Linux Security 1st In-Class Exam

Open source code in an online software repository cannot be altered by an attacker.

False

The C-I-A triad is an expansion of the Parkerian hexad.

False

The latest versions of Linux use the syslogd and klogd service daemons to configure logging for services and the kernel.

False

The package-management system in Linux is used to restrict permissions on files and folders.

False

Transmission Control Protocol (TCP) is a protocol and service for synchronizing clocks across systems on a network.

False

CHMOD 777

Sticky bit- Allows you to add and delete. Can put files on there and delete the files that you want.

The init process is the super process that is responsible for starting all processes other than those specified by the runlevel during system startup.

True

The majority of security vulnerabilities within Linux distributions are found within the applications and services that run on top of the kernel.

True

The sendmail e-mail service and the commercial SMTP server known as Sendmail are two different entities.

True

The set user ID (SUID) bit is a special permission that allows others to execute a given file with the rights of the user owner of the file.

True

The term "copyleft" is associated with the GNU General Public License (GPL).

True

To give administrative access to individual utilities to specific users, you can use the sudo command and configure access using the /etc/sudoers file.

True

Using nonstandard Transmission Control Protocol/Internet Protocol (TCP/IP) suite port numbers for key services can slow the efforts of attackers who want to break into a system.

True

Using the sudo command to issue command is typically safer than logging in as the root user.

True

Without proper controls in place, an attacker who gets access to a host system can make changes to any virtual machine on that host.

True

The sg command allows a user to join a group on a temporary basis

True

The shadow password suite is a local authentication database for Linux.

True

A hypervisor is a software interface designed specifically for virtual machines with limited resources.

False

GNU's Not Unix (GNU) refers to commercial versions of Linux software.

False

Most Linux distributions currently use a package called ipchains as firewall software.

False

Source-based distributions of Linux enable you to decide how many packages you want to include in it.

True

The Linux startup process begins automatically after the boot process loads the Linux kernel.

True

faillog_enab

where the failed login attempts are collected

SYSLOG_SG_ENABLE

where the group sg logs are kept

The process of fixing commercial software is typically less constrained by human resource issues than open source software projects.

False

Mint is a derivative of the Debian distribution.

True

PAMs Pluggable Authentication Module

how we determine who has root access

A black-hat hacker is someone who performs attacks against victims for malicious purposes.

True

Cron is a service for running administrative jobs on a regular basis.

True

Most Linux distributions have pre-compiled packages, which determine all the dependencies.

True

Discretionary access controls are permissions that have been set administratively; individual users cannot change them.

False

In the shadow password suite, the /etc/passwd file may store a hashed password for a group.

False

Iptables cannot perform network address translation

False

It is a best practice to run administrative commands as the root user.

False

LILO is the default boot loader for Ubuntu, Red Hat, and many other Linux distributions.

False

A virtual machine must be periodically updated just like any other system.

True

Access control lists (ACLs) provide a layer of discretionary access control

True

All packages in a source-based distribution of Linux must be compiled from source

True

Because administrators can configure a system to display graphical user interface (GUI) clients on a remote terminal, malware on one Linux GUI application can spread across a network to other GUI systems.

True

In Linux, every user and group has a user ID (UID) and group ID (GID) number.

True

In a Linux system, a smaller number of packages means a smaller surface area for attack.

True

In the Linux operating system, the kernel interfaces with the hardware to manage memory and file systems and make sure programs are run.

True

In the password shadow suite, the difference between /etc/shadow and /etc/gshadow is that with /etc/gshadow, passwords are rarely configured.

True

In the shadow password suite, the /etc/group file contains basic information for each group account

True

In the user private group scheme, Linux users are typically assigned to at least one group, which is based on that user's account.

True

Lightweight Directory Access Protocol (LDAP) uses an encryption certificate to avoid transmitting passwords over a network in cleartext.

True

Log files that record login attempts and login failures classify log messages as auth and authpriv.

True

One benefit of open source code is the ability to learn what the code does and how the program operates.

True

Pluggable authentication modules (PAM) allows users to be authenticated with local password stores and by way of network authentication, using facilities like Network Information Service (NIS) and the Lightweight Directory Access Protocol (LDAP).

True

Pluggable authentication modules (PAM) offers a number of ways for users to be authenticated on a Linux system.

True

SELinux and AppArmor provide mandatory access controls.

True

Samba can be configured to authenticate to a Windows Active Directory server.

True

Security results from appropriate controls and processes, and can't be measured at a point in time

True

The graphical user interface (GUI) is beyond the basic Linux operating system.

True

CHMOD 2770

sets up special octal permissions. Allows the directory command to go though on that system,Read, Write, not execute.

FTMP_FiILE

where login failures are kept

The C-I-A triad is the core and defining set of concepts with respect to information security.

True

The Linux open source license allows anyone to use, modify, and improve the source code.

True

Malware written for Windows graphical user interface (GUI) applications may affect Linux GUI applications.

False

Open source code rarely comes with an associated cryptographic hash.

False

Pluggable authentication modules (PAM) solves administrative permission problems by providing higher-level functions without having the whole program gain administrative access.

False

Regular Linux file and directory permissions are read, write, and traverse.

False

Regular Linux users may not be given administrative privileges to run administrative commands from regular accounts.

False

CHMOD 1777

Generic directory and is accessible and useable by anyone on the system.

Discretionary Access

Giving away authorization at your discretion

<100 Project

High Priority group/administrative suite

In the shadow password suite, user access to the /etc/shadow file is limited to the root administrative user.

True

A hardened Linux system typically contains fewer packages to be monitored for updates in case vulnerabilities are found in the software.

True

A rainbow table is a set of precomputed stored hashes that are mapped to a plaintext password.

True

Mandatory Access

Follow a list of rules to be authorized

100,000 project

Low Priority group

NIS

Mostly Unsecure LDAP would be the better alternative

SAMBA

Connects Windows Device to Linux Device (LDAP)