Security Pro Chapter 7
By definition, what is the process of reducing security exposure and tightening security controls? A.)Hardening B.)Passive reconnaissance C.)Active scanning D.)Social engineering
A
Choose the Group Policy type with the function that it can perform that is listed below: -Network communication security settings. A.)Computer Configuration B.)User Configuration
A
Choose the Group Policy type with the function that it can perform that is listed below: -Scripts that should run at startup or shutdown. A.)Computer Configuration B.)User Configuration
A
Choose the Group Policy type with the function that it can perform that is listed below: -Software that should be installed on a specific computer. A.)Computer Configuration B.)User Configuration
A
Choose the IT audit activity on for the description listed: -Documents incidents for security violations and incidents response. A.)Usage auditing B.)Risk evaluation C.)Escalation auditing D.)Privilege auditing E.)User access and rights review
A
Choose the bring your own device (BYOD) security issue for the remedy listed below: -Implement a network access control (NAC) solution. (1) A.)Preventing malware infections B.)Supporting mobile device users C.)Preventing loss of control of sensitive data D.)Preventing malicious insider attacks E.)Applying the latest anti-malware definitions
A
FTPS uses which mechanism to provide security for authentication and data transfer? A.)SSL B.)IPsec C.)Token devices D.)Multi-factor authentication
A
If an SMTP server is not properly and securely configured, it can be hijacked and used maliciously as a SMTP relay agent. Which activity could result if this happens? A.)Spamming B.)Virus hoax C.)Data diddling D.)Salami attack
A
Select the Group Policy objects (GPOs) in the order in which they are applied. -The Local Group Policy on the computer. A.)1 B.)2 C.)3
A
What does the netstat -a command show? A.)All listening and non-listening sockets B.)All connected hosts C.)All network users D.)All listening sockets
A
What is the most common means of virus distribution? A.)Email B.)Commercial software CDs C.)Music downloaded from the internet D.)Floppy disks
A
Which of the following best describes an audit daemon? A.)The trusted utility that runs a background process whenever auditing is enabled. B.)The interface that allows the administrator to handle, set up, initialize, and modify subsystem parameters. C.)The driver responsible for accepting audit records from the audit kernel. D.)The component that examines audit trails from current or previous audit sessions and reduces or compresses them for archival.
A
Which of the following describes Privilege auditing? A.)Users' and groups' rights and privileges are checked to guard against creeping privileges. B.)Users' activities are logged to document incidents for security investigations and incident response. C.)An employee is granted the minimum privileges required to perform the duties of her position. D.)No single user is granted sufficient privileges to compromise the security of an entire environment.
A
Which of the following is most vulnerable to a brute attack? A.)Password authentication B.)Two-factor authentication C.)Challenge-response token authentication D.)Biometric authentication
A
Which of the following network services or protocols uses TCP/IP port 22? A.)SSH B.)TFTP C.)NNTP D.)IMAP4
A
Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a short-term, periodic basis (Typically monthly)? A.)Hotfix B.)Targeted software patch C.)Service pack D.)Kernel fix kit
A
Which type of virus conceals its presence by intercepting system requests and altering service outputs? A.)Stealth B.)Retro C.)Polymorphic D.)Slow
A
You have been receiving a lot of phishing emails sent from the domain kenyan.msn.pl. Links within these emails open new browser windows at youneedit.com.pl. You want to make sure that these emails never reach your inbox, but you want to make sure that emails from other senders are not affected. What should you do? A.)Add kenyan.msn.pl to the email blacklist B.)Add mean.pl to the email blacklist C.)Add youneedit.com.pl to the email blacklist D.)Add pl to the email blacklist
A
You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the following terms best describes this software? A.)Rootkit B.)Botnet C.)Trojan horse D.)Privilege escalation E.)Spyware
A
You have placed an FTP server in your DMZ behind your firewall. The FTP server will be used to distribute software updates and demonstration versions of your products. Users report that they are unable to access the FTP server. What should you do to enable access? A.)Open ports 20 and 21 for inbound and outbound connections B.)Install a VPN C.)Move the FTP outside of the firewall D.)Define user accounts for all external visitors
