Linux Final

Ace your homework & exams now with Quizwiz!

Which Tripwire command can you run regularly to detect deviations from a baseline?

#tripwire check

Which of the following directives in /etc/sysctl.conf should be set to 0 to deactivate routing on the local system?

/boot/

Turning the kernel parameters such as as the networking functionality

/etc/systl.conf

In a suspected compromised system, which of the following files should have the current data stored in RAM?

/proc/kcore

Standard logging services store logs in subdirectories

/var/log

To work with an encrypted filesystem during a digital forensic investigation, you need the following EXCEPT:

lvm2/cryptsetup

Which command helps an administrator understand a system's networking subsystem?

netstat

Which of the following commands includes port information for TCP and UDP communication in numeric format?

netstat-atnp

What does the following option in the /etc/sysctl.conf file do? net.ipv4.icmp_ignore_bogus_error_responses = 1

prevents systems from replying to ping requests

Which command does not include free space in the duplication process?

rsync

You want to find executable files in user directories. Which command is the best choice?

use a forensics kit such as Helix Knoppix

You want to use certificates on your web site (CA)

Official CA certification, your website won't get error message

Which of the following is NOT a type of Ubuntu repository?

Opensource

When creating self signed certificate which is not required

The root password

When configuring an authoritative DNS

Cache Poisoning

What is the most likely consequence of an attacker changing the routing tables on your systems?

Can redirect your users to his or her systems

Which Linux distribution is known as a rebuild of Red Hat Enterprise Linux?

Cent os

Is an entity that issues digital certificates

Certificate authority

Recursive queries are commonly associated with

DNS Servers

The apt-* commands are a series of commands developed for ______ Linux distribution. Which of the following checks for available updates?

Debian

What is Content Scramble System (CSS) associated with?

Digital rights management

In Apache Web Server, Server Tokens directive

Displays when a user navigates to a nonexisent webpage

When auditing user security, which of the following may be subject to privacy limits, per any laws and requirements of the jurisdiction of the employee and the server?

Email access

Before customizing a kernel, you should clean the directories associated with the source code by using which command? To customize a kernel, which command opens a kernel customization editing tool?

Make clean

What do the following Apache directives accomplish, collectively? Order deny, allow Deny from all Allow from 192.168.0.0/255.255.255.255.0

Limits website accessibility to a certain IP address network

You want to use a Squid Proxy Server

3128

Which of the following is an advantage of compiling a customized kernel rather than using a vendor-supplied kernel?

A custom kernel can be compiled with only the necessary modules and features

What is the best description of a functional bug?

A flaw in software that prevents part of a program

What is a commonly used bug tracking system derived from Mozilla's system and now used by Red Hat and many others?

Bugzilla

How can kernel parameters be changed without rebooting the computer system?

By modifying the value of files in the /proc file system

AIDE can be described as:

Advanced Intrusion Detection Environment

Which of the following directories should be made read-only until updates are needed?

All of the above

Which of the following enables you to check an Online Certificate Status Protocol (OCSP) server for the current status of a digital certificate?

Apache

Why is it important to install antivirus software for a Samba file server in a Microsoft Windows environment?

Because shared files on the samba server can infect windows

You are performing computer forensics and need to review data currently in RAM. What do you do to ensure you don't lose or modify the RAM data?

Create a checksum file

Log entries associated with printing are stored in which of the following?

Cups logs

A baseline configuration typically includes the following EXCEPT:

Current network state of the system that interfaces that are used the firewalls

What is the general name of a fully functional version of a Linux distribution that runs in RAM and does not require a hard disk?

Live CD

You may create multiple gold baseline configurations to reflect separation in

Filesystems

What is the best first step in responding to a compromised system?

Follow what is outlined in the incident response plan

What can you use to ensure the integrity of a downloaded package?

GNU privacy Guard (GPG) Keys

Which of the following is NOT a characteristic of a gold Linux baseline?

GUI

What is Squid

HTTP Proxy

Which desktop environment is the Konqueror Web browser part of, by default?

KDE

The commercially supported update system for the Ubuntu distribution is:

Landscape

Which of the following is the correct method to apply a new kernel built on a Linux system?

Install is as a new kernel leaving the OG kernel in place

What is Anaconda?

Installation Program used by Fedorea

You want to list open files, focusing the output on network-related processes and organizing the connections by service. Which command can you use?

Isof-ni

How can you disable Internet Protocol version 4 (IPv4) packet forwarding on a running kernel?

Issue the #echo "0" > /proc/sys/net/ipv4/ip_forward command

Which organization maintains the Common Vulnerabilities and Exposures (CVE) list?

Mitre Corporation

Which of the following is NOT an example of live media with penetration testing tools?

Nessus

Which of the following tools would be most appropriate to periodically scan all Linux servers for vulnerabilities?

Nessus

In Apache Web Server, Keep Alive

Persistent connections

LAMP Stands for "P"

Port 3306/ Perl, Python, PHP

An enterprise running Red Hat Enterprise Linux (RHEL) that wishes to control its own repository locally for package updates may consider using

Rad Hat Satellite Server

Are configuring a master authoritative DNS

Recursive querying

Which of the following is NOT a type of Domain Name Service (DNS) Server

Relay agents

Which term describes a common malware targeted for Linux operating systems that allows a black-hat hacker to take over the computer system with administrative privileges?

Rootkit

Which of the following is a valid reason to use a live CD on a suspected compromised system?

The live CD can be used for forensic analysis

You are an Ubuntu system administrator. You created a baseline and want to use it to create a fully functional Web server. You have a list of programs you need to add to the system. Which command lets you add multiple programs most easily?

Tasksel Command

To create a minimal Linux installation, for a bastion host for example, which mode should you install the operating system in?

Text

Which instrument documents where evidence came from, how that evidence was duplicated, and the methods used to analyze that evidence?

chain of cusodty

Of the following, which Linux distribution is released with long-term support (LTS) every two years?

Ubuntu

Which of the following types of updates least commonly relates to the Linux kernel?

Updates that address software bugs

Which of the following actions should you not take when implementing a new kernel?

Upgrade

Which command creates a bit-by-bit duplicate of an original disk?

dd

A security compliance team finds that a local file server has been mistakenly configured to forward packets and needs to be fixed immediately. How can a Linux system administrator verify that the Linux system is forwarding IPv4 packets?

Verify the kernel by viewing /proc/sys/net/ipv4/ip-forward

Which of the following is self-replicating malware that differs from a virus in that it does not require direct user involvement to spread?

Worm

Which commands are required to limit remote access with Squid

acl, http access

What is the native package manager for Ubuntu and other Debian-based distributions?

apt


Related study sets

Musician's Guide to Fundamentals: Chapter 1 - 6 Review

View Set

480- Complex Exam 1; Module 1 (Introduction to Complex Care)

View Set

English For Today (BD-HSC)-Nelson Mandela, from Apartheid Fighter to President (MCQ)

View Set

PSYU3339 - Aggression and Bullying

View Set