CSCI 3602

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

You can use specific iptables rules to prevent denial of service (DoS) attacks.

True

Which file permission is NOT an example of discretionary access control?

Boolean

You want to set up maximum protection with TCP Wrappers. What rule do you include in the /etc/hosts.deny file to deny access to all daemons from all clients?

ALL : ALL

You want to allow members of the users group to use fdisk on the /dev/sda drive (and only that drive) and to use the yum command to update and install packages. Which command do you run?

%users ALL=/sbin /fdisk /dev/sda, /usr/bin/yum

From which of the following files does the iptables command read ports of well-known services?

/etc/services

Keeping secrets is the essence of which tenet of the C-I-A triad?

Confidentiality

Which of the following is NOT an AppArmor mode?

Confirm

In Linux, a volume is a way to segment a drive and a partition is a single entity that can be formatted with a filesystem.

False

In the filesystem hierarchy standard (FHS), the top-level root directory (indicated by the forward slash [/], is never mounted separately.

False

In the shadow password suite, the /etc/passwd file may store a hashed password for a group.

False

Pluggable authentication modules (PAM) solves administrative permission problems by providing higher-level functions without having the whole program gain administrative access.

False

The identifiers ext4, FAT32, and NTFS are types of kernels.

False

Which of the following is the development distribution for Red Hat?

Fedora

What is the best definition of a firewall?

Hardware or software capable of blocking networking communications based on established criteria, or rules.

You want to find out which ports are associated with certain TCP/IP services. Which organization specifies default port numbers and protocols for thousands of services?

Internet Assigned Numbers Authority (IANA)

Who developed and released the first Linux operating system?

Linus Torvalds

What might a large increase in the size of an authorization log file indicate?

More frequently run user-based cron jobs or a large number of external login attempts.

Which of the following is the best choice for network authentication?

Network Information Service (NIS)

Which of the following is usually about preventing a party involved in a transaction from denying that the transaction occurred?

Nonrepudiation

What is the CUPS service associated with?

Printing

What does Red Hat Enterprise Linux use to install software packages?

Red Hat Package Manager (RPM) and Yellowdog Update, Modified (yum)

Which of the following enables a Linux system to be used as a Windows domain controller to authenticate Windows users?

Samba

Cron is a service for running administrative jobs on a regular basis.

True

Debian and its derivatives use firewalld rather than iptables for firewall creation and management.

True

In Linux, three major services that network files and folders are the Network File System (NFS), Samba, and the File Transfer Protocol (FTP).

True

In the shadow password suite, the /etc/group file contains basic information for each group account.

True

The cron and at services enable you to schedule task in Linux.

True

The iptables -A Firewall -INPUT -p 50 -j ACCEPT directive accepts input from port 50.

True

A discretionary access control for a file is a control mechanism that is set by ________.

the user owner of the file.

The Linux open source license, referred to as GNU General Public License (GPL), requires which of the following?

Any software based on GPLed software retains the same rights as the original software.

A server on a demilitarized zone (DMZ) network may serve data to users on the Internet.

True

After configuring quotas on a Linux system, you can use the edquota command to edit the quota of a specific user.

True

Alternate attack vectors include connections through telephone modems and serial ports.

True

Red Hat uses the Linux unified key setup (LUKS) disk-encryption specification.

True

Which Linux filesystem format does not include any type of journaling?

ext2

You used a protocol analyzer to capture some network traffic. You want to focus on FTP traffic. Which port number do you include in the filter.

21

What is Apache?

A Web server

The following are true of system hardening EXCEPT:

A hardened system usually has more packages to update than an unhardened system.

What can a black-hat hacker use to decipher hashed passwords?

A rainbow table

What is Snort?

An Intrusion detection service

Which of the following files is Not a part of the shadow password suite?

/etc/sudoers

The GRUB configuration file is generally located in the ______ directory.

/root/

With which directory is the sticky bit most commonly associated?

/tmp

The well-known TCP/IP port numbers range from 0 to _______.

1023

Which of the following represents a type of mandatory access control?

The FTP service is allowed to interact with directories other than users' home directories.

Which of the following is associated with wireless intrusion detection system (WIDS)

Wi-Fi Protected Access (WPA)

The /usr/ directory contains programs that are generally accessible to all users. This directory can be secured by mounting it _________.

as read-only

What is the primary AppArmor configuration file?

logprof.conf

The _______________ part of the kernel contains drivers and options essential to the kernel boot process.

monolithic

Linux implements _______________ to determine how a user is to be authenticated and whether there are password policies associated with password databases.

pluggable authentication modules (PAM)

Which command starts the SELinux Troubleshooter?

sealert -b

Regarding SELinux, which of the following files includes lists of critical files and services to be watched for changes?

sestatus.conf

The iptables -j DROP and -j REJECT command options both drop packets.

True

The most common standard for file encryption on Linux is based on GNU Privacy Guard (GPG).

True

The set user ID (SUID) bit is a special permission that allows others to execute a given file with the rights of the user owner of the file.

True

When configuring obscure ports for a service, configuring different ports for clients and servers is not enough. You also need to configure an open port in the firewall.

True

Wireless encryption algorithms such as WPA and WPA2 may be cracked if they use weak pre-shared keys based on dictionary words.

True

A black-hat can use Van Eck phreaking to exploit which of the following?

Electromagnetic output from CRT and LCD monitors

A Linux distribution typically does NOT include which of the following?

Virtual platform

Apache is a popular type of _____________.

Web server package


Ensembles d'études connexes

Intellectual Property & Internet Law

View Set

Chapter 6 Interest rate and bond valuation

View Set

coterminal, dms, complement, and supplement angles

View Set

Aflac Final exam incorrect questions 3

View Set

Lecture 26 (Transcription & Translation)

View Set