Managing Users and Groups (Linux)
To create a restricted shell account for guest users, the first step is to use the __________ option with the useradd command and provide an argument of /bin/rbash. a. -s b. -d c. -m d. -g
a. -s
Which of the following options for the useradd command specifies the user's UID? a. -u b. -g c. -k d. -d
a. -u
Which of the following files stores information about each group, including the group name, group ID (GID), and secondary user membership? a. /etc/group b. /etc/passwd c. /etc/gshadow d. /etc/groupinfo
a. /etc/group
Which of the following files stores additional information for a group, such as group administrators and the group password? a. /etc/gshadow b. /etc/group c. /etc/groupinfo d. /etc/passwd
a. /etc/gshadow
Which of the following files stores the primary account data for local users of a Linux system? a. /etc/passwd b. /etc/shadow c. /etc/group d. /etc/gshadow
a. /etc/passwd
If one line in the /etc/passwd file appears as root:x:0:0:root:/root:/bin/bash, which field in this example represents the user's home directory? a. /root b. /bin/bash c. 0:0 d. x
a. /root
If one line in the /etc/shadow file appears as bob:*:16484:3:90:5:30:16584:, which field in this example represents the date of the last password change? a. 16584 b. 3 c. 30 d. 5
a. 16584
In Linux, access or restrictions can be applied to which of the following for group accounts? a. All of the above b. Other operating system features c. Files d. Directories
a. All of the above
When securing user accounts, which of the following components must be considered? a. All of the above b. Ensuring accounts are not susceptible to attack c. Education of users d. Physical security of the system or network
a. All of the above
Which of the following refers to programs that run in the background, performing specific system tasks? a. Daemons b. Controls c. Arguments d. Modules
a. Daemons
How can a system administrator help avoid accidentally running commands that could destroy all system files? a. Log in as a regular user and use the sudo or su command to gain temporary root access. b. It is not possible for a system administrator to run commands that destroy all system files. c. Run the rm -r /* command when logged in as a system administrator. d. Run the rm -r /* command when logged in as a regular user.
a. Log in as a regular user and use the sudo or su command to gain temporary root access.
Each line in the /etc/group file describes one __________. a. group b. individual c. program d. user
a. group
Which of the following is not a command used to change the contents of the /etc/group file? a. groupins b. groupdel c. groupmod d. groupadd
a. groupins
Which of the following is a command that provides information on a Linux user's group membership? a. id b. gid c. uid d. grp
a. id
The purpose of the password field in the /etc/gshadow file is to allow users to temporarily change their primary group by using the __________ command. a. newgrp b. grep c. groups d. gpasswd
a. newgrp
Every Linux user is a member of at least one group, and the first group is called the user's __________ group. a. primary b. key c. main d. central
a. primary
If one line in the /etc/group file appears as adm:x:4:syslog,bo, which field in this example represents the password placeholder? a. x b. adm c. 4 d. syslog,bo
a. x
Which of the following options for the useradd command displays the default values? a. -f b. -D c. -u d. -d
b. -D
To change the name of an existing group, the group administrator uses the groupmod command with which of the following options? a. -d b. -n c. -g d. -l
b. -n
If one line in the /etc/passwd file appears as root:x:0:0:root:/root:/bin/bash, which field in this example represents the user's login shell? a. x b. /bin/bash c. 0:0 d. /root
b. /bin/bash
When a system is compromised, which of the following should include who is notified, what actions should be taken, and so on? a. Social engineering tools b. Incident response plan c. Web application analysis d. Reporting tools
b. Incident response plan
Which of the following actions can be performed to prevent a user from changing an account password? a. Make the max field of the /etc/shadow file a higher value than the min field. b. Make the min field of the /etc/shadow file a higher value than the max field. c. Create a crontab entry to execute a command that prevents password changes. d. All of the above
b. Make the min field of the /etc/shadow file a higher value than the max field.
PAM, a powerful tool that allows an administrator to provide many restrictions to user accounts, stands for which of the following? a. Private Authentication Modules b. Pluggable Authentication Modules c. Private Account Modules d. Pluggable Account Modules
b. Pluggable Authentication Modules
Which of the following commands enables you to see a summary of all login times for each user in the last 24 hours? a. touch /var/log/account/pact b. ac -p --individual-totals c. tar -xvf acct* d. mkdir /var/log/account
b. ac -p --individual-totals
If one line in the /etc/group file appears as adm:x:4:syslog,bo, which field in this example represents the group name? a. syslog,bo b. adm c. x d. 4
b. adm
Which of the following default user accounts is used by the software that provides DNS (Domain Name System) functions? a. root b. bind c. lp d. syslog
b. bind
Which of the following tools actively probes a system via a specific protocol, such as FTP? a. Johnny b. hydra c. All of the above d. john
b. hydra
Which of the following is a software tool that can be used to keep track of all commands executed by users? a. cron b. psacct c. lastcomm d. accton
b. psacct
Which of the following PAM categories is used to perform actions prior to and after a service has been provided to a user? a. auth b. session c. password d. account
b. session
Which of the following commands can be used to provide some users with the ability to execute specific tasks as the administrator? a. apt-get b. sudo c. visudo d. usermod
b. sudo
As an administrator, you can modify user accounts using the __________ command. a. chfn b. usermod c. pwck d. useradd
b. usermod
Which of the following files contains user account information, including the primary group membership for each user? a. /etc/gshadow b. /etc/group c. /etc/passwd d. /etc/groupinfo
c. /etc/paswd
After you install Kali Linux, you can access the security tools by clicking __________ at the top of the window. a. Places b. Tools c. Applications d. Files
c. Applications
When used to define security principles, the term "entity" refers to which of the following? a. None of the above b. Systems c. Both people and systems d. People
c. Both people and systems
Which of the following is not true regarding security principles? a. There is always a way to compromise a system if someone has enough time, resources, and knowledge. b. You have to keep an eye on authorized users who may attempt to gain unauthorized access. c. External hackers try to compromise security by making a system deny access to unauthorized entities. d. You have to find the right balance between making a system secure and making it available.
