mankiw principles of Macroeconomics Chapter 18

View Set

Primerica (Taxation of Life Insurance and annuities-Premiums and Proceeds)

View Set

The Iroquois Creation Myth: "The World on Turtle's Back"

View Set

Med Term- Chp. 6 "Cardiovascular System"

View Set