OSP201

Ace your homework & exams now with Quizwiz!

What should be the first line of a LILO configuration file stanza intended to boot a Linux kernel stored as /boot/bzImage-2.6.26? A. image=/boot/bzImage-2.6.26 B. image /boot/bzImage-2.6.26 C. kerne1 /boot/bzImage-2.6.26 D. kernel=/boot/bzImage-2.6.26

a

What tool would you use to disable a motherboard's sound hardware if you don't want to use it? A. The firmware B. The alsactl utility C. The lsmod command D. The lspci program E. None of the above; onboard sound devices can't be disabled

a

Which Apache directive specifies an alternative port for Web pages? a. listen b. quiet c. Server Tokens d. webport

a

Which Linux filesystem format does not include any type of journaling? a. ext2 b. ext3 c. ext4 d. xfs

a

Which directive do you add or enable in the Samba configuration file to prohibit access to the [homes] share by anyone other than the owner? a. valid users = %S b. write list = @admin c. create mask = 0700 d. directory mask = 0700

a

Which is true of using both RPM and Debian package management systems on one computer? A. It's generally inadvisable because the two systems don't share installed-file database information. B. It's impossible because their installed-file databases conflict with one another. C. It causes no problems if you install important libraries once in each format. D. It's a common practice on Red Hat and Debian systems. E. Using both systems simultaneously requires installing the alien program.

a

Which method is preferable for securing access in the Remote Access Domain? a. SSH b. Telnet c. FTP d. NF

a

Which of the following commands creates a display of processes, showing the parent/child relationships through links between their names? A. ps --forest B. ps aux C. ps -e D. ps --tree E. All of the above

a

Which of the following commands prohibits access from all users except the user owner and member of the group that owns the file named filename A chmod 770 filename B chmod 707 filename C chmod 077 filename D chmod 007 filename

a

Which of the following commands will extract the contents of the myfonts.rpm file into the current directory? A. rpm2cpio myfonts.rpm | cpio -i --make-directories B. rpm2cpio myfonts.rpm > make-directories C. rpm -e myfonts.rpm D. alien --to-extract myfonts.rpm E. rpmbuild --rebuild myfonts.rpm

a

Which of the following commands will print lines from the file world.txt that contain matches to changes and changed? A. grep change[ds] world.txt B. sed change[d-s] world.txt C. od "change'd|s'" world.txt D. cat world.txt changes changed E. find world.txt "change(d|s)"

a

Which of the following directories is most well suited as a read-only filesystem A /boot/ B /home/ C /mnt/ D /srv/

a

Which of the following is an insecure method of remote access? a. SSH b. IPSec c. Telnet d. All of the above

a

Which of the following options in a log configuration file collects information on login attempts and failures? A auth B sys C log D user

a

Which of the following pieces of information can df not report? A. How long the filesystem has been mounted B. The number of inodes used on an ext3fs partition C. The filesystem type of a partition D. The percentage of available disk space used on a partition E. The mount point associated with a filesystem

a

Which of the following services should NOT be disabled on a bastion host users as an FTP server? Assume that the host is administered remotely, over an encrypted connection. A. SSH B. Telnet C. CUPS D. iptables

a

Which of the following statements applies to the IP address 192.168.0.1? A. It is reserved. B. It cannot be assigned to a host that accesses the Internet. C. It is designated for multicast transmission. D. It can be freely assigned to a host on a private network

a

Which of the following statements best describes the role of mandatory access controls? A. They protect other services after a security breach in an account. B. They protect a system from black-hat hacker access though firewalls. C. They disable clear-text services such as Telnet. D. They provide specific requirements for access to critical services.

a

What can the type command do that whereis can't do? A. Identify the command as being for x86 or x86-64 CPUs B. Locate commands based on their intended purpose, not just by name C. Identify a command as an alias, internal command, or external command D. Assist in typing a command by finishing typing it for you E. Identify a command as being a binary or a script

c

What is the effect of the following command? $ myprog &> input.txt A. Standard error to myprog is taken from input.txt. B. Standard input to myprog is taken from input.txt. C. Standard output and standard error from myprog are written to input.txt. D. All of the above. E. None of the above.

c

What program would you use to display the end of a configuration file? A. uniq B. cut C. tail D. wc E. fmt

c

When should programs be configured SUID root? A. At all times; this permission is required for executable programs. B. Whenever a program should be able to access a device file. C. Only when they require rootprivileges to do their job. D.Never; this permission is a severe security risk.

c

Where might the BIOS find a boot loader? A. RAM B. /dev/boot C. MBR D. /dev/kmem E. The swap partition

c

Which FHS directory can be mounted separately from the root directory ? a. /sbin/ b. /bin/ c. /home/ d. /etc/

c

Which Linux directive hides or obscures boot messages? a. prompt b. quiet c. hide d. delay

c

Which file lists standard ports for many services? a. /etc/fstab b. /etc/init.d/ c. /etc/services d. /etc/sysconfig/

c

Which of the following describes a difference between apt-get and dpkg? A. apt-get provides a GUI interface to Debian package management; dpkg doesn't. B. apt-get can install tarballs in addition to Debian packages; dpkg can't. C. apt-get can automatically retrieve and update programs from Internet sites; dpkg can't. D. apt-get is provided only with the original Debian distribution, but dpkg comes with Debian and its derivatives. E. apt-get works only with Debian-based distributions, but dpkg can work with both RPMs and Debian packages.

c

Which of the following is NOT a standard open source option for SMTP e-mail services? A. sendmail B. Postfix C. Dovecot D. Exim

c

Which of the following is a protocol that supports remote logins to a GUI system? a. Telnet b. SysV c. SSH d. RPM

c

Which of the following is an open source license? A. Freeware B. Public domain C. GNU GPL D. Any Microsoft license

c

Which of the following laws ensure that all U.S.-based financial institutions protect personal financial information of their clients? a. HIPAA b. SOX c. GLBA d. PCI DSS

c

Which of the following options is used with fsck to force it to use a particular filesystem type? A. -A B. -N C. -t D. -C

c

Which of the following statements is NOT true about a live CD distribution? Assume your system can boot from appropriate locations. A. It can be booted from a DVD drive. B. It can be booted from a USB port. C. It automatically installs that Linux distribution on your system. D. It provides administrative control of your system without a password.

c

Which of the following is not a SELinux mode? a. Disabled b. Permissive c. Enforcing d. Allow

d

Which of the following is not a common server form factor? a. Rack b. Blade c. Tower d. FireWire

d

You've downloaded a package named evolution-2.6.0.41.i586.rpm to your home directory. What command will you use to check the digital signature of the package to verify that is has not been tampered with?

rpm -checksig ./evolution- 2.6.0.41.i586.rpm

What command would you use to uninstall the evolution-2.6.0.41.i586.rpm from your system?

rpm -e evolution

You have just downloaded an RPM package named evolution- 2.6.0.41.i586.rpm. What command will you use to install the package on your system, displaying a progress indicator as the installation is completed?

rpm -ihv ./evolution- 2.6.0.41.i586.rpm

_________ range from 0-6

runlevels

The GRUB process happens in

stages

You've received a tarball called data79.tar from a colleague, but you want to check the names of the files it contains before extracting them. Which of the following commands would you use to do this?

tar tvf data79.tar

Having booted into run level 3, how would you change to run level 5 without rebooting? telinit 5 startx run 5 ALT-F7-5 setinit 5

telinit 5____

Which command will update the slocate database as a background process?

updatedb &

The third field in the /etc/passwd file is

user ID (UID)

To delete a user, you must use the _____________ command.

userdel

An enterprise running RHEL that wishes to control its own repository locally for package updates may consider using _________. a. Red Hat Satellite Server b. Hosted RHN c. ZENworks d. Landscape

a

How might you identify an initial RAM disk file in GRUB 2? A. initrd /boot/initrd-3.4.2 B. initrd=/boot/initrd-3.4.2 C. initramfs /boot/initrd-3.4.2 D. initramfs=/boot/initrd-3.4.2 E. ramdisk=/boot/initrd-3.4.2

a

How would you remove two lines of text from a file when using vi? A) In command mode, position the cursor on the first line and type 2dd. B) In command mode, position the cursor on the last line and type 2yy. C) In insert mode, position the cursor at the start of the first line, hold down the Shift key while pressing the down-arrow key twice, and press the Delete key on the keyboard. D) In insert mode, position the cursor at the start of the first line and press Ctrl+K twice. E) Select the text with the mouse, and then select File ➢ Delete from the menu.

