Security Strategies in Linux Platforms and Applications - Practice Test 02
65. On most Linux systems, runlevel 2 typically means:
Multiple users, no Network File System (NFS). This may also mean no networking.
1. For most systems, Secure Sockets Layer (SSL) has been superseded by Transport Layer Security (TLS). True or false?
TRUE
10. In Linux, a mount point is a directory. True or false?
TRUE
11. A chroot jail is a special way of confining a program to a specific part of the filesystem. True or false?
TRUE
12. Pluggable authentication modules (PAM) offers a number of ways for users to be authenticated on a Linux system. True or false?
TRUE
13. In the password shadow suite, the difference between /etc/shadow and /etc/gshadow is that with /etc/gshadow, passwords are rarely configured. True or false?
TRUE
15. Log files that record login attempts and login failures classify log messages as auth and authpriv. True or false?
TRUE
16. Cron is a service for running administrative jobs on a regular basis. True or false?
TRUE
17. A virtual machine must be periodically updated just like any other system. True or false?
TRUE
18. A wrapper wraps existing service programs, offering them network-level protections. True or false?
TRUE
19. The init program uses a series of runlevels to determine which services it may run when the system starts up. True or false?
TRUE
2. When installing a software package, if package A has a dependency for package B, but package B requires both packages C and D, the installation of package A will require the installation of packages B, C, and D. True or false?
TRUE
20. The Linux open source license allows anyone to use, modify, and improve the source code. True or false?
TRUE
22. All packages in a source-based distribution of Linux must be compiled from source. True or false?
TRUE
23. A black-hat hacker is someone who performs attacks against victims for malicious purposes. True or false?
TRUE
24. A hardened Linux system typically contains fewer packages to be monitored for updates in case vulnerabilities are found in the software. True or false?
TRUE
3. Dbus is one of the underlying technologies that can be used with systemd. True or false?
TRUE
5. A server may have multiple network interfaces to better manage who gets access to which service and from where without having a lot of complex firewall rules to restrict access. True or false?
TRUE
8. The "chroot" in chroot jail means change root. True or false?
TRUE
9. Files on a device are accessible only when they're mounted on a Linux directory. True or false?
TRUE
43. Linux unified key setup (LUKS) is a specification for ________.
disk encryption
56. You want to allow members of the users group to use fdisk on the /dev/sda drive (and only that drive) and to use the yum command to update and install packages. Which command do you run?
%users ALL=/sbin/fdisk /dev/sda, /usr/bin/yum
70. What is Snort?
- An intrusion-detection service (IDS)
76. Which are the advantages of deploying Linux inside a Virtual Machine (VM)?
- Cost - The ability to capture snapshots of a system image - Ease of deployment, you can build the OS and create the system image and then store it.
69. What are the advantages of virtualization in a Linux infrastructure?
- Cost saving by purchasing less hardware - Security advantage with more bastion hosts
72. What is Apache?
- It is a common software package used to provide Web services - An application server
71. What is Tripwire?
- An intrusion-detection system (IDS) - A software that records hash value of all crucial files.
66. Where is the LILO configuration file usually located?
/boot/
44. Which filesystem is a good candidate for mounting in read-only mode?
/boot/, /opt/, and /usr/
42. Which file is used to configure the various mounting options of a filesystem upon boot?
/etc/fstab/
40. A black-hat can use Van Eck phreaking to exploit which of the following?
Electromagnetic output from CRT and LCD monitors
62. Deployment options for Linux servers generally include the following:
The option deployment are: Deploying on a physical system under your control Deploying on a virtual system under your control Deploying through the use of a cloud-based provider
47. A user needs access to execute networking-related commands only. What type of access should be granted using the principle of least privilege?
The user should be given sudo access to Networking
63. The following help to protect physical systems:
To protect physical system: - Strong password - Password-protected screen savers - Basic input/output system (BIOS) password or boot-loader passwords.
48. What user account information can be found in the /etc/passwd file?
User and their associated password. The user's basic information such as the default login shell.