A
You need to increase the security of your Linux system by finding and closing open ports. Which of the following commands should you use to locate open ports? A.)nmap B.)traceroute C.)netstat D.)nslookup
A
You suspect that some of your computers have been hijacked and are being used to perform denial of service attacks directed against other computers on the Internet. Which log would you check to see if this is happening? A.)Firewall B.)System C.)Application D.)Security
A
You have just purchased a new network device and are getting ready to connect it to your network. Which of the following actions should you take to increase its security? (Select two.) A.)Apply all patches and updates B.)Change default account passwords C.)Implement separation of duties D.)Remove any backdoors E.)Conduct privilege escalation
A and B
Why do attackers prefer to conduct distributed network attacks in static environments? (Select two.) A.)Devices tend to employ much weaker security than traditional networking device. B.)It is difficult to update the virus definitions used to protect these devices. C.)Devices are, typically, more difficult to monitor than traditional network devices. D.)These devices are typically installed in the DMZ outside an organization's perimeter firewall. E.)Smart device vendors tend to proactively protect their products against security threats.
A and C
Which of the following are characteristic of a rootkit? (Select two.) A.)Hides itself from detection B.)Uses cookies saved on the hard drive to track user preferences C.)Monitors user actions and open pop=ups based on user preferences D.)Requires administrator-level privileges for installation
A and D
Which of the following tools can you use on a Windows network to automatically distribute and install software and operating system patches on workstations? (Select two.) A.)WSUS B.)Security Templates C.)Security Configurations and Analysis D.)Group Policy
A and D
You manage information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology that allows them to be managed over an internet connection using a mobile device app. You concerned about the security of these devices. What can you do to increase their security posture? (Select two.) A.)Installed the latest firmware updates from the device manufacturer. B.)Enroll each device in a mobile device management system. C.)Reply on the device manufacturer to maintain security with automated firmware updates. D.)Install anti-malware software on each device. E.)Verify that your network's existing security infrastructure is working properly.
A and E
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario? A.)Repudiation attack B.)Spam C.)Phishing D.)Open SMTP relay
B
Choose the Group Policy type with the function that it can perform that is listed below: -Scripts that should run at logon or logoff. A.)Computer Configuration B.)User Configuration
B
Choose the Group Policy type with the function that it can perform that is listed below: -Software that should be installed for a specific user. A.)Computer Configuration B.)User Configuration
B
Choose the IT audit activity on for the description listed: -Identifies inefficient IT strategies, such as weak policies and procedures. A.)Usage auditing B.)Risk evaluation C.)Escalation auditing D.)Privilege auditing E.)User access and rights review
B
Choose the bring your own device (BYOD) security issue for the remedy listed below: -Specify who users can call for help with mobile device apps in your acceptable use policy. A.)Preventing malware infections B.)Supporting mobile device users C.)Preventing loss of control of sensitive data D.)Preventing malicious insider attacks E.)Applying the latest anti-malware definitions
B
For users who are members of the sales team, you want to force computers to use a specific desktop background and remove access to administrative tools from the Start menu. Which solution should you use? A.)Account policies B.)Group Policy C.)Account restrictions D.)File screens
B
Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. Which step must be taken to ensure that the information is useful in maintaining a secure environment? A.)All logs should be deleted and refreshed monthly. B.)Periodic reviews must be conducted to detect malicious activity or policy violations. C.)The accounting department must compress the logs on a quarterly basis. D.)All files must be verified with the IDS checksum.