a

In a suspected compromised system, which of the following files will have the current data stored in RAM? a. /proc/kcore b. /var/log/ram.log c. /var/log/messages d. /proc/sys

a

What part of a network is best for bastion servers A. A DMZ B. The protected network C. Virtual hosts in a bridged network D. A bastionized network

a

What user account information can be found in the /etc/passwd file? a. The user's basic information, such as the default login shell b. The user's encrypted password c. Information on when the user last changed the password d. The user's sudo permissions

a

What would be the result of changing the GRUB option timeout=5 to timeout=0 on the Linux operating system? a. The boot loader will immediately boot the operating system into the default kernel. b. The system will display a "kernel panic" error. c. All TCP/IP connections will timeout immediately. d. This will have no impact on the Linux operating system.

a

Which directory does the FHS recommend for locating the configuration files? a. /etc/ b. /var/ c. /opt/ d. /usr

a

Which mounting option enables user quotas on a filesytem? a. usrquota b. enable quotas c. edquota d. rw

a

Which of the following file is used to configure ACLs for a filesystem A /etc/fstab B /etc/acl C /etc/pam.d/acl D /etc/filesystems

a

Which of the following filesystem formats is best suited for a smailler filesystem A ext2 B ext3 C ext4 D reiserfs

a

Which of the following is the best choice for network authentication? a. LDAP b. NIS c. PolicyKit d. openss

a

Configuring a user account policy with minimum password length, maximum days for using a password, and various user logins can be performed by editing the ________ file. a. passwd b. login.defs c. shadow d. gshadow

b

Red Hat and Ubuntu are examples of ______. a. source code b. distributions c. applications d. None of the above

b

Running a network service in a chroot environment is considered a layer of security because: a. The service is not allowed public access. b. The service runs in isolation in its own virtual-like environment. c. The service runs as the root user. d. The service runs on a read-only filesystem.

b

The file to configure the various logging subsystem facilities for sysklogd package is ___________. a. /etc/sysklogd.conf b. /etc/syslog.conf c. /etc/logs.conf d. /etc/boot.log

b

The string root (hd1,5) appears in your /boot/grub/menu.lst file. What does this mean? A. GRUB tells the kernel that its root partition is the fifth partition of the first disk. B. GRUB looks for files on the sixth partition of the second disk. C. GRUB looks for files on the fifth partition of the first disk. D. GRUB installs itself in /dev/hd1,5.

b

What is Canonical? a. An type of open source license b. The private company behind Ubuntu c. An auditing program d. A security framework

b

What is a common use for Linux in the LAN-to-WAN Domain? a. Firewall b. Gateway c. Bastion host d. All of the above

b

What line in /etc/inittab would indicate that your default runlevel is 5? A. ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now B. id:5:initdefault: C. si:5:sysinit:/etc/init.d/rcS D. l5:5:wait:/etc/init.d/rc 5 E. 1:2345:respawn:/sbin/getty 38400 tty1

b

Which command helps to better understand the networking subsystem? a. nmap b. netstat c. top d. vmstat

b

Which file is used to configure the various mounting options of a filesystem upon boot? a. /etc/mount b. /etc/fstab c. /var/filesystem d. /boot/config

b

Which of the following PolicyKit concepts is associated with configuring access rules to special desktop tools by user A Implicit authorizations B Explicit authorizations C Administrative authorizations D PolicyKit authorizations

b

Which of the following Samba directives specify permissions of files created on a shared network directory A create_octal B creat_mask C create_options D create_write

b

Which of the following client can connect to a Microsoft Exchange server A Balsa B Evolution C Kmail D Thunderbird

b

Which of the following commands is used to transfer data over an SSH connection in encrypted format? a. dd -encrypt b. rsync -e ssh c. cp -e ssh d. dump /dev/sda

b

Which of the following commands list currently installed packages on Linux system A rpm -qi B rpm -qa C rpm -qf D rpm -ql

b

Which of the following commands list quota useage by user A quota B repquota C quotacheck D Quotarep

b

Which of the following directories is appropriate for quotas A /etc/ B /home/ C /opt/ D /usr/

b

Which of the following files contains information about time limits on a password A /etc/passwd B /etc/shadow C /etc/group D /etc/gshadow

b

Which of the following is an advantage of compiling a customized kernel rather than using a vendorsupplied kernel? a. A custom kernel is easier to update and maintain. b. A custom kernel can be compiled with only the necessary modules and features. c. A custom kernel cannot be compromised by black-hat hackers. d. A custom kernel has no advantages over a vendor-supplied kernel and should be avoided in all scenarios.

b

Why is it important to install antivirus software for a Samba file server in a Microsoft Windows environment? a. Because Linux viruses cause Windows operating system clients to become unstable b. Because shared files on the Samba server can contain viruses that can infect Windows clients c. To protect the Linux server from crashing due to viruses from Windows clients d. To allow automatic updates on Linux systems

b

You type the following command: $ runlevel 5 3 What can you tell about your runlevel status?(Select Two) A. The current runlevel is 5. B. The current runlevel is 3. C. The previous runlevel is 5. D. The previous runlevel is 3. E. The runlevel is in the process of changing.

b, c

Which of the following directories are suitable for separate files systems (Select two) A /etc/ B /home/ C /lib/ D /var/

b, d

A user needs access to execute networking-related commands only. What type of access should be granted using the principle of least privilege? a. The user should be added to the admin group. b. The user should be given sudo access to all of root's commands. c. The user should be given sudo access to NETWORKING. d. The user should be provided with the root password.

c

Which entry in the standard /etc/sudoers file gives the root administrative user full privileges through sudo? a. admin ALL=(ALL) ALL b. %admin ALL=(ALL) ALL c. root ALL=(ALL) ALL d. sys ALL=(ALL) ALL

c

Which of the following directories contain GPG private and public key? A .gpg B .gpgkeys C .gnupg D .keys

c

Which of the following directories typically includes files associated with third-party A /etc/ B /home/ C /opt/ D /usr/

c

Which of the following is NOT a potential security issue with respect to the Linux GUI? A. The Linux GUI is a client-server system. B. Linux GUI applications can be networked. C. Linux GUI applications can be assessed over an SSH connection. D. Users can log into the Linux GUI remotely.

c

Which of the following is a valid reason to use a Live CD on a suspected compromised system? a. The live CD can restore the system back to its original state before the compromise. b. The Live CD can trick the black-hat hacker into exploiting the Live CD instead of the production system. c. The Live CD can be used for forensic analysis. d. This Live CD can temporarily replace the compromised system while a restore is being performed.

c

Which of the following kernel types is most likely to work with the smallest amount of RAM? A. Desktop B. Server C. Virtual machine D. Generic

c

Which of the following statements is true with the user private group scheme? A There are no private groups in Linux B User information in the group is private C The primary UID for the user is the same as the primary GID for the user

c

which of the following control flags used in PAM approves user access assuming that there are no previous failures? a. required b. requisite c. sufficient d. allow

c

Members of which of the following groups are frequently set up as printer administrators (select 2) A. admin B. adm C. lpadmin D. sys

c, d

From the following options, name the component that is NOT part of a Linux User Domain. A. Regular users B. Regular groups C. Service users D. Computer users

d

Script in which of the following directories can be used to deactive a currently running services A /etc/rc5.d/ B /etc/rcS.d/ C /etc/event.d/ D /etc/init.d/

d

Under normal circumstances, what happens when a system can't be booted with a newly installed Linux kernel? A. You need to install the old kernel. B. The system can't be booted. You need to reinstall that Linux distribution. C. The system can't be booted. You need to recover the old Linux kernel with help of a recovery or rescue mode for that distribution. D. The old kernel is still available through the boot loader.

d

Using Linux as a desktop typically involves the added security risk of: a. All users on the network having access to each other's files b. Not being able to use SSH c. Not having access to security updates d. Running GUI applications

d

What is the best first step in responding to a compromised system? a. Immediately turn off the computer system. b. Immediately unplug the computer system from the electrical outlet. c. Run a Live CD. d. Follow what is outlined in the incident response plan.

