FedVTE Linux Operating System Security 50 Questions with Verified Answers
What program could you use on a Linux system to securely copy files to a
... [Show More] Linux host running the SSH server daemon? - CORRECT ANSWER SCP
Single user mode in Linux is a security risk if a malicious actor has physical access to the host - CORRECT ANSWER True
SRM is a tool used to securely delete files from the file system - CORRECT ANSWER True
What software installation package format is used on Red Hat? - CORRECT ANSWER DPKG (?)
With IP Tables what default policy should be used for packets for maximum security? - CORRECT ANSWER DROP
IPSec PPTP and SSL are all examples of: - CORRECT ANSWER VPNs
A BASH script must be compiled into an executable object in order to run. - CORRECT ANSWER False
You can use SSH to tunnel and encrypt traffic between a client and a server. - CORRECT ANSWER True
Chroot confines a process to a specific directory - CORRECT ANSWER True
GID UID and EUID stand for: - CORRECT ANSWER Group User and Effective User Identification numbers
What is Unified Extensible Firmware Interface designed to do? - CORRECT ANSWER Prevent malicious actors from modifying the boot loader or booting the computer with a different operating system
Which of the following are package management programs which install or update or remove packages on a Linux system? - CORRECT ANSWER All
2003:da3:1637:ffff:ffff:ffff:ffff:ffff is an example of what type of address? - CORRECT ANSWER IPv6
Bro, Snort, Suricata are examples of what kind of Linux security feature? - CORRECT ANSWER Network Intrusion Detection Systems
In addition to the internal authentication via /etc/passwd and /etc/shadow files, what services can be used to authenticate users to a Linux host? - CORRECT ANSWER Fedora Directory Service (?)
What program could you use to create or edit a Linux BASH script? - CORRECT ANSWER All of the above
What program should be used to change a user password? - CORRECT ANSWER passwd
Why are there very few viruses on Linux? - CORRECT ANSWER All
When connecting to an untrusted wireless access points how can you increase your security and safety of using that access point? - CORRECT ANSWER Use a VPN to encrypt your traffic
If you use GRUB to manage different boot options on your Linux host and want to increase security especially for physical access you should - CORRECT ANSWER Configure GRUB to prompt for a password to boot a partition
A process is an address space and a set of data structures which track the process status priority owner signals and resources. - CORRECT ANSWER True
What hashing algorithms can be used to hash passwords in the /etc/shadow file? - CORRECT ANSWER All of these
Misconfigurations are a more likely security threat than viruses on Linux. - CORRECT ANSWER True
What type of attack is enabled by lack of input validation in applications? - CORRECT ANSWER SQL injection
If you wanted to protect a Linux system from being booted into single user mode which security feature would you configure and use? - CORRECT ANSWER GRUB
What base directory would you put a script in if you wanted it to automatically start when the operating system starts? - CORRECT ANSWER /etc/rc.d
Regularly reviewing user accounts on a system and disable old unused accounts is a good step to take in hardening a system. - CORRECT ANSWER True
RPM will check for dependencies and install them when installing a program. - CORRECT ANSWER True
Which documents or resources can you review for guidance on hardening a Linux system: - CORRECT ANSWER All of these
What tool is used to perform automated installs of Red Hat Linux? - CORRECT ANSWER Kickstart
To quickly deny a user access to the system set their login shell to /bin/false. - CORRECT ANSWER True
Which command could you use to update software on a Linux host? - CORRECT ANSWER Both apt-get upgrade and yum update
What programs could you use to remotely interact with a Linux system? - CORRECT ANSWER All
Which of the following is not a security misconfiguration on Linux? - CORRECT ANSWER Setting a GRUB password
Package repositories are collections of software and source files used by package management systems to install, update, and remove software on a Linux system. - CORRECT ANSWER True
When hardening a Linux system you should consider doing the following - CORRECT ANSWER All of the above
In a hardened Linux environment the firewalls default policy should be - CORRECT ANSWER Deny All (or Drop)
What does the command find / -xdev -nouser do? - CORRECT ANSWER Finds files that belong to user accounts that are no longer on the system
127.0.0.1 is an example of what type of address? - CORRECT ANSWER IPv4
What Linux security feature can be used to log, drop, reject, or alter packets? - CORRECT ANSWER IPTables
Scripting is a good way to automate manual or time intensive tasks such as backups or running programs on a scheduled basis or monitoring and checking system settings. - CORRECT ANSWER True
What program allows you to interactively execute programs or commands as the root user? - CORRECT ANSWER sudo
Which file in Linux tells the system which DNS server to use? - CORRECT ANSWER /etc/resolv.conf
What tool could you use to monitor current file system activity? - CORRECT ANSWER LSOF (?)
Why might you install a custom repository and direct all the Linux clients in your network to it? - CORRECT ANSWER All
An attacker who places an entry such as 74.213.42.219 www.cmu.edu in the /etc/hosts file could redirect users to a malicious server. - CORRECT ANSWER True
What program could you use to conduct a technical vulnerability scan of a Linux host? - CORRECT ANSWER Nessus
What service would you use to schedule a script to run at a certain pre-determined time? - CORRECT ANSWER cron
What is the most restrictive and secure setting for state and policy in SELinux? - CORRECT ANSWER Enforcing - Strict
The Pluggable Authentication Module (PAM) provides: - CORRECT ANSWER A centralized authentication functions for programs and applications on the system [Show Less]