39. Which of the following is associated with wireless intrusion detection system (WIDS)?
WPA
60. Apache is a popular type of _____________.
Web server package
37. A server has the following TCP Wrappers configuration: What is the result of this configuration? /etc/hosts.deny ALL : ALL
all access will be denied.
67. Which setting gives certain systems access to a network service through the super server?
allow_from
38. What is the primary AppArmor configuration file?
logprof.conf
54. Which of the following is a fake shell you can use for nonstandard users to enhance security?
nologin
59. What is the CUPS service associated with?
printing
58. What defines the services to be run in Linux?
runlevel
32. Which runlevel shuts down a system?
runlevel 0
28. Which ports does Internet Protocol Security (IPSec) use to tunnel information?
Ports 50 and 51.
27. Which of the following does Remote Authentication Dial-In User Service (RADIUS) provide to remote users who want to connect to a network service?
RADIUS is designed to provide authentication, authorization, and accounting.
29. Using Linux as a desktop typically involves the added security risk of:
Running GUI applications
51. An executable file with the _________ allows other users to run that command, with the permissions assigned to that user owner.
SUID
57. Which of the following enables a Linux system to be used as a Windows domain controller to authenticate Windows users?
Samba
50. Which of the following commands is used to edit the /etc/sudoers file?
visudo
45. Which Linux partition type is used for standard partitions with data?
83
33. What is Bourne Again Shell (bash)?
A command interpreter used to issue text commands.
74. A denial of service (DoS) attack jeopardizes which tenet of the C-I-A triad?
Availability
61. _______ is built from the source of Red Hat Enterprise Linux (RHEL). It is identical to RHEL except for the branding; all the logos and names have been changed.
CentOS
14. Regular Linux file and directory permissions are read, write, and traverse. True or false?
FALSE
21. The process of fixing commercial software is typically less constrained by human resource issues than open source software projects. True or false?
FALSE
25. Most Linux distributions currently use a package called ipchains as firewall software. True or false?
FALSE
4. A hash algorithm is a two-way function. True or false?
FALSE
6. The Red Hat Security Level Configuration tool is used to configure SELinux. True or false?
FALSE
7. In Linux, you cannot encrypt individual partitions. True or false?
FALSE
41. You used a protocol analyzer to capture some network traffic. You want to focus on FTP traffic. Which port number do you include in the filter?
Port 21 and 20.
30. The following are true of system hardening EXCEPT:
Install a lots of software packages
73. Ensuring that the data that is sent is the data that is received describes which tenet of the C-I-A triad?
Integrity
53. Which of the following is the best choice for network authentication?
LDAP
46. Which Linux filesystem format does not include any type of journaling?
ext2
49. Which of the following control flags used in pluggable authentication modules (PAM) approves user access assuming that there are no previous failures?
sufficient
68. Which of the following is true regarding open source software versus commercial software?
- It is free - You can learn from the source code. - You can see clearly what it does. - You can have a better understanding of how the program operates. - You can make fixes to the source in case there are bugs if you are so inclined. - Open source projects put their source code out on the open Internet at public repositories.
75. The following are true of system hardening:
- Limiting the number of software packages installed - Removing any software you aren't going to be using - Removing all but the most critical users from the system - Making sure permissions are restricted on files and directories - Removing all but the necessary system services are also common approaches
26. From a security perspective, what is the advantage of Samba over Network File System (NFS) when installed with the standard configuration?
- allow an authenticated user to access his or her home directory on the local system. - that directory is not shared and should not even be visible to other users.
31. In which directory can you find scripts for active services?
/etc/init.d/
35. Where do you find regular service scripts, such as start, stop, restart, and status?
/etc/init.d/
64. Network service startup scripts are located in which directory in many Linux distributions?
/etc/init.d/
36. From which of the following files does the iptables command read ports of well-known services?
/etc/services/
52. With which directory is the sticky bit most commonly associated?
/tmp/
34. The following are hashing algorithms
Common hashing algorithms are Message Digest 5 (MD5), Secure 1 (SHA-1), and Secure 2 (SHA-2).
55. A polkit mechanism includes a subject, an object, and an action. Which of the following is the subject?
Subject: An administrative tool. Object: The device or file. Action: How the device or configuration file will be modified.