d

What is the first program that the Linux kernel runs once it's booted in a normal boot process? A. dmesg B. lilo C. rc D. init

d

Which command is used to install GRUB Legacy into the MBR of your first SATA hard drive? A. grub (hd0,1) B. grub-install /dev/sda1 C. lilo /dev/sda D. grub-install /dev/sda E. grub-legacy /dev/sda1

d

Which of the following commands is associated with the Linux unified key setup disk encryption specification A dcrypt B ecryptfs C gpg D cryptsetup

d

Which of the following commands starts a console-based Web browser A konqueror B opera C firefox D elinks

d

Which of the following directories contain the standard chroot jail location for Red Hat BIND servers A netfs B nfslock C rpcsvcgssd D ncsd

d

Which of the following directories contains scripts that control servies A /etc/default B /etc/sysconfig C /etc/xinetd.d D /etc/init.d/

d

Which of the following files is not a part of the shadow password suite? a. /etc/shadow b. /etc/group c. /etc/passwd d. /etc/sudoers

d

Which of the following hardware components is NOT used to boot a Linux system? A. A PXE-enabled network card B. A USB port C. A CD drive D. An Ethernet port

d

Which of the following is a positive effect of virtualization on security? A. Many virtual machines will confuse malicious users B. Virtual machines can be configured with many services C. Virtual machines can be configured as firewalls D. Additional virtual machines make it possible to configure more bastion hosts

d

Which of the following is an example of discretionary access controls? A. SELinux B. AppArmor C. PolicyKit D. User-defined read, write, and execute permissions

d

Which of the following roots of trust is associated with the BIOS/UEFI? A. The Root Trust for Reporting B. The Root Trust for Storage C. The Root Trust for Management D. The Root Trust for Networking

d

Which of the following security certifications is associated with open source software? A. SSCP B. CISSP C. RHCE D. OSPA

d

Which of the following statements best describes the structure of the Linux kernel? A. A single monolithic kernel B. A completely modular kernel C. A modular core with monolithic components D. A monolithic core with modular components

d

You configured quotas on a Linux system. Which command do you use to edit the quota of a specific user? a. usrquota b. edit quota c. rw d. edquota

d

The ___ command searches for all files owned by the group named audio. Assume you're logged into the root administrative account

find / -group audio

The command that lists the current ACL rules on the local file named test1 is ______. Assume your user account is the owner of file test1

getfacl test1

Tuning the kernel parameters, such as the networking functionality, can be accomplished by editing the ________ file. a. /etc/sysctl.conf b. /etc/kernel.conf c. /etc/network.conf d. /etc/parameters.con

a

ClamAV can be described as: a. A software management tool for Linux distributions b. A firewall for Linux systems c. An open source anti-virus solution mainly used on Linux e-mail gateways d. An open source infrastructure for keeping software updated

c

If a share on a Microsoft Windows host needs to mount on the Linux filesystem, which network service would typically be used? a. NFS b. NIS c. Samba d. SS

c

Kernels released for different architectures vary because different platforms have different a. networks b. firewalls c. CPUs d. hard drive

c

The iptables command is used to configure ___________. a. a mandatory access control b. user account information c. a firewall d. TCP Wrappers

c

The Web site associated with the Linux Kernel Organization is __________.

http://kernel.org

which of the following commands is used to edit the /etc/sudoers file? a. usermod b. sudo <username> c. sudoers d. visudo

d

Which of the following are restrictions on ordinary users' abilities to run renice? (Select all that apply.) A. Users may not modify the priorities of processes that are already running. B. Users may not modify the priority of their programs launched from anything but their current shells. C. Users may not decrease the priority (that is, increase the priority value) of their own processes. D. Users may not modify the priorities of other users' processes. E. Users may not increase the priority (that is, decrease the priority value) of their own processes.

d, e

How many commands can you pipe together at once? A. 2 B. 3 C. 4 D. 16 E. An arbitrary number

e

You've just installed Linux on a new computer with a single SATA hard disk. What device identifier will refer to the disk? A. /dev/sda B. /dev/mapper/disk1 C. /dev/hda D. C: E. /dev/sda or /dev/hda

e

Know the Linux command for listing all running processes.

ps aux or just ps

You currently have evolution- 2.2.0.53.i586.rpm on your system. You have recently downloaded evolution- 2.6.0.41.i586.rpm to your system and want to install it. What command will you use to upgrade(install) the newer package?

rpm -U evolution- 2.6.0.41.i586.rpm

Assuming all of the preliminary steps have been taken correctly, what command would you enter at the shell prompt to extract all of the files from the Bit Torent- 5.0.1.tar.gz archive?

tar -xvzf Bit Torrent- 5.0.1.tar.gz

Stage 2 consists of

two images

To modify an existing user's profile you, must use the _____________ command.

. usermod

The configuration files for BASH are

.bashrc/.profile

Group information is stored in the

/etc/group file

Under the bash shell which is the most appropriate place to set environment variables that apply to all users?

/etc/skel

Where does the RPM store its database of installed packages?

/var/lib/rpm

If your system has 1 GB of RAM, how big should your swap partition be?

2 GB (2x system memory)

LILO is a __________ bootloader

2 stage

Run level _____________ is the normal run level

3

Assume that you have just logged on as aregular user. Which of the following commands allows you to edit the file with user passwords associated with the Shadow Password Suite?

B. sudo -c "vi/etc/shadow"

How do you exit Vi's insert mode in order to type command-mode commands?

Esc key

A server should be located out in the open, with easy access for all.

False

A server should be user friendly so anyone in the company can use it for casual computing.

False

In the Macintosh and Windows design concept, the GUI interface and kernel are separate.

False

The server room does not need to be temperature controlled because servers are robust and can handle a wide variety of temperatures.

False

ext3 and ext are exactly the same file system with different names.

False

"One computer, one desk, one user" was the vision of Richard Stallman.

False (Gates)

We used the second extended file system (ext2) for our file system.

False( ext4)

GNU stands for

GNU's not Unix

The ________ Shell is interactive.

GRUB

__________ aims to be compliant with the Multiboot Specification.

GRUB

GRUB stands for

Grand Unified Bootloader

The RPM and YUM package management systems are usually associated with _______ distributions.

Red Hat/Fedora

What is Linux exactly?

The core of the operating system: the kernel.

Which of the following is true of Linux passwords?

They are changed with the password utility.

From Vi's command mode, you want to enter insert mode. How might you do this?

Type R. Type i. Type a.

Which of the following measures is the most effective way to prevent attacks through various network services?

Uninstall unneeded network services.

How can you best see how much free space you have in your current directory?

Use df

What is YaST?

Yet another Setup Tool and it has a GUI interface

A "vanilla" kernel has _____________. a. a stock built from the mainline kernel b. a customized kernel built from a distribution supplier c. no networking capability d. a kernel that may have been compromised and cannot be trusted

a

A network file server has become unavailable while your Linux computer was accessing it at /mnt/remote. Now you want to umount that share, but because the server has disappeared, umount complains. Which of the follow commands is most likley to successfully unmount this unresponsive mount? A. umount -f /mnt/remote B. umount -a C. mount -o remount, ro/mnt/remote D. umount --kill /mnt/remote

a

What is an entry-level security certification offered by (ISC)2? a. CISSP b. SSCP c. OSPA d. OWS

a

.You are told by a co-worker that information pertaining to the syslog command can be found in man page 3. How would you view this information? A. man syslog 3 B. man 3 syslog C. man syslog -3 D. man -3 syslog

b

From the following commands, which one updates the GRUB 2.0 configuration file read by the boot loader? A. grub-setup B. grub-mkconfig C. grub-install D. grub-set-default

b

Which of the following commands only requires the password of a configured standard user A sudoers B sudo C su D sg

b

You have accidentally deleted a file on an ext3fs partition. To recover it, you first enter debugfs, specifying the partition's device node. How can you recover the file? A. Type restore and then select the file fom the list that appears. B. Type undelete inode, where inode is the files' inode number. C. Type restore /path/filename, where path is the complete path to the file and filename is its filename. D. Type undelete path/filename, where path is complete path to the file and filename is its filename.

b

What are common IRQs for RS-232 serial ports?(Select two.) A. 1 B. 3 C. 4 D. 8 E. 16

b, c

The well-known TCP/IP port numbers range from 0 to _____. a. 10 b. 500 c. 1023 d. 4096

c

Who developed the first Linux kernel? a. Andrew S. Tannenbaum b. Bill Gates c. Linus Torvalds d. Richard Stallman

c

what programs might you use to learn what your system's load average is? (Select all that apply.) A. ld B. load C. top D. uptime E. la

c, d

Which of the following are not Linux DHCP clients? (Select two.) A. pump B. dhcpcd C. dhcpd D. dhclient E. ifconfig

c, e

In addition to usernames/passwords, SSH can authenticate a user based upon: a. The user's IP address b. The user's domain name c. Fingerprint technology d. A passphrase using a public and a private key

d

LAMP stands for Linux/Apache/MySQL/P, where the "P" can stand for ______. a. Perl b. Python c. PHP d. All of the above

d

The GRUB configuration file is generally located in the ______ directory. a. /home/ b. /root/ c. /var/ d. /boot

d

The open source package trousers is associated most closely with ______. a. protocol analysis b. biometric controls c. firewalls d. Trusted Platform Module (TPM)

d

To access files on a USB pen drive, you type mount /dev/sdc1 /media/pen as root. Which types of filesystems will this command mount, provided the filesystem support exists in the kernel? A. Ext2fs B. FAT C. HFS D. All of the above

d

Which of the following terms is associated with malicious users in the open source community? A. Hackers B. Crackers C. Techies D. Nerds

b

The init process always gets a PID of

1

In Linux, the two most common boot loaders are

GRUB and LILO

A system administrator types the following command: # shutdown -c What is the effect of this command? A. A previously scheduled shutdown is cancelled. B. The system shuts down and reboots immediately. C. The system shuts down and halts immediately. D. The system asks for confirmation and then shuts down. E. The system closes all open windows in X without shutting down.

