Module 15: System and User Security

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

File that contains group configuration information.

/etc/group

File that defines some of the account information for user accounts.

/etc/passwd

File that contains account information related to the user's password.

/etc/shadow

The____ file keeps a log of all users who have logged in and out of the system.

/var/log/wtmp

The root account typically has a uid of ____; system accounts typically have uid's of ____ - ____; user accounts typically have uid's > ____.

0; 1-499; 500+

If the output of the who command contains no location information, what does that mean? What does it mean if it does output location information and it looks like (www.example.com)? If it looks like (:0)?

It means that the user logged in via a local command line process; the user has logged in remotely; the user has performed a local graphical login

The command 'grep sysadmin /etc/passwd' yields the output 'sysadmin:x:1001:1001:System Administrator,,,,:/home/sysadmin:/bin/bash'. What does it mean?

Name: password placeholder: userid : primary group id: comment: home directory: user's login shell

What is the difference between these two commands? su - root; su -

Nothing. They both start the shell as the root user

If a file in the etc/passwd directory ends with something like /bin/bash/nologin, what does this tell you?

This is likely a system account, not a user account. Check the uid and it will likely be between 1-499.

A user's etc/shadow file contains the following fields. What do they mean? Username: password: last change: minimum: maximum: warn: inactive: expire: reserved

Username: self explanatory; password: encrypted password for * for system accounts; last change: Day since last password change, counted from 1/1/1970; minimum: min number of days user must wait after changing password before it can be changed again; maximum: maximum number of days a password is valid; warn: number of days before password expires that user is warned of impending expiration; inactive: if user fails to change expired password, this is essentially a grace period to change it or else it will lock and require an admin to change it; expire: indicates the day the account will expire, represented by the number of days from January 1, 1970. An expired account is locked, not deleted; reserved: not currently in use, reserved for future use

After using the shell started by the su command to perform the necessary administrative tasks, return to your original shell (and original user account) by using the ____ command.

exit

What does the id command do if no argument is given? If a username is given? What do the -g and -G flags do?

gives user account and group information for the current user; gives user account and group information for the given username; displays only the primary GID of current or given user; displays all GIDs for the current or given user

Which etc/ folder contains files with the following fields?: group name: password placeholder: group ID (GID): user list

group

Command used to print user and group information for a specified user.

id

Command that shows listing of last logged in users.

last

The ____ command reads the entire login history from the /var/log/wtmp file and displays all logins and reboot records by default.

last

By default, if a username is not specified, the su and sudo commands assume the ____ user.

root

Command that allows users to run a shell as a different user.

su

Command that allows users to execute commands as another user.

sudo

If the root account is disabled, as it is on the Ubuntu distribution, then administrative commands can be executed using the ____ command. If the root account is enabled, then a regular user can execute the ____command to switch accounts to the root account.

sudo; su

In the output of the who command, there is a column for terminal name. If the terminal name starts with ____, then this is an indication of a local login, as this is a regular command line terminal. If the terminal name starts with ____, then this indicates the user is using a pseudo terminal or running a process that acts as a terminal.

tty; pts

Command provides a detailed list about the users currently on the system and a summary of the system status.

w

Command displays a list of users who are currently logged into the system, where they are logged in from, and when they logged in.

who

The ____ command reads from the /var/log/utmp file which logs current users, while the ____ command reads from the /var/log/wtmp file, which keeps a history of all user logins.

who; last


Set pelajaran terkait

present perfect simple and continuous

View Set

8th Grade Math: Unit 1 - Parallel LInes and Transversals

View Set

CompTIA ITF+ Module 4/ Unit 1/ Networking Concepts Review

View Set

APES Unit 4: Human Population and Environmental Hazards

View Set