15.4.4 - Network Security (Practice Questions)

systemctl list-units

Unnecessary network services might provide attackers with an entry point for an attack. To view a list of services, or units, installed or running on a systemd-based system, what could you enter at the command prompt?

All listening and non-listening sockets

What does the netstat -a command show?

netstat -a

What should you enter at the command prompt to display both listening and non-listening sockets on your Linux system?

nmap -sT

What should you enter at the command prompt to scan for open TCP ports on your Linux system?

nmap

You need to increase the security of your Linux system by finding and closing open ports. Which of the following commands should you use to locate open ports?

dnf list installed

Removing unnecessary software increases the security of your Linux system. If your system uses RPM for package management, what can you enter at the command prompt to look for unnecessary software that might be installed on your system?

/etc/systctl.conf

Sam, a system administrator, is implementing measures to harden the Linux systems on the network. Sam wants to modify kernel parameters at runtime to protect the system from syn flood attacks using the sysctl command. Which file would Sam modify to implement the following changes? # TCP SYN Flood Protection net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 2048 net.ipv4.tcp_synack_retries = 3