a

An executable file with the _________ bit allows other users to run that command, with the permissions assigned to that user owner. a. SUID b. UID c. GID d. sticky

a

The read, write, and execute permissions of a file are an example of a ________. a. discretionary access control b. firewall control c. mandatory access control d. system kernel control

a

Which of the following is a fake shell you can use for nonstandard users to enhance security? a. bash b. nologin c. sh d. ssh

b

Which of the following commands will change all occurrences of dog in the file animals.txt to mutt in the screen display? A. sed -s "dog" "mutt" animals.txt B. grep -s "dog||mutt" animals.txt C. sed 's/dog/mutt/g' animals.txt D. cat animals.txt | grep -c "dog" "mutt" E. fmt animals.txt | cut 'dog' > 'mutt'

c

Which of the following concepts is NOT one of the five OSSTMM process controls? A. Privacy B. Alarm C. Authenticity D. Intergrity

c

Which of the following PolicyKit commands can be used to identify user logins by session? (select 2) A ck-history B ck-list-sessions C ck-launch-sessions D ck-logins

a, b

What does the following command accomplish? # mkfs.ext2 /dev/sda4 A. It sets the partition table code for /dev/sda4 to ext2. B. It converts a fat partition into an ext2fs partition without damaging the partition's existing files. C. It creates a new ext2 filesystem on /dev/sda4, overwriting any existing filesystem and data. D. It checks the ext2 filesystem on /dev/sda4 for errors correcting any that it finds.

c

Which of the following are ways to disable dynamic routing? A. The linuxconf Gated Daemon screen B. The linuxconf Routed Daemon screen C. echo "0" > /proc/sys/net/ipv4/dynamic_

b

Which of the following is a security risk associated with the LILO boot loader? A. Changes to LILO can be password protected. B. It supports password-free access to the administrative account. C. It allows a user to boot Microsoft Windows. D. It supports the booting of a monolithic Linux kernel.

b

Which of the following options is a development tool that compiles source code A configure B make C gcc D cpp

b

Which of the following regular expressions will match the strings dig and dug but not dog? A. d.g B. d[iu]g C. d[i-u]g D. di*g

b

Which of the following represents a type of mandatory access control? a. A user cannot open the /etc/shadow file to read because the file is owned by user and group root. b. The FTP service is allowed to interact with directories other than users' home directories. c. A regular user account does not have permission to read /var/log file. d. A user can give read, write, and execute permissions to a file.

b

Which of the following special permissions is ascociated with a shared directory? That directory is not accessible to others who are not members of the group owner of that directory A SUID B SGID C Sticky bit D Executable bit

b

Which service script in the /etc/init.d/ directory is not related to SELinux A auditd B dund C mstrans D restorecond

b

Which of the following command can help identify network ports used by NIS through the portmapper A nismap -p B ypbind -p C rpcinfo -p D portmap -p

c

Which of the following command sets the SUID bit on the file named filename A chmod 1770 filename B chmod 2750 filename C chmod 4555 filename D chmod 3777 filename

c

Which of the following commands can automatically detect dependencies during software installation? a. tar b. rpm c. yum d. make

c

Which of the following concepts is NOT part of the CIA triad? A. Authority B. Access C. Authenticity D. Availability

c

the first program that runs when a computer starts

a bootloader is

Which of the following directives in a LILO configuration file specifies the time before the default operating system is booted? A. delay B. timeout C. default D. period

a

To add a comment to the new user's profile, the _________ option could be used A. -A B. -N C. -t D. -C

d

A server (or any system) should have a strong password.

T

In Linux, the GUI interface and the kernel are separate.

T

It is important to check your distribution's Hardware Compatibility List (HCL) before installing Linux.

T

KDE, GNOME and XDE are examples of GUI interfaces available for Linux

T

VFS is used for a partition that will store files from nonLinux Operating Systems.

T

Virtual memory is the same as Swap space in Linux.

T

We will be using a dual-boot system in this course.

T

With Server 2008, Microsoft has somewhat decoupled the GUI from the base OS.

T

Which statement describes the cron daemon?

Manages scheduling of routine system tasks

Which Partition is used by Linux for virtual memory?

Swap

LUKS is a specification for ________. a. mounting filesystems b. disk encryption c. mounting remote services d. linux kernels

b

Name the Linux service associated with virtual application support. A. KVM B. WINE C. VMware Player D. Xen

b

Which of the following commands will number the lines in aleph.txt? (Select three.) A. fmt aleph.txt B. nl aleph.txt C. cat -b aleph.txt D. cat -n aleph.txt E. od -nl aleph.txt

b, c. d

Which service script in the /etc/init.d/ directory is not related to NFS A netfs B nfslock C rpcsvcgssd D ncsd

d

Users may be able to abuse a program's features, thus doing more damage than would otherwise be possible Which of the following are risks of SUID and SGID programs?

The program files are large and thus may cause a disk to run out of space.

In Vi's command mode, you type: q!. What is the effect?

The program terminates without saving your work

Which of the following tools would be most appropriate to periodically scan all Linux servers for vulnerabilities? a. Nessus® b. Tripwire c. AIDE d. Snort

a

You want to run an interactive script, gabby, which produces a lot of output in response to the user's inputs. To facilitate future study of this script, you want to copy its output to a file. How might you do this? A. gabby > gabby-out.txt B. gabby | tee gabby-out.txt C. gabby < gabby-out.txt D. gabby &> gabby-out.txt E. gabby `gabby-out.txt`

b

RHEL and SLE are examples of

commercial distributions

You prefer the look of GTK+ widgets to Qt widgets, so you want to substitute the GTK+ libraries for the Qt libraries on your system. How would you do this? A. You must type ldconfig --makesubs=qt,gtk. This command substitutes the GTK+ libraries for the Qt libraries at load time. B. You must uninstall the Qt library packages and re-install the GTK+ packages with the --substitute=qt option to rpm or the --replace=qt option to dpkg. C. You must note the filenames of the Qt libraries, uninstall the packages, and create symbolic links from the Qt libraries to the GTK+ libraries. D. You can't easily do this; libraries can't be arbitrarily exchanged for one another. You would need to rewrite all the Qt-using programs to use GTK+. E. You must reboot the computer and pass the subst=qt,gtk option to the kernel. This causes the kernel to make the appropriate substitutions.

d

Which of the following statements is true about binary RPM packages that are built for a particular distribution? A. License requirements forbid using the package on any other distribution. B. They may be used in another RPM-based distribution only when you set the --convert-distrib parameter to rpm. C. They may be used in another RPM-based distribution only after you recompile the package's source RPM. D. They can be recompiled for an RPM-based distribution running on another type of CPU. E. They can often be used on another RPM-based distribution for the same CPU architecture, but this isn't guaranteed.

e

You type echo $PROC, and the computer replies Go away. What does this mean? A. No currently running processes are associated with your shell, so you may log out without terminating them. B. The remote computer PROC isn't accepting connections; you should contact its administrator to correct the problem. C. Your computer is handling too many processes; you must kill some of them to regain control of the computer. D. Your central processing unit (CPU) is defective and must be replaced as soon as possible. E. You, one of your configuration files, or a program you've run has set the $PROC envi- ronment variable to Go away.

e

You type jobs at a bash command prompt and receive a new command prompt with no intervening output. What can you conclude? A. The total CPU time used by your processes is negligible (below 0.1). B. No processes are running under your username except the shell you're using. C. The jobs shell is installed and working correctly on the system. D. The system has crashed; jobs normally returns a large number of running processes. E. No background processes are running that were launched from the shell you're using.

e

What is the native package manager for Ubuntu and other Debian-based distributions? a. emerge b. yum c. zypper d. apt

d

The different releases of Linux are known as

distribution or distro

A new Linux administrator plans to create a system with separate /home, /usr/local, and /etc partitions. Which of the following best describes this configuration? A. The system won't boot because critical boot-time files reside in /home. B. The system will boot, but /usr/local won't be available because mounted partitions must be mounted directly off their parent partition, not in a subdirectory. C. The system will boot only if the /home partition is on a separate physical disk from the /usr/local partition. D. The system will boot and operate correctly, provided each partition is large enough for its intended use. E. The system won't boot because /etc contains configuration files necessary to mount non-root partitions.

e

To add a new group to your system you must use the __________ command.

groupadd

To delete an existing group, you must use the ______________ command.

groupdel

To modify an existing group, you must use the

groupmod

Which of the following commands can be used to add the users Superman, Batman and WonderWoman to a group called JusticeLeague that already exists on a Linux System?

groupmod -A "Superman,Batman,WonderWoman" JusticeLeague

The command that can be used to set up an encrypted password for a traditional GRUB configuration file is __________.

grub-md5-crypt

Which of the following are valid block devices on most default linux distributions?

hard disks loopback devices

The /etc/shadow file

is the encrypted password file

Which of the following is the GRUB 2 boot loader configuration file?