c. External hackers try to compromise security by making a system deny access to unauthorized entities.
Which of the following login servers can provide both user and group account data and is commonly used for network-based accounts on Linux distributions? a. NIS b. Active Directory and Samba c. LDAP d. None of the above
c. LDAP
Which of the following is not one of the categories of Kali Linux tools? a. Vulnerability Analysis b. Reverse Engineering c. Pre Exploitation d. Password Attacks
c. Pre Exploitation
Which of the following is a technique for gathering system information from users by using nontechnical methods? a. Sniffing and spoofing b. Reverse engineering c. Social engineering d. Web application analysis
c. Social engineering
In Linux, the acronym UPG stands for which of the following? a. Unified Protocol Groups b. Unified Private Groups c. User Private Groups d. User Protocol Groups
c. User Private Groups
When you encourage users to report any suspicious activity immediately, you are implementing which of the following? a. None of the above b. Account security c. User education d. Physical security
c. User education
A group administrator can create a group account by using which of the following commands? a. newgroup b. groupnew c. groupadd d. groupins
c. groupadd
Which of the following PAM modules is used to modify password policies? a. pam_env b. pam_mkhomedir c. pam_cracklib d. pam_access
c. pam_cracklib
Any additional groups that a Linux user is a member of, after the first group, are called the user's __________ groups. a. lesser b. minor c. secondary d. subordinate
c. secondary
When a __________ directory is used, the entire contents of the specified directory are copied to the new user's home directory. a. default b. /bin c. skeleton d. root
c. skeleton
Which of the following files stores user passwords and password-related data for local users of a Linux system? a. /etc/group b. /etc/passwd c. /etc/gshadow d. /etc/shadow
d. /etc/shadow
Default group accounts in a typical Linux system often have GID values under __________. a. 100 b. 10000 c. 10 d. 1000
d. 1000
If one line in the /etc/shadow file appears as bob:*:16484:3:90:5:30:16584:, which field in this example represents the minimum password age? a. 5 b. 30 c. 16584 d. 3
d. 3
A good security policy should include all but which of the following? a. A means to ensure that all rules are being followed b. A set of rules that determines what is and is not allowed on systems c. A well-defined plan to handle when a system is compromised d. A way to ensure that policies remain stable as new information becomes available
d. A way to ensure that policies remain stable as new information becomes available
When system logs are used to determine if someone is trying to gain unauthorized access to a system, this is an example of which of the following? a. None of the above b. User education c. Physical security d. Account security
d. Account security
When using the john or Johnny utility, you need to have a file that contains which of the following entries? a. /etc/shadow b. Neither /etc/passwd or /etc/shadow c. /etc/passwd d. Both /etc/passwd and /etc/shadow
d. Both /etc/passwd and /etc/shadow
Which button do you click in the Johnny utility to see what john command was executed? a. Settings b. Passwords c. Statistics d. Console log
d. Console log
Which of the following is a GUI-based utility that can be used to perform password-cracking operations? a. john b. ncrack c. hydra d. Johnny
d. Johnny
When you protect systems from theft and hardware errors, you are implementing which of the following? a. User education b. Account security c. None of the above d. Physical security
d. Physical security
After a Linux user creates a new file, the user can change the group ownership of the file to another group by using which of the following commands? a. ls b. touch c. cg d. chgrp
d. chgrp
Which of the following special group accounts is used by the operating system to provide access to specific files? a. users b. adm c. operators d. lp
d. lp
To see if there are any errors in the /etc/passwd file, execute the __________ command while logged in as the root user. a. useradd b. grep c. chfn d. pwck
d. pwck
Which of the following special group accounts is reserved for the system administrator? a. lp b. sudo c. adm d. root
d. root
The goal in terms of __________ is to make systems, services, and data available to the correct entities while denying access to these resources by unauthorized entities. a. assessment b. forensics c. vulnerability d. security
d. security
To remove a user and keep the user's home directory and mail spool, use the __________ command without any additional arguments. a. usermod b. moduser c. deluser d. userdel
d. userdel
To allow a user to manage a group, add them as a group administrator by using the __________ option with the gpasswd command. a. -a b. -A c. -d d. -m
not b