B
Select the Group Policy objects (GPOs) in the order in which they are applied. -GPOs linked to the domain that contains the user or computer object. A.)1 B.)2 C.)3
B
Smart devices are attractive targets for cyber criminals because they typically have minimal security and are not protected with anti-malware software. This make it easier to exploit these types of devices and perpetrate attacks. Many smart devices can be utilized to conduct a single coordinated attack. What is the type of attack usually called? A.)A highly centralized attack B.)A highly distributed attack C.)A brute force attack D.)A smartnet attack
B
Users in your organization receive email message informing them that suspicious activity has been detected on their bank accounts. They are directed to click a link in this email to verify their online banking user name and password. The URL in the link is in the .ru top-level DNS domain. What kind of attack has occurred? A.)Virus B.)Phishing C.)Open SMTP relay D.)Buffer overflow
B
What is the main difference between a worm and a virus? A.)A worm is restricted to one system, while a virus can spread from system to system. B.)A worm can replicate itself, while a virus requires a host for distribution. C.)A worm requires an execution mechanism to start, while a virus can start itself. D.)A worm tries to gather information, while a virus tries to destroy data.
B
What is the purpose of audit trails? A.)Prevent security breaches B.)Detect security-violating events C.)Restore systems to normal operations D.)Problem correction
B
Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity? A.)Sniffing B.)Spam C.)Replay attack D.)Impersonation
B
Which of the following ports does FTP use to establish sessions and manage traffic? A.)25, 110 B.)20, 21 C.)135-139 D.)80, 443
B
Which of the following solutions would you use to control the actions that users can perform on a computer, such as shutting down the system, logging on through the network, or loading and unloading device drivers? A.)Account restrictions B.)Group Policy C.)NTFS permissions D.)Account policies
B
Which of the following strategies can protect against a rainbow table password attack? A.)Educate users to resist social engineering attacks B.)Add random bits to the password before hashing takes place C.)Encrypt the password file with one-way encryption D.)Enforce strict password restrictions
B
Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims? A.)Hijacking B.)Spamming C.)Brute force D.)Trojan horse
B
You are concerned that an attacker can gain access to your Web server, make modifications to the system, and alter the log files to hide his actions.Which of the following actions would best protect the log files? A.)Encrypt the log files B.)Use syslog to send log entries to another server C.)Configure permissions on the log file to prevent access D.)Take a hash of the log files
B
You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server. Which of the following recommendations should you follow when applying the hotfix? A.)Test the hotfix and then apply it to the server that had the problem B.)Test the hotfix and then apply it to all servers. C.)Apply the hotfix immediately to the server; apply the hotfix to other devices only as the security threat manifests itself. D.)Apply the hotfix immediately to all servers.
B
You have two folders that contain documents used by various departments: *The Development group has been given the Write permission to the Design folder. *The Sales group has been given the Write permission to the Products folder. No other permissions have been given to either group. User mask Tillman needs to have the Read permission to the Design folder and the Write permission to the Products folder. You want to use groups as much as possible. What should you do? A.)Add Mark's user account directly to the ACL for both the Design and Products folder. B.)Make Mark a member of the Sales group; add Mark's user account directly to the ACL for the design folder. C.)Make mark a member of the Development group; add Mark's user account directly to the ACL for the Products folder. D.)Make Mark a member of the Development and Sales groups.
B
You want to close all ports associated with NetBIOS on your network firewalls to prevent attacks directed against NetBIOS. Which ports should you close? A.)67, 68 B.)135, 137-139 C.)161, 162 D.)389, 636
B
You want to give all managers the ability to view and edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the best way accomplish this? A.)Add each user account to the file's DACL. B.)Create a security group for the managers. Add all users as a members of the group. Add the group to the file's DACL. C.)Create a distribution group for the managers. Add all users as members of the group. Add the group to the file's DACL. D.)Add one manager to the DACL that grants all permissions. Have this user add other managers as required.
B
You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future? A.)Store the logs in an offsite facility. B.)Create a hash of each log. C.)Encrypt the logs. D.)Make two copies of each log and store each copy in a different location.
