Final Exam Review Operating System Security

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What user account information can be found in the /etc/passwd file?

The user's basic information, such as the default login shell

The primary boot loaders in Linux are Grand Unified Bootloader (GRUB) and Linux Loader (LILO).

True

The term "attack surface" indicates the total number of vulnerabilities a system might have.

True

Using the sudo command to issue command is typically safer than logging in as the root user.

True

Smoke detectors, log monitors, and system audits are examples of:

detective controls

The C-I-A Triad (confidentiality, availability, and integrity) make up the three:

goals of information security

A runlevel provides information to ______ about what it should be doing as it starts the system up.

init program

In the shadow password suite, user access to the /etc/shadow file is limited to the root administrative user.

True

One benefit of open source code is the ability to learn what the code does and how the program operates.

True

Pluggable authentication modules (PAM) allows users to be authenticated with local password stores and by way of network authentication, using facilities like Network Information Service (NIS) and the Lightweight Directory Access Protocol (LDAP).

True

The C-I-A triad is the core and defining set of concepts with respect to information security.

True

The Linux open source license allows anyone to use, modify, and improve the source code.

True

_______ is a service that starts up and remains running in the background.

A daemon

What is the best definition of a bastion?

A fortified place

________ is the software that manages and runs virtual machines.

A hypervisor

A denial of service (DoS) attack jeopardizes which tenet of the C-I-A triad?

Availability

In a Linux system, _________ is responsible for locating the kernel and loading it into memory so it can run.

Boot loader

When trying to crack password hashes, what three types of attacks are typically used:

Brute force, dictionary attack, rainbow tables

What does CVSS stand for?

Common Vulnerability Scoring System

Keeping secrets is the essence of which tenet of the C-I-A triad?

Confidentiality

Which of the following refers to the assurance that information can be accessed and viewed only by authorized users?

Confidentiality

What is the philosophy behind the tenant of defense-in-depth?

Defense-in-depth means applying overlapping and layered security defenses so that if one layer is bypassed or compromised another layer still provides protection against attack.

In the shadow password suite, the /etc/passwd file may store a hashed password for a group.

False

Ensuring that the data that is sent is the data that is received describes which tenet of the C-I-A triad?

Integrity

The assurance that information can be modified only by authorized users is referred to as:

Integrity

In Linux, software for network services, graphical user interfaces (GUIs), language compilers, and many other kinds of software typically come in bundles referred to as _______.

Packages

Given the following services, which service would start first?

S05loadcpufreq

In the shadow password suite, the /etc/group file contains basic information for each group account.

True

Why is it important to secure an operating system?

To protect against attack

A hardened Linux system typically contains fewer packages to be monitored for updates in case vulnerabilities are found in the software.

True

A threat vector describes a way for an attacker to get into a system.

True

In a Linux system, a smaller number of packages means a smaller surface area for attack.

True

In the Linux operating system, the kernel interfaces with the hardware to manage memory and file systems and make sure programs are run.

True

Apache is a popular type of _____________.

Web server package

Procedural controls are also referred to as:

administrative controls

The collection of all possible vulnerabilities that could provide unauthorized access to computer resources is called the:

attack surface


Ensembles d'études connexes

NCLEX Prep Content Mastery Final Exam

View Set

COMM 27: Public Speaking - Exam #2

View Set

Dirigente scolastico AREA 1 (unione europea)

View Set

Ch. 3: Life Policy Provisions, Riders and Options

View Set