/boot/grub/grub.cfg

What does the configure script do in an application's install directory?

It checks the local system to verify that the necessary components are available. It creates the Makefile file.

LILO stands for______

Linux Loader

You're planning to install Linux on a system that you have built out of spare parts. Several components are not listed on your distributions HCL. What should you do?

Replace the incompatible parts with supported parts.

A multi-user operating system is capable of providing services for many users on the system concurrently

T

Linux associates each partition as a separate device.

T

Linux may not support your hardware by default

T

Linux, for the most part, adopts the monolithic kernel architecture.

T

The Open Source/GNU movement was started by Richard Stallman.

T

An ext4 filesystem on /dev/sda3 is being checked every time you reboot your computer. You suspect it may have an incorrect value set that's causing the system to check it after every mount operation. How can you test this hypothesis? A. Type dumpe2fs -h /dev/sda3 and examine the maximum mount count and maximum check interval values. B. Type tune2fs -c 26 /dev/sda3 and examine the filesystem check values. C. Type tune4fs -c 26 /dev/sda3 and examine the filesystem check values. D. Type resize2fs /dev/sda3 and examine the inode count and disk percentage values.

a

From the following options, select a security advantage of open source software. A. The efforts of the open source community B. Secrecy in the source code C. No information is released before a solution is available D. None of the above

a

How do the > and >> redirection operators differ? A) The > operator creates a new file or overwrites an existing one; the >> operator creates a new file or appends to an existing one. B) The > operator creates a new file or overwrites an existing one; the >> operator appends to an existing file or issues an error message if the specified file doesn't exist. C) The > operator redirects standard output; the >> operator redirects standard error. D) The > operator redirects standard output; the >> operator redirects standard input. E) The > operator writes to an existing file but fails if the file doesn't exist; the >> operator writes to an existing file or creates a new one if it doesn't already exist.

a

If you try to change files remotely on a shared NFS directory as the root administrative user, what happens A. The chang fails, because the root user on one system is the nobody user on another system B. The change is successful C. The change is successful even if the NFS directory is shared inread-only mode D. The change fails unless you log in with the root administrative password from the remote system

a

In a TrustedGRUB configuration file, which of the following directives refers to the first partition on the second hard drive? A. root (hd1,2) B. root (hd2,1) C. root (hd1,1) D. root (hd0,2)

a

The Linux open source license allows anyone to use, modify, and improve the _________. a. source code b. distributions c. applications d. None of the above

a

The theory of configuring a bastion host is one in which the server has: a. A specific function and minimal services installed to provide its designated services b. A firewall configured to allow access to local users only c. Many services running so as to make the most use of the hardware d. A WAN connection that runs all organizations' public services on the same server

a

What does the pwd command Accomplish? A. it prints the name of the working directory B. it changes the current working directory C. it prints wide displays on narrow paper D. It parses Web URLs for display E. it prints the terminal's width in characters

a

What is the best course of action if you want to take control of those packages that are updated on your distribution? A. Create your own update repository. B. Deselect the packages that should not be updated. C. Change to a different distribution. D. Use the update repositories from a different distribution.

a

What is the effect of the following command? $ pr report.txt | lpr A. The file report.txt is formatted for printing and sent to the lpr program. B. The files report.txt and lpr are combined together into one file and sent to standard output. C. Tabs are converted to spaces in report.txt, and the result is saved in lpr. D. The file report.txt is printed, and any error messages are stored in the file lpr. E. None of the above

a

What is the minimum safe procedure for removing a USB flash drive, mounted from /dev/ sdb1 at /media/usb, from a Linux computer? A. Type umount /media/usb, wait for the command to return and disk-activity lights to stop, and then unplug the drive. B. Unplug the drive, and then type umount /media/usb to ensure that Linux registers the drive's removal from the system. C. Unplug the drive, and then type sync /dev/sdb1 to flush the caches to ensure problems don't develop. D. Type usbdrive-remove, and then quickly remove the disk before its activity light stops blinking. E. Type fsck /dev/sdb1, wait for the command to return and disk-activity lights to stop, and then unplug the drive

a

What is the primary mission of the Electronic Frontier Foundation (EFF)? a. Protection of consumer digital rights b. Set security standards c. Provide Linux security certification d. Ensure Linux kernel compatibility with most hardware

a

What is the purpose of the /etc/mtab file? A. It describes the filesystems that are currently mounted, using syntax similar to that of /etc/fstab. B. It controls the filesystems that the automounter mounts in response to attempts to access empty subdirectories. C. It provides information on the UUID values and filesystem types contained in all partitions. D. It summarizes the filesystems currently available to the Linux kernel -- that is, those you can mount.

a

What is the surest way to run a program (say, myprog) that's located in the current working directory? A. Type ./ followed by the program name: ./myprog. B. Type the program name alone: myprog. C. Type run followed by the program name: run myprog. D. Type /. followed by the program name: /.myprog. E. Type the program name followed by an ampersand (&): myprog &.

a

Which of the following statements is true about using a mandatory access control system on Linux? a. Properly setting up a mandatory access control system requires discipline and configuration knowledge. b. A mandatory access control system adds overhead to the kernel that renders it unnecessary to use. c. A mandatory access control system on Linux is generally considered to be a security risk. d. A mandatory access control system cannot be used in conjunction with a firewall.

a

Which of the following umask values will result in files with rw-r----- permissions? A. 640 B. 210 C. 022 D. 027

a

You discover that an MBR hard disk has partitions with type codes of 0x0f, 0x82, and 0x83. Assuming these type codes are accurate, what can you conclude about the disk? A. The disk holds a partial or complete Linux system. B. The disk holds DOS or Windows 9x/Me and Windows NT/200x/XP installations. C. The disk holds a FreeBSD installation. D. The disk is corrupt; those partition type codes are incompatible. E. The disk holds a Mac OS X installation.

a

You type mkdir one/two/three and receive an error message that reads, in part, No such file or directory. What can you do to overcome this problem? A. Add the - warrants parameter to the llkdi r command. B. Issue three separate mkdir commands: mkdir one, then mkdir one/two, and then mkdir one/two/three. c. Type touch /bin/mkdir to be sure the mkdir program file exists. D. T) pe "(Hr one (0 clear away the interfering base at (he desired new directory tree- E. Type slum one/m/three instead nf "if manna/three.

a

You use top to examine the CPU time being consumed by various processes on your system. You discover that one process, dfcomp, is consuming more than 90 percent of your system's CPU time. What can you conclude? A. Very little; dfcomp could be legitimately consuming that much CPU time, or it could be an unauthorized or malfunctioning program. B. No program should consume 90 percent of available CPU time; dfcomp is clearly mal-functioning and should be terminated. C. This is normal; dfcomp is the kernel's main scheduling process, and it consumes any unused CPU time. D. This behavior is normal if your CPU is less powerful than a 2.5GHz EM64T Pentium, but on newer systems, no program should consume 90 percent of CPU time. E. This behavior is normal if your CPU has at least four cores, but on systems with fewer cores than this, no program should consume 90 percent of CPU time.

a

You want to create a link from your home directory on your hard disk to a directory on a CD-ROM drive. Which of the following types of links might you use? A. Only a symbolic link. B. Only a hard link. C. Either a symbolic or a hard link. D. None of the above; such links aren't possible under Linux.

a

You want to discover the sizes of several dot files in a directory. Which of the following commands might you use to do this? A.ls -la B. ls -p C. ls -R D.ls -d

a

You're using a third-party Linux driver that creates device files called /dev/pd-c0-aout, /dev/pdc0-din, and several more of this form. You want to give users in the exper group full read/write access to these device while keeping other users from accessing them. What udeve rule can accomplish this goal? A. KERNEL=="pd-c?-*", GROUP="exper", MODE="0660" B. KERNEL=="pd-c?-*", GROUP=="exper", MODE="0660" C. KERNEL=="pd-c7-*", GROUP=="exper", MODE=="0660" D. KERNEL=="pd-c0-*", GROUP=="exper", MODE="0666"

a

which of the following is NOT an OSSTMM audit phase? A. Licensing B. Regulatory C. Definitions D. Information

a

Which of the following commands would you type to update the unzip program on a Fedora system to the latest version?(Select all that apply.) A. yum update unzip B. yum upgrade unzip C. yum -u unzip D. yum -U unzip

a, b

Which of the following methods can be used to recover from an unbootable situation in Linux, minimizing any risk of lost data? (select 2) A. Recovery mode B. Live CD C. Reinstalling Linux D. UEFI modification

a, b

What filesystem options might you specify in /etc/fstab to make a removable disk (USB pen drive, Zip disk, floppy disk, and so on) user-mountable?(Select all that apply.) A. user B. users C. owner D. owners

a, b, c

Which runlevels are reserved by init for reboot, shutdown, and single-user mode purposes? (Select three.) A. 0 B. 1 C. 2 D. 5 E. 6

a, b, e

Which of following packages implements TPM support on Linux? (select 2) A. tpm-tools B. tpm-drm C. trousers D. tcg

a, c

Which of the following features can you adjust with tune2fs?(Select all that apply.) A. The presence of a journal B. The size of the filesystem C. The filesystem's UUID value D. The owner of all the files on the filesystem

a, c

Which of the following file-location commands is likely to take the most time to find a file that might be located anywhere on the computer? A.The findcommand. B. The locatecommand. C. The whereiscommand. D.They're all equal in speed.