B
You want to use a protocol encrypting emails that uses a PKI with X.509 certificates. Which method should you choose? A.)AES B.)S/MIME C.)SSH D.)IPsec
B
You decide to use syslog to send log entries from multiple servers to a central logging server. Which of the following are the most important considerations for your implementation? (Select two.) A.)A fast network connection B.)Clock synchronization between all devices C.)Disk space on the syslog server. D.)Retention policies on the syslog client
B and C
You have installed anti-virus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.) A.)Enable chassis intrusion detection B.)Schedule regular full system scans C.)Educate users about malware D.)Disable UAC E.)Enable account lockout
B and C
A user named Bob Smith has been assigned a new desktop workstation to complete his day-to-day work. When provisioning Bob's user account in your organization's domain, you assigned an account name of BSmith with an initial password of bw2Fs3d. On first login, Bob is prompted to change his password, so he changes it to the name of his dog (Fido.) What should you do to increase the security of Bob's account? (Select two.) A.)Do not allow users to change their own passwords. B.)Use Group Policy to require strong passwords on user accounts. C.)Use a stronger initial password when creating user accounts. D.)Train users not to use password that are easy to guess. E.)Require him to use the initial password when creating user accounts. F.)Configure user account names that are not easy to guess.
B and D
Which of the following mechanisms can you use to add encryption to email? (Select two.) A.)HTTPS B.)S/MIME C.)Reverse DNS D.)Secure Shell E.)PGP
B and E
A recreation of historical events is made possible through? A.)Penetration B.)Incident reports C.)Audit trails D.)Audits
C
Choose the IT audit activity on for the description listed: -Verifies the appropriate use of accounts and privileges. A.)Usage auditing B.)Risk evaluation C.)Escalation auditing D.)Privilege auditing E.)User access and rights review
C
In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of common user names and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue? A.)AES encryption B.)VLANs C.)A strong password policy D.)3DES encryption
C
Many popular systems allow quick and easy file and printer sharing with other network members. Which of the following is not a means by which file and printer sharing is hardened? A.)Hosting all shared resources on a single centralized and secure server B.)Logging all activity C.)Allowing NetBIOS traffic outside of your secured network D.)Imposing granular access control via ACLs.
C
Select the Group Policy objects (GPOs) in the order in which they are applied. -GPOs linked to the organizational unit that contains the object. A.)1 B.)2 C.)3
C
The auditing feature of an operating system serves as what form of control when users are informed that their actions are being monitored? A.)Directive B.)Detective C.)Preventative D.)Corrective
C
What is another name for a logic bomb? A.)Trojan horse B.)DNS poisoning C.)Asynchronous attack D.)Pseudo flaw
C
What is the primary distinguishing characteristic between a worm and a logic bomb? A.)Masquerades as a useful program B.)Incidental damage to resources C.)Self-replication D.)Spreads via email
C
Which is a program that appears to be a legitimate application, utility, game, or screensaver and performs malicious activities surreptitiously? A.)Outlook Express B.)Worm C.)Trojan horse D.)ActiveX control
C
Which of the following best describes spyware? A.)It is a malicious program disguised as legitimate software. B.)It monitors user actions that denote personal preferences then sends pop-ups and ads to the user that match their tastes. C.)It monitors the actions you take on your machine and send the information back to its originating source. D.)It is a program that attempts to damage a computer system and replicate itself to other computer systems.
