CSCI 3602 Quizes

Ace your homework & exams now with Quizwiz!

True

A chroot jail is a special way of confining a program to a specific part of the filesystem.

The user owner of the file

A discretionary access control for a file is a control mechanism that is set by _______.

An administrative tool

A polkit mechanism includes a subject, an object, and an action. Which of the following is the subject?

True

A rainbow table is a set of precomputed stored hashes that are mapped to a plaintext password.

False

Assuming a demilitarized zone (DMZ) is configured, there's no need to set up a separate firewall between the DMZ network and the internal network.

Red Hat Package Manager (RPM) and Yellowdog Update, Modified (yum)

What does Red Hat Enterprise Linux use to install software packages?

A Web Server

What is Apache?

An intrusion detection service

What is Snort?

You can upgrade the distribution at a later date with little risk to user files.

What is a valid reason for setting up the /home/ directory as a separate filesystem?

Printing

What is the CUPS service associated with?

Hardware or software capable of blocking networking communications based on established criteria, or rules

What is the best definition of a firewall?

Logprof.conf

What is the primary AppArmor configuration file?

To allow all incoming ICMP messages

What is the purpose of the following iptables command? iptables -A Firewall-INPUT -p icmp --icmp-type any -j ACCEPT

True

When configuring obscure ports for a service, configuring different ports for clients and servers is not enough. You also need to configure an open port in the firewall.

True

Pluggable authentication modules (PAM) offers a number of ways for users to be authenticated on a Linux system.

False

Pluggable authentication modules (PAM) solves administrative permission problems by providing higher-level functions without having the whole program gain administrative access.

Denies access to all daemons from all clients

A server has the following TCP Wrappers configuration: /etc/hosts.deny ALL : ALL What is the result of this configuration?

True

A server on a demilitarized zone (DMZ) network may serve data to users on the Internet.

True

Pluggable authentication modules (PAM) allows users to be authenticated with local password stores and by way of network authentication, using facilities like Network Information Service (NIS) and the Lightweight Directory Access Protocol (LDAP).

Nonrepudiation

Which of the following is usually about preventing a party involved in a transaction from denying that the transaction occurred?

The FTP service is allowed to interact with directories other than users' home directories.

Which of the following represents a type of mandatory access control?

Wired Equivalent Privacy (WEP)

Which of the following should no longer be used because of weak security?

Linus Torvalds

Who developed and released the first Linux operating system?

True

Wireless encryption algorithms such as WPA and WPA2 may be cracked if they use weak pre-shared keys based on dictionary words.

/tmp

With which directory is the sticky bit most commonly associated?

True

You can configure the /boot/ directory as a separate filesystem.

Virtual Platform

A Linux distribution typically does NOT include which of the following?

True

After configuring quotas on a Linux system, you can use the edquota command to edit the quota of a specific user.

Web server package

Apache is a popular type of _____________.

False

Demilitarized zone (DMZ) networks replace internal private networks.

Samba

If a share on a Microsoft Windows host needs to mount on the Linux filesystem, which network service would typically be used?

True

In Linux, every user and group has a user ID (UID) and group ID (GID) number.

True

In Linux, three major services that network files and folders are the Network File System (NFS), Samba, and the File Transfer Protocol (FTP).

False

In Linux, you cannot encrypt individual partitions.

False

It is a best practice to run administrative commands as the root user.

Confidentiality

Keeping secrets is the essence of which tenet of the C-I-A triad?

Any software based on GPLed software retains the same rights as the original software.

The Linux open source license, referred to as GNU General Public License (GPL), requires which of the following?

False

The Red Hat Security Level Configuration tool is used to configure SELinux.

monolithic

The _________ part of the kernel contains drivers and options essential to the kernel boot process.

True

The cron and at services enable you to schedule tasks in Linux.

A hardened system usually has more packages to update than an unhardened system

The following are true of system hardening EXCEPT:

True

The iptables -R command replaces a rule in a chain of rules.

False

The ls -p command displays file and folder permissions.

True

Web sites use the standard TCP/IP port 80 to serve unencrypted Web pages.

Booleans

______ are the on/off settings in SELinux that allow or deny access for a service to interact with an object.

Pluggable authentication modules (PAM)

Linux implements _________ to determine how a user is to be authenticated and whether there are password policies associated with password databases.

True

The iptables -j DROP and -j REJECT command options both drop packets.

False

The iptables -s <ip_address> rule is applied to packets that come from the noteddestination address.

False

Whereas the cron service is a scheduler for jobs to be run on a one-time basis, the at service is a scheduler for jobs to be run on a regular basis.

Sealert -b

Which command starts the SELinux Troubleshooter?

/tmp/

Which directory renders many applications unusable, including logging into the graphical user interface (GUI), if the space allocated to the /tmp/ filesystem is full?

Root ALL=(ALL)ALL

Which entry in the standard /etc/sudoers file gives the root administrative user full privileges through sudo?

Boolean

Which file permission is NOT an example of discretionary access control?

/boot/

Which filesystem is a good candidate for mounting in read-only mode?

visudo

Which of the following commands is used to edit the /etc/sudoers file?

Samba

Which of the following enables a Linux system to be used as a Windows domain controller to authenticate Windows users?

/etc/sudoers

Which of the following files is NOT a part of the shadow password suite?

Allow

Which of the following is NOT an SELinux mode?

Fedora

Which of the following is the development distribution for Red Hat?


Related study sets

Unit 01: Shapes & Transformations

View Set

Radiographic positioning of the Hand, Wrist, Fingers

View Set

Personal Finance Study Guide: Final EXAM!

View Set

Soil Science Final Exam Walter State/1050-1051

View Set