a, c

Which files contain essential system information such as IRQs,(direct memory access channels) DMA channels, and I/O addresses?(Select three.) A. /proc/ioports B. /proc/ioaddresses C. /proc/dma D. /proc/interrupts E. /proc/hardware

a, c, d

A discretionary access control for a file is a control mechanism that can be set by _______. a. the root user b. a system administrator c. the GRUB d. the user owner of the file

a, d

What is wrong with the following /etc/fstab file entry? (Select all that apply.) /dev/hda8 nfs default 0 0 A. The entry is missing a mount point specification. B. All /etc/fstab fields should be separated by commas. C. The default option may only be used with ext2 filesystems. D. /dev/hda8 is a disk partition, but nfs indicates a network filesystem.

a, d

What option to mkisofs would you use if you want a computer running Microsoft Windows 7 to be able to read long filenames on a CD-R or DVD created with Linux? (Choose all that apply.) A. -J B. -r C. -hfs D. -udf

a, d

An administrator types the following command on an RPM-based Linux distribution: # rpm -ivh megaprog.rpm What is the effect of this command? A. If the megaprog package is installed on the computer, it is uninstalled. B. If the megaprog.rpm package exists, is valid, and isn't already installed on the computer, it is installed. C. The megaprog.rpm source RPM package is compiled into a binary RPM for the computer. D. Nothing; megaprog.rpm isn't a valid RPM filename, so rpm will refuse to operate on this file. E. The megaprog.rpm package replaces any earlier version of the package that's already installed on the computer.

b

Consider the following entry in /etc/passwd: ksanders:x:1001:100:Kimberly Sanders:/home/ksanders:/bin/bash What is the primary group for this user? (Choose two.) 1. home 2. 1001 3. 100 4. users 5. ksanders 6. video a. 1, 2 b. 3, 4 c. 3, 5 d. 5, 6

b

How should you configure a system that uses Yum to access an additional Yum software repository? A. Edit the /etc/apt/sources.list file to include the repository site's URL, as detailed on the repository's Web site. B. Download a package from the repository site and install it with RPM, or place a configuration file from the repository site in the /etc/yum.repos.d directory. C. Use the add-repository subcommand to yum or the Add Repository option in the File menu in yumex, passing it the URL of the repository. D. Edit the /etc/yum.conf file, locate the [repos] section, and add the URL to the repository after the existing repository URLs. E. Edit the /etc/yum.conf file, locate the REPOSITORIES= line, and add the new repository to the colon-delimited list on that line.

b

Packages associated with SSH include a client for which of the following protocols? A. Samba B. FTP C. Telnet D. SMTP

b

The /etc/auto.master The /etc/auto.master file on ganymede.example file on ganymede.example.com contains the following line: /mnt/net /etc/auto.servers The /etc/auto.servers file includes the following line: templates europa.example.com: /data/templates What file should a user on ganymede.example.com access to read the /data/templates/iceflow.txt file on europa.example.com? A. /mnt/net/iceflow.txt B. /mnt/net/templates/iceflow.txt C. /data/templates/iceflow.txt D. /data/templates /mnt/net/iceflow.txt ganymede.example file on ganymede.example.com contains the following line: /mnt/net /etc/auto.servers The /etc/auto.servers file includes the following line: templates europa.example.com: /data/templates What file should a user on ganymede.example.com access to read the /data/templates/iceflow.txt file on europa.example.com?

b

The /usr/directory contains programs that are generally accessible to all users. This directory can be secured by mounting it a. as read-write b. as read-only c. as SWAP type d. remotely

b

The GRUB 2.0 menu is hidden during the boot process. Which of the following keys, when pressed at the appropriate time, reveals the menu? A. Alt B. Shift C. Del D. Ctrl

b

The WINE application is an example of a process that runs in ______. a. network service mode b. user space c. hidden mode d. kernel space

b

The default mandatory access control system used for Red Hat distributions is ______. a. AppArmor b. SELinux c. Logwatch d. GRUB

b

To apply administrative privileges for one instance of the su command, which switch do you use? a. -a b. -c c. -f d. -h

b

Typing fdisk -l /dev/sda on a Linux computer with an MBR disk produces a listing of four partitions: /dev/sda1, /dev/sda2, /dev/sda5, and /dev/sda6. Which of the following is true? A. The disk contains two primary partitions and two extended partitions. B. Either /dev/sda1 or /dev/sda2 is an extended partition. C. The partition table is corrupted; there should be a /dev/sda3 and a /dev/sda4 before /dev/sda5. D. If you add a /dev/sda3 with fdisk, /dev/sda5 will become /dev/sda6 and /dev/sda6 will become /dev/sda7. E. Both /dev/sda1 and /dev/sda2 are logical partitions.

b

What is Pre-boot eXecution Environment (PXE) associated with? a. Kernel development b. Linux installation over a network c. Security services d. Drive mounting

b

What is the effect of the following udev rule, when placed in the /etc/udev/rules.d/99-my.rules files? KERNEL=="video*", DRIVER=="saa7134", SYMLINK+="video-A180" A. It forces loading of the saa7134 driver for a video device for which a symbolic link called /dev/video-A180 exists. B. It creates a symbolic link called /dev/video-A180 that points to the primary device file for a video device that has a driver called saa7134. C. It registers the name of a driver as saa7134 for all video devices. D. It links the existing /dev/video-A180 device file to the hardware that's managed by the saa7134 driver.

b

What is the preferred method of adding a directory to the library path for all users? A. Modify the LD_LIBRARY_PATH environment variable in a global shell script. B. Add the directory to the /etc/ld.so.conf file, and then type ldconfig. C. Type ldconfig /new/dir, where /new/dir is the directory you want to add. D. Create a symbolic link from that directory to one that's already on the library path. E. Type ldd /new/dir, where /new/dir is the directory you want to add.

b

What is the purpose of the following iptables command? iptables -I INPUT -m state -- state -m tcp -p tcp --dport 22 -j ACCEPT a. To allow all output from the server to port 22 b. To allow all incoming connections to port 22 by inserting the rule at the top of the chain c. To append a rule at the bottom of the chain to allow port 22 d. To accept connections to source port 22 for all outgoing connections

b

Which directory renders many application unusable, including logging into the GUI, if the space allocated to the /tmp/filesystem is full? a. /etc/ b. /tmp/ c. /bin/ d. /var/

b

Which of the following /etc/fstab entries will mount /dev/sdb2 as the /home directory at boot time? A. /dev/sdb2 reiserfs /home defaults 0 0 B. /dev/sdb2 /home reiserfs defaults 0 0 C. /home reiserfs /dev/sdb2 noauto 0 0 D. /home /dev/sdb2 reiserfs noauto 0 0

b

Which of the following OSSTMM channels is associated with wireless security? A. COMSEC B. SPECSEC C. PHYSSEC D. WIRESEC

b

Which of the following authentication tools work locally? A. NIS B. PAM C. LDAP D. Winbind

b

Which of the following best summarizes the differences between DOS's FDISK and Linux's fdisk? A. Linux's fdisk is a simple clone of DOS's FDISK but written to work from Linux rather than from DOS or Windows. B. The two are completely independent programs that accomplish similar goals, although Linux's fdisk is more flexible. C. DOS's FDISK uses GUI controls, whereas Linux's fdisk uses a command-line interface, but they have similar functionality. D. Despite their similar names, they're completely different tools—DOS's FDISK handles disk partitioning, whereas Linux's fdisk formats floppy disks.