C
Which of the following is a collection of recorded data that may include details about logons, object access, and other activities important by your security policy that is often used to detect unwanted and unauthorized user activity? A.)CPS (certificate practice statement) B.)Chain of custody C.)Audit trail D.)Syslog
C
Which of the following is a snap-in that allows you to apply a template or compare a template to the existing security settings on your computer? A.)The Active Directory Security Template snap-in B.)The Microsoft Management Console snap-in C.)The Security Configuration and Analysis snap-in D.)The NSA Template snap-in
C
Which of the following is a standard for sending log messages to a central logging server? A.)LC4 B.)Nmap C.)Syslog D.)OVAL
C
Which of the following is the best recommendation for applying hotfixes to your servers? A.)Wait until a hotfix becomes a patch, then apply it B.)Apply all hotfixes before applying the corresponding service pack C.)Apply only the hotfixes that affect to software running on your systems D.)Apply hotfixes immediately as they are released
C
Which of the following is undetectable software that allows administrator-level access? A.)Trojan horse B.)Worm C.)Rootkit D.)Spyware E.)Logic bomb
C
You have a file server named Srv3 that holds files used by the Development department. You want to allow users to access the files over the network and control access to files accessed through the network or a local logon. Which solution should you implement? A.)NTFS permissions and file screens B.)Share permissions and file screen C.)NTFS and shared permissions D.)Share permissions and quotas
C
You have a shared folder named Reports. Members of the Managers group have been given write access to the shared folder. Mark Mangum is a member of the Managers group have been given write access to the shared folder. Mark Mangum is a member of the Managers group. He needs access to the files in the Reports folder, but should not have any access to the Confidential.xls file. What should you do? A.)Add Mark Mangum to the ACL for the Reports directly with Deny permissions. B.)Remove Mark Mangum from the Managers group. C.)Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions. D.)Configure NTFS permissions for Confidential.xls to allow Ready only.
C
You have heard about a Trojan horse program where the compromised system send personal information to a remote attacker on a specific TCP port. You want to be able to easily tell whether any of your systems are sending data to the attacker. Which log would you monitor? A.)System B.)Security C.)Firewall D.)Application
C
You installed a new Linux distribution on a server in your network. The distribution includes an SMTP daemon that is enabled by default when the system boots. The SMTP daemon does not require authentication to send email messages. Which type of email attack is this server susceptible to? A.)Sniffing B.)Viruses C.)Open SMTP relay D.)Phishing
C
You suspect that your Web server has been the target of a denial of service attack. You would like to view information about the number of connections to the server over the past three days. Which log would you most likely examine? A.)Firewall B.)System C.)Performance D.)Security
C
You manage the information systems for a large manufacturing firm. Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an internet connection. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.) A.)Install anti-malware software on each device. B.)Install a network monitoring agent on each device. C.)Verify that your networks existing security infrastructure is working properly. D.)Install the latest firmware updates from the device manufacturer. E.)Enroll each device in a mobile device management system.
C and D
Which of the following is not included in a system level audit event? (Select two.) A.)The user name logging in. B.)Beginning and ending time of access. C.)Any actions performed by the user. D.)Activities performed on the system. E.)Names of accessed files. F.)Successful and unsuccessful logon attempts.
C and E
You have multiple users who are computer administrators. You want each administrator to be able to shut down systems and install drivers. What should you do? (Select two.) A.)Add the group to the DACL. B.)Add the group to the SACL. C.)Create a security group for the administrators and all user accounts to the group. D.)Create a distribution group for the administrators and add all user accounts to the group. E.)Grant the group the necessary user rights.
C and E
A collection of zombie computers have been set up to collect personal information. What type of malware do the zombie computers represent? A.)Logic bomb B.)Spyware C.)Trojan horse D.)Botnet
D
Choose the IT audit activity on for the description listed: -Checks user/group rights and privileges to identify cases of creeping privileges. A.)Usage auditing B.)Risk evaluation C.)Escalation auditing D.)Privilege auditing E.)User access and rights review
D
If your anti-virus software does not detect and remove a virus, what should you try first? A.)Scan the computer using another virus detection program. B.)Search for and delete the file you believe to be infected. C.)Set the read-only attribute of the file you believe to be infected. D.)Update your virus detection software.
