Chapter 12 Questions

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which of the following gpg options digitally sign documents?

--clearsign

You believe your GnuPG key pair has been compromised and should no longer be used. Which gpg command option can you use to create a key revocation certificate for the key pair?

--gen-revoke

Which chage option keeps a user from changing password every two weeks?

-m 33

What is the full path and filename of the file you should create to disable user login on a Linux system?

/etc/nologin

Which configuration file should you edit to enable Pluggable Authentication Modules (PAM) to check for a file named /etc/nologin

/etc/pam.d/login

What is the full path and filename of the file you should edit to limit the amount of concurrent logins for a specific user?

/etc/security/limits.conf

You need to configure which commands are allowed to be used with the sudo command. What is the full path and filename of the file you should edit?

/etc/sudoers

You would like to use SSH port tunneling to work on a remote system. You also need to ensure that all data that you send to the remote system is encrypted. Which SSH configuration option, in the /etc/ssh/sshd_config file, needs to be set to yes.

AllowTCPForwarding

What is the purpose of the find / type f -perm -o=x -ls command?

Audit files in the root directory that have execute permissions for others.

What is the purpose of the find / type f -perm -u=s -ls command?

Audit files in the root directory that have the SUID bit set.

What effect does the ulimit -t 600 command have on a Linux system?

Limits CPU time for a process to 10 minutes.

Within the /etc/security/limits.conf file, you notice the following entry: @guests hard maxlogins 3

Limits the number of max logins from the guest group to three.

You are the only Linux administrator for a very small company. You are constantly asked to fix one problem or another as they occur. How should you log in to the system each morning?

Logon as a regular user, then use su as needed to solve problems.

What is the name of the hash function used to verify the public key for an SSH connection?

MD5

You want to enable public key authentication on the server. Which option in the /etc/ssh/sshd_config file needs to be set?

PubkeyAuthentication yes

You believe your GnuPG key pair has been compromised and should no longer be used. Which two steps must you take to revoke a public key on a key server? (Select two.)

Send the revoked key to the key server. Revoke the key on a local system using the key revocation certificate.

What is the effect of the following command? chage -M 60 -W 10 jsmith

Sets the password for jsmith to expire after 60 days and gives a warning 10 days before it expires.

What is the purpose of the -N option in this command? ssh -f -N -L 2345:mail.mydomain.com:110 [email protected]

To ensure that SSH does not execute a remote command.

You created a GPG key pair and you used JJones as the real name during the key generation process. Your current working directory contains a file named Payroll.txt that contains sensitive information.

What do you enter at the command prompt to encrypt the Payroll.txt file? gpg -e -r JJones Payroll.txt What is the name of the file that will be generated when you encrypt the Payroll.txt file? Payroll.txt.gpg

When configuring the SSH daemon using the /etc/ssh/sshd_config file, which options can be set to either prevent or allow unrestricted access to all GUI features on the client? (Select two.)

X11Forwarding ForwardX11Trusted

Login blocking is enabled using the Pluggable Authentication Modules (PAM) module. Type the line that needs to be in the /etc/pam.d/login file to configure PAM to check and see if a file named /etc/nologin exists?

auth requisite pam_nologin.so

What chage command should you enter at the command prompt to set the password for jsmith to expire after 60 days and gives a warning 10 days before it expires?

chage -M -W 10 jsmith

You have used su to switch to the root user account to do system administration tasks. You now want to revert back to your regular user account. Which command should you use?

exit

Which utility should you use to encrypt emails, digitally sign emails, and encrypt documents?

gpg

Which keys are generated when you execute the ssh-keygen command with no options? (Select two.)

id_rsa.pub id_rsa

You are limiting the total amount of memory a user can use when they use the X Windows System. Which of the following limit keywords should you use?

rss

Which daemon, or service, provides port tunneling to encrypt non-secure protocols such as email and X server traffic?

ssh

Which ssh option should you enter at the command prompt to set up an SSH tunnel for X server traffic?

ssh -X

As you configure your client for public key authentication, you decide to generate the DSA key pair. You would like to configure the client to automatically provide the private key passphrase when needed so that you do not need to type the passphrase for every new SSH connection to a server. Which command should you use in conjunction with the ssh-agent bash command?

ssh-add ~/.ssh/id_dsa

When configuring public key authentication on your client system, which command enables the passphrase agent?

ssh-agent bash

You are currently logged in using the badams account. You want to view the contents of the /etc/inittab file, but you are not allowed to with the badams account. Which command could you use to view the file?

su -c "cat /etc/inittab" -l

You have logged in as a regular user when a frantic phone call comes in. The ABCD process must be started on the server now, but can only be run by root. Which command would you use to start this process?

sudo ABCD

PAM is configured on your system to look for the presence of the nologin file in the /etc directory. If the nologin file exists, user login is disabled and only the root user can log in. If your current working directory is root's home directory, which command would you enter to quickly create an empty nologin file in the /etc directory?

touch /etc/nologin

What do enter at the command prompt to prevent the shell from using too much of the system's resources?

ulimit

What do you enter at the command prompt to edit the /etc/sudoers file?

visudo

You need to block all users from logging in to the Linux system while you resolve a serious issues. You first need to force all active users to logout. Type the command you would enter to display a list of all active users?

w


Set pelajaran terkait

U.S. History Chapter 27 Review Questions

View Set

Acid/Base, Electrolyte, Lab Values NCLEX Prep

View Set

Chap 47 (Brunner) Management of Patients With Intestinal and Rectal Disorders

View Set

Econ Chapter 11 connect assessment

View Set

Hatfield: Introductory Maternity and Pediatric Nursing #31

View Set