b

Which of the following commands can be used to summarize the quota information about all filesystems? A. repquota B. repquota -a C. quotacheck D. quotacheck -a

b

Which of the following commands is implemented as an internal command in bash? A Cat, B echo, C tee D sed

b

Which of the following components make up the core of the Linux operating system? A. Cloned software from UNIX B. The kernel C. Linux libraries D. Linux services

b

Which of the following kernel types is most likely to address the most RAM? A. Desktop B. Server C. Virtual machine D. Generic

b

Which of the following options is NOT used to block access form certain IP address? A. iptables B. SELinux C. TCP Wrappers D. Extended internet super server

b

You need to change the permissions on a file called spock.odt such that the owner can read and write to the file, users who are members of the group can read and write to the file and users who are not the owner and not part of the owning group can only read the file. Which command will do this? A. chmod 755 B. chmod 664 C. chmod 655 D. chmod 446

b

You see the usrquota and grpquota options in the /etc/fstab entry for a filesystem. What is the consequence of these entries? A.Quota support will be available if it's compiled into the kernel; it will be automatically activated when you mount the filesystem. B. Quota support will be available if it's compiled into your kernel, but you must activate it with the quotaoncommand. C. Quota support will be disabled on the filesystem in question unless you activate it with the quotaoncommand. D.Nothing; these options are malformed and so will have no effect

b

You want to change to single-user mode on a running system. What command might you use to do this? A. runlevel 1 B. telinit 1 C. shutdown -1 D. single-user E. halt to 1

b

You want to track down all the files in /home that are owned by karen. Which of the following commands will do the job? A. find /home -uid karen B. find /home -user karen C. locate /home -username karen D. locate /home karen

b

You want to use /media/cdrom to access your CD-ROM drive, so you insert a CD-ROM into the drive and type mount /media/cdrom /dev/cdrom as root. You receive the error message /media/cdrom is not a block device. Why did this happen? A.You must first prepare the mount point by typing mountpoint /mnt/cdrom; only then will the mountcommand succeed. B. The command reverses the order of the CD-ROM device file and the mount point; it should be mount /dev/cdrom /mnt/cdrom. C. The /dev/cdromfilename is not valid; you must determine what device file is associated with your CD-ROM drive. D.The CD-ROM is defective or the CD-ROM drive is malfunctioning. Try another CD-ROM and, if necessary, replace the drive.

b

You've received an ASCII text file (longlines.txt) that uses no carriage returns within paragraphs but two carriage returns between paragraphs. The result is that your preferred text editor displays each paragraph as a very long line. How can you reformat this file so that you can more easily edit it (or a copy)? A. sed 's/Ctrl-</NL/' longlines.txt B. fmt longlines.txt > longlines2.txt C. cat longlines.txt > longlines2.txt D. pr longlines.txt > longline2.txt E. grep longlines.txt > longlines2.txt

b

Your /etc/fstab file contains the following entry: /dev/sdc5 / ext4 defaults 1 1 Unfortunately, the order in which your three hard disks is detected vaires randomly from one boot to another which makes this etry problematic. how might you change the entry to fix this problem? A. Replace /dev/sdc5 with a drive letter specification, such as DRIVE=D:, obtaining the drive letter from GNOME's file browser, Nautilus. B. Replace /dev/sdc5 with a UUID specification, such as UUID=ab4cdbdd-b9b3-404a-9a54-c1691f1f1483, obtaining the UUID value using blkid. C. Replace the mount point, /, with the drive-independent mount point specification of //rootdevice//; and change defaults to rootdrive. D. Replace the mount point, /, with an appropriate LABEL= specification, such as LABEL=root, obtaining the LABEL value using dumpe2fs.

b

______ are the on/off settings in SELinux that allow or deny access for a service to interact with an object. a. Switches b. Booleans c. Triggers d. ACLs

b

Which of the following commands are commonly used to create archive files? A. restore B. tar C. tape D. cpio

b, d

Which of the following options can be subtituted for a partition device in the /etc/fstab configuration file? (select 2) A. sysfs B. LABEL C. /proc D. UUID

b, d

A text-mode program, verbose, prints a lot of spurious "error" messages to standard error. How might you get rid of those messages while still interacting with the program? A. verbose | quiet B. verbose &> /dev/null C. verbose 2> /dev/null D. verbose > junk.txt E. quiet-mode verbose

c

As specified in the FHS, log files are generally found in the _____ directory. a. /home/ b. /root/ c. /var/ d. /etc/

c

From the following answers, what is NOT addressed by TPM chip? A. DRM B. Disk encryption C. KVM virtual machines D. Chain of trust

c

From the following list, which is a system management tool for Linux? A. Red Hat Zenworks B. The Ubuntu network C. Landscape D. Systems management server

c

Under OSSTMM, security audits are divided into how many channels? a. 1 b. 2 c. 3 d. 4

c

You run Linux's fdisk and modify your partition layout. Before exiting the program, you realize that you've been working on the wrong disk. What can you do to correct this problem? A. Nothing; the damage is done, so you'll have to recover data from a backup. B. Type w to exit fdisk without saving changes to disk. C. Type q to exit fdisk without saving changes to disk. D. Type u repeatedly to undo the operations you've made in error. E. Type t to undo all the changes and return to the original disk state.

c

You want to boot a Linux system into single-user mode. What might you type at a LILO boot: prompt to accomplish this task? A. s B. single-user C. linux 1 D. telinit 6

c

You want to store the standard output of the ifconfig command in a text file (file.txt) for future reference, and you want to wipe out any existing data in the file. How can you do so? A. ifconfig < file.txt B. ifconfig >> file.txt C. ifconfig > file.txt D. ifconfig | file.txt E. ifconfig 2> file.txt

c

You've downloaded the latest version of your Linux distribution as a 4 GB DVD image file (distrib.iso). Which of the following commands will burn this file to a blank DVD, assuming your DVD drive can be accessed as /dev/dvdrw? A. growisofs -Z /dev/dvdrw distrib.iso B. cdrecord -Z /dev/dvdrw distrib.iso C. growisofs -Z /dev/dvdrw=distrib.iso D. mkisofs -o /dev/dvdrw -i distrib.iso

c

Your Lan is on the 192.168.0.0/24 network. Which of the following virtual machine network options give local virtual machines addresses on that network A Host-only B NAT C Bridged D DHCP

c

from a security perspective, what is the advantage of SAMBA over NFS when installed with the standard configuration? a. Samba can be configured to allow access by IP address or host name. b. Samba requires a Kerberos key to authenticate. c. Samba has username and password authentication as part of its built-in functionality. d. Samba requires encryption

c

Typing ls -ld wonderjaye reveals a symbolic file mode of drwxr-xr-x. Which of the following are true? (Select all that apply.) A. wonderjaye is a symbolic link. B. wonderjaye is an executable program. C. wonderjaye is a directory. D. wonderjaye may be read by all users of the system.

c, d

Which two of the following commands are equivalent to one another? (Choose two.) A. nice --value 10 crunch B. nice -n -10 crunch C. nice -10 crunch D. nice crunch

c, d

You've just repartitioned a non-boot disk, added a swap partition to it (/dev/sdb7), created swap space on the partition. How can you activate the new swap partition. How can you activate the new swap partition?(Select all that apply.) A. mount /dev/sdb7 B. mkswap /dev/sdb7 C. swapon /dev/sdb7 D. swapon -a

c, d

Enter the command on Red Hat distributions that includes the defaults status of services with /etc/init.d/ scripts at each run level:

chkconfig --list

The actual Stage 2 image is the __________ of the GRUB

core

A user types kill -9 11287 at a bash prompt. What is the probable intent, assuming the user typed the correct command? a. To cut off a network connection using TCP port 11287 b. To display the number of processes that have been killed with signal 11287 in the last nine days c. To cause a server with process ID 11287 to reload its configuration file d. To terminate a misbehaving or hung program with process ID 11287 e. To increase the priority of the program running with process ID 11287

d

After booting, one of your hard disks doesn't respond. What might you do to find out what's gone wrong? A. Check the /var/log/diskerror log file to see what's wrong. B. Verify that the disk is listed in /mnt/disks. C. Check the contents of /etc/inittab to be sure it's mounting the disk. D. Type dmesg | less, and peruse the output for disk-related messages. E. Check the menu.lst, grub.conf, or grub.cfg configuration file.

d

As root, you type apt-get update on a Debian system. What should be the effect of this command? A. None; update is an invalid option to apt-get. B. The APT utilities deliver information about the latest updates you've made to the APT Internet repositories, enabling you to share your changes with others. C. The APT utilities download all available upgrades for your installed programs and install them on your system. D. The APT utilities retrieve information about the latest packages available so that you may install them with subsequent apt-get commands. E. The APT utilities update themselves, ensuring you're using the latest version of APT.

d

Enter the ____ command to open and edit the /etc/sudoers file in a command-line console a. usermod b. sudo <username> c. sudoers d. visudo

d

In an xterm window launched from your window manager, you type exec gedit. What will happen when you exit from the gedit program? A. Your shell will be a root shell B. The gedit program will terminate, but nothing else unusual will happen. C.Your X session will terminate. D.The xterm window will close. E.A new instance of gedit will be launched.