D
Over the past few days, a server has gone offline and rebooted automatically several times. You would like to see a record of when each of these restarts has occurred. Which log type should you check? A.)Security B.)Firewall C.)Performance D.)System
D
To tightly control the anti-malware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent this scenario from occurring again? A.)Create a scheduled task to run sfc.exe daily B.)Switch to a more reliable anti-virus software C.)Carefully review open firewall ports and close any unnecessary ports D.)Configure the software to automatically download the virus definition files as soon as they become available
D
When securing a newly deployed server, which of the following rules of thumb should be followed? A.)Disable all unused services B.)Disable each service in turn and then test the system for negative effects C.)Disable all services not associated with supporting shared network services D.)Determine unneeded services and their dependencies before altering the system
D
Which of the following actions should you take to reduce the attack surface of a server? A.)Install a host-based IDS B.)Install the latest patches and hotfixes C.)Install anti-malware software D.)Disable unused services
D
Which of the following describes a configuration baseline? A.)A collection of security settings that can be automatically applied to a device B.)The minimum services required for a server to function C.)A set of performance statistics that identifies normal operating performance D.)A list of common security settings that a group or all devices share
D
Which of the following is not an advantage when using an internal auditor to examine security systems and relevant documentation? A.)An internal auditor is familiar with organizational goals. B.)An internal auditor has knowledge of the inner workings of the organization. C.)Orientation time is minimized. D.)Findings in the audit and subsequent summations are viewed objectively.
D
Which of the following password attacks uses preconfigured matrices of hashed dictionary words? A.)Brute force B.)Hybrid C.)Dictionary D.)Rainbow table
D
Which of the following statements about the use of anti-virus software is correct? A.)If you install anti-virus software, you no longer need a firewall on your network. B.)Once installed, anti-virus software needs to be updated on a monthly basis. C.)If servers on a network have anti-virus software installed, workstations do not need anti-virus software installed. D.)Anti-virus software should be configured to download updated virus definition files as soon as they become available.
D
Which of the following terms identifies the process of reviewing log files for suspicious activity and threshold compliance? A.)CompSec B.)Phishing C.)Scanning D.)Auditing
D
You have contracted with a vendor to supply a custom application that runs on Windows workstations. As new applications versions and patches are released, you want to be able to automatically apply them to multiple computers. Which tool is your best choice for accomplishing this task? A.)Security Templates B.)Security Configuration and Analysis C.)WSUS D.)Group Policy
D
You have installed anti-malware software that checks for viruses in email attachments. You configure the software to quarantine any files with problems. You receive an email with an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarantined by the anti-malware software. What has happened to the file? A.)It has been deleted from your system. B.)The file extension has been changed to prevent it from running. C.)The infection has been removed, and the file has been saved to a different location. D.)It has been moved to a secure folder on your computer.
D
You notice a growing number of device, such as environmental control systems and wearable devices, are connecting to your network. These devices, known as smart devices, are sending and receiving data via wireless network connections. Which of the following labels applies this growing ecosystem of smart devices? A.)The smartnet B.)Internet of smart devices C.)Dynamic environment D.)Internet of things
D
To transfer files to your company's internal network from home, you use FTP. The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible. Now you can no longer make the FTP connection. You suspect the firewall is causing the issue. Which ports need to remain open so you can still transfer the files? (Select two.) A.)80 B.)443 C.)23 D.)21 E.)20
D and E
Choose the IT audit activity on for the description listed: -Determine whether privilege-granting processes are appropriate and whether computer use and escalation processes are in place and working. A.)Usage auditing B.)Risk evaluation C.)Escalation auditing D.)Privilege auditing E.)User access and rights review
E
To increase security on your company's internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions? A.)80 B.)21 C.)23 D.)69 E.)443
E
What does hashing of log files provide? A.)Sequencing of files and log entries to recreate a timeline of events. B.)Preventing the system from running when the log files are full C.)Confidentiality to prevent unauthorized reading of the file. D.)Preventing log files from being altered or over written E.)Proof that the files have been altered
E
Which command should you use to display both listening and non-listening sockets on your Linux system? (Tip: Enter the command as if at the command prompt.)
netstat -a
Which command should you use to scan for open TCP ports on your Linux system? (Tip: Enter the command as if at the command prompt.)
nmap -sT
You want to make sure no unneeded software packages are running on your Linux server. What command can you use to see all installed RPM packages.
yum list installed