Linux Security 1st In-Class Exam
Open source code in an online software repository cannot be altered by an attacker.
False
The C-I-A triad is an expansion of the Parkerian hexad.
False
The latest versions of Linux use the syslogd and klogd service daemons to configure logging for services and the kernel.
False
The package-management system in Linux is used to restrict permissions on files and folders.
False
Transmission Control Protocol (TCP) is a protocol and service for synchronizing clocks across systems on a network.
False
CHMOD 777
Sticky bit- Allows you to add and delete. Can put files on there and delete the files that you want.
The init process is the super process that is responsible for starting all processes other than those specified by the runlevel during system startup.
True
The majority of security vulnerabilities within Linux distributions are found within the applications and services that run on top of the kernel.
True
The sendmail e-mail service and the commercial SMTP server known as Sendmail are two different entities.
True
The set user ID (SUID) bit is a special permission that allows others to execute a given file with the rights of the user owner of the file.
True
The term "copyleft" is associated with the GNU General Public License (GPL).
True
To give administrative access to individual utilities to specific users, you can use the sudo command and configure access using the /etc/sudoers file.
True
Using nonstandard Transmission Control Protocol/Internet Protocol (TCP/IP) suite port numbers for key services can slow the efforts of attackers who want to break into a system.
True
Using the sudo command to issue command is typically safer than logging in as the root user.
True
Without proper controls in place, an attacker who gets access to a host system can make changes to any virtual machine on that host.
True
The sg command allows a user to join a group on a temporary basis
True
The shadow password suite is a local authentication database for Linux.
True
A hypervisor is a software interface designed specifically for virtual machines with limited resources.
False
GNU's Not Unix (GNU) refers to commercial versions of Linux software.
False
Most Linux distributions currently use a package called ipchains as firewall software.
False
Source-based distributions of Linux enable you to decide how many packages you want to include in it.
True
The Linux startup process begins automatically after the boot process loads the Linux kernel.
True
faillog_enab
where the failed login attempts are collected
SYSLOG_SG_ENABLE
where the group sg logs are kept
The process of fixing commercial software is typically less constrained by human resource issues than open source software projects.
False
Mint is a derivative of the Debian distribution.
True
PAMs Pluggable Authentication Module
how we determine who has root access
A black-hat hacker is someone who performs attacks against victims for malicious purposes.
True
Cron is a service for running administrative jobs on a regular basis.
True
Most Linux distributions have pre-compiled packages, which determine all the dependencies.
True
Discretionary access controls are permissions that have been set administratively; individual users cannot change them.
False
In the shadow password suite, the /etc/passwd file may store a hashed password for a group.
False
Iptables cannot perform network address translation
False
It is a best practice to run administrative commands as the root user.
False
LILO is the default boot loader for Ubuntu, Red Hat, and many other Linux distributions.
False
A virtual machine must be periodically updated just like any other system.
True
Access control lists (ACLs) provide a layer of discretionary access control
True
All packages in a source-based distribution of Linux must be compiled from source
True
Because administrators can configure a system to display graphical user interface (GUI) clients on a remote terminal, malware on one Linux GUI application can spread across a network to other GUI systems.
True
In Linux, every user and group has a user ID (UID) and group ID (GID) number.
True
In a Linux system, a smaller number of packages means a smaller surface area for attack.
True
In the Linux operating system, the kernel interfaces with the hardware to manage memory and file systems and make sure programs are run.
True
In the password shadow suite, the difference between /etc/shadow and /etc/gshadow is that with /etc/gshadow, passwords are rarely configured.
True
In the shadow password suite, the /etc/group file contains basic information for each group account
True
In the user private group scheme, Linux users are typically assigned to at least one group, which is based on that user's account.
True
Lightweight Directory Access Protocol (LDAP) uses an encryption certificate to avoid transmitting passwords over a network in cleartext.
True
Log files that record login attempts and login failures classify log messages as auth and authpriv.
True
One benefit of open source code is the ability to learn what the code does and how the program operates.
True
Pluggable authentication modules (PAM) allows users to be authenticated with local password stores and by way of network authentication, using facilities like Network Information Service (NIS) and the Lightweight Directory Access Protocol (LDAP).
True
Pluggable authentication modules (PAM) offers a number of ways for users to be authenticated on a Linux system.
True
SELinux and AppArmor provide mandatory access controls.
True
Samba can be configured to authenticate to a Windows Active Directory server.
True
Security results from appropriate controls and processes, and can't be measured at a point in time
True
The graphical user interface (GUI) is beyond the basic Linux operating system.
True
CHMOD 2770
sets up special octal permissions. Allows the directory command to go though on that system,Read, Write, not execute.
FTMP_FiILE
where login failures are kept
The C-I-A triad is the core and defining set of concepts with respect to information security.
True
The Linux open source license allows anyone to use, modify, and improve the source code.
True
Malware written for Windows graphical user interface (GUI) applications may affect Linux GUI applications.
False
Open source code rarely comes with an associated cryptographic hash.
False
Pluggable authentication modules (PAM) solves administrative permission problems by providing higher-level functions without having the whole program gain administrative access.
False
Regular Linux file and directory permissions are read, write, and traverse.
False
Regular Linux users may not be given administrative privileges to run administrative commands from regular accounts.
False
CHMOD 1777
Generic directory and is accessible and useable by anyone on the system.
Discretionary Access
Giving away authorization at your discretion
<100 Project
High Priority group/administrative suite
In the shadow password suite, user access to the /etc/shadow file is limited to the root administrative user.
True
A hardened Linux system typically contains fewer packages to be monitored for updates in case vulnerabilities are found in the software.
True
A rainbow table is a set of precomputed stored hashes that are mapped to a plaintext password.
True
Mandatory Access
Follow a list of rules to be authorized
100,000 project
Low Priority group
NIS
Mostly Unsecure LDAP would be the better alternative
SAMBA
Connects Windows Device to Linux Device (LDAP)