d

What can you conclude from the following interaction?<br>$ which man<br>/usr/bin/man A.The only file called manon the system is in /usr/bin. B. The /usr/bin/manprogram was installed by system package tools. C. The /usr/bin/manprogram will be run by any user who types man. D.The first instance of the manprogram, in path search order, is in /usr/bin

d

What is a TPM chip used for? a. Password protection b. Software license protection c. Disk encryption d. All of the above

d

What is a difference between security vulnerabilities associated with open source software and proprietary software? a. Vulnerabilities in propriety software are immediately known and fixed. b. Open source software vulnerabilities can take months to fix because most people working on the software are volunteers. c. There are more resources for testing proprietary software. Therefore, vulnerabilities are usually not an issue with proprietary software. d. Typically, open source software vulnerabilities are immediately made public

d

What is an advantage of a journaling filesystem over a conventional (non-journaling) filesystem? A. Journaling filesystems are older and better tested than non-journaling filesystems. B. Journaling filesystems never need to have their filesystems checked with fsck. C. Journaling filesystems support Linux ownership and permissions; non-journaling filesystems don't. D. Journaling filesystems require shorter disk checks after a power failure or system crash. E. Journaling filesystems record all transactions, enabling them to be undone.

d

What is included in a typical Linux distribution? a. Kernel only b. Kernel and tools only c. Kernel, tools, and libraries only d. Kernel, tools, libraries, and applications

d

Which command changes file ownership in Linux? a. chmod b. chfile c. chgrp d. chown

d

Which command is used to install GRUB into the MBR of your first ATA hard drive? A. grub (hd0,1) B. grub-install /dev/hda1 C. lilo /dev/hda D. grub-install /dev/hda

d

Which file permission is not an example of discretionary access control? a. Read b. Write c. Execute d. Boolean

d

Which filesystem is a good candidate for mounting in read-only mode? a. /tmp/ b. /var/ c. /root/ d. /boot/

d

Which of the following PAM modules is least related to login information? A auth B account C password D session

d

Which of the following can you configure as a separate filesystem? a. /boot/ b. /var/ftp/ c. /home/user/ d. All of the above

d

Which of the following commands can be used to revise expiration information on a user password A useradd B passwd C grouppmod D chage

d

Which of the following commands may not be used instead of shutdown in certain circumstances (with appropriate options added to one or the other command) A. reboot B. halt C. poweroff D. takedown

d

Which of the following commands would you type to give all users read access to the file myfile.txt? (Assume that you're the owner of myfile.txt.) A. chmod 741 myfile.txt B. chmod 0640 myfile.txt C. chmod u+r myfile.txt D. chmod o+r myfile.txt

d

Which of the following directories is most likely to be placed on its own hard disk partition? A. /bin B. /sbin C. /mnt D. /home

d

Which of the following is not an advantage of a source package over a binary package? A. A single source package can be used on multiple CPU architectures. B. By recompiling a source package, you can sometimes work around library incompat- ibilities. C. You can modify the code in a source package, thus altering the behavior of a program. D. Source packages can be installed more quickly than binary packages can. E. You may be able to recompile source code for a non-Linux Unix program on Linux.

d

Which of the following is the LILO boot loader configuration file? A. /dev/lilo B. The MBR C. /boot/lilo/lilo.conf D. /etc/lilo.conf

d

You type a command into bash and pass a long filename to it, but after you enter the command, you receive a File not found error message because of a typo in the filename. How might you proceed? A. Retype the command, and be sure you type the filename correctly, letter by letter. B. Retype the command, but press the Tab key after typing a few letters of the long filename to ensure that the filename is entered correctly. C. Press the Up arrow key, and use bash's editing features to correct the typo. D. Any of the above. E. None of the above.

d

You want to move a file from your hard disk to a USB pen drive. Which of the following is true? A. You'll have to use the --preserve option to mv to keep ownership and permissions set correctly. B. The mv command will adjust filesystem pointers without physically rewriting data if the pen drive uses the same filesystem type as the hard disk partition. C. You must use the same filesystem type on both media to preserve ownership and permissions. D. The mv command will delete the file on the hard disk after copying it to the pen drive.

d

You want to write files to a DVD+RW disc over a period of several days, retaining the ability to read the disc on another computer at a moment's notice. How can you accomplish this task? A. Use mke2fs to create an ext2 filesystem on the disc, mount it as if it were a hard disk, and write files to it. B. Use growisofs with its -J option to create a Joliet filesystem on the disc, mount it as if it were a hard disk, and write files to it. C. Use growisofs with it's --udf option to create a UDF filesystem on the disc, mount it as if it were a hard disk, and write files to it. D. Use mkudffs to create a UDF filesystem on the disc, mount it as if it were a hard disk, and write files to it.

d

You've installed a commercial spreadsheet program, called WonderCalc, on a workstation. In which of the following directories are you mostlikely to find the program executable file? A. /usr/sbin B. /etc/X11 C. /bin D. /opt/wcalc/bin

d

You've received a tarball called data79.tar from a colleague, but you want to check the names of the files it contains before extracting them. Which of the following commands would you use to do this? A. tar uvf data79.tar B. tar cvf data79.tar C. tar xvf data79.tar D. tar tvf data79.tar

d

How does man display information by default on most Linux systems? A. Using a custom X-based application B. Using the Firefox Web browser C. Using the info browser D. Using the Vi editor E. Using the less pager

e

To use dpkg to remove a package called theprogram, including its configuration files, which of the following commands would you issue? A. dpkg -e theprogram B. dpkg -p theprogram C. dpkg -r theprogram D. dpkg -r theprogram-1.2.3-4.deb E. dpkg -P theprogram

e

What command would you type (as root) to change the ownership of somefile.txt from ralph to tony? A. chown ralph:tony somefile.txt B. chmod somefile.txt tony C. chown somefile.txt tony D. chmod tony:ralph somefile.txt E. chown tony somefile.txt

e

What command would you type to obtain a list of all installed packages on a Debian system? A. apt-get showall B. apt-cache showpkg C. dpkg -r allpkgs D. dpkg -i E. dpkg--get-selections

e

What is an advantage of Vi over Emacs? A. Vi is X-based and so is easier to use than Emacs. B. Vi encodes text in EBCDIC, which is more flexible than Emacs' ASCII. C. Vi's mode-based operations permit it to handle non-English languages. D. Vi includes a built-in Web browser and email client; Emacs doesn't. E. Vi is smaller and so can fit on compact emergency systems and embedded devices.

e

What is the purpose of udev? A. To aid in the development of software B. To unload Linux device drivers C. To load Linux device drivers D. To store devices' BIOS configurations in files E. To manage the /dev directory tree

e

What mount point should you associate with swap partitions? A. / B. /swap C. /boot D. /mem E. None of the above

e

Enter the full path to the main configuration file associated with the extended internet super server:

/etc/xinetd.conf

Which of the following files is not normally readable by all users A /etc/passwd B /etc/shadow C /etc/group D /etc/login.defs

b

From which of the following files does the iptables command read ports of well-known services? a. /var/log/ports b. /etc/services c. /etc/fstab d. /root/known_hosts

b

Which of the following is one of the best descriptions for OSSTMM? a. A methodology to develop open source software b. A methodology used by open source security professionals to measure compliance c. A methodology to automate penetration tests on open source software d. A methodology to ensure that no open source systems can be compromised

b

Which of the following is the correct method to apply a new kernel built on a Linux system? a. Upgrade the existing kernel. b. Install it as a new kernel leaving the original kernel in place. c. Remove the original kernel and then install the new kernel. d. Once a Linux system has been deployed with a particular kernel, it is not possible to apply a new kernel.

b

Which of the following options for script in the /etc/init.d/ directory does not kick off users who are currently connected to a service A restart B reload C condreload D HUP

b

What are the advantages of virtualization in a Linux infrastructure? 1. Cost savings by purchasing less hardware 2. Cost savings by using less power 3. Security advantages with more bastion hosts a. Only 1 and 2 are correct b. Only 2 and 3 are correct c. Only 1 and 3 are correct d. 1, 2, and 3 are correct

c

Which command formats all Linux filesystems, Microsoft VFAT, and NTFS filesystems? a. format b. fdisk c. mkfs d. mount

c

AIDE can be described as: a. A firewall b. A vulnerability scanner c. A system process monitor d. A host-based intrusion detection software

d

Enter the _____ directory for PAM modules

/lib/security/

The open source license associated with the GNU project is __________.

General Public License (GPL)

The command that list currently loaded GPG key is ____

Gpg --list-key

A developer who just wants to create better software in the open source world is known as a __________.

Hackers


Related study sets

Ch. 11 - thyroid-stimulating hormone (TSH) and parathyroid hormone (PTH)

View Set

Organizational Management Chapter 14

View Set

TADCC Annex A: DE.01.01: Intro to Marine Aircraft Wing

View Set

CHAPTER 4 The Internal Assessment

View Set

545641561352135213521562685126523

View Set