09 Security Fundamentals Flashcards
T/F The user’s password is stored in /etc/passwd
False
In which file is the primary group for a user stored?
/etc/passwd
What is the default intrusion detection package called?
AIDE Advanced Intrusion Detection Environment
What do the file’s permissions or modes represented by three octal digits 755 mean?
Readable, writable and executable by the file’s owner. Readable and executable by the group and all others
if you need to make it so the account bob can use sudo, what file must you access?
/etc/sudoers.d/bob
what command is used to list and modify password aging values
chage
What is OpenSSl
A software library that provides encryption for applications in order to secure network communications
What is a network firewall
An entity that checks packet headers against a set of rules configured by the administrator
What would the content of the file for user student in the sudoers directory look like? Given all sudo permissions.
student ALL=(ALL:ALL) ALL
How many fields does an entry for a user in the /etc/passwd file have? And what are they?
7: username, password (an x, the pw is in shadow), user ID, Group ID, comment, home directory, default shell
how many fields are there for each entry in the /etc/shadow file and what are they?
9: username, encrypted password, last changed, min/max password age, password warning period, password inactivity period, account expiration date, and one reserved field for potential future use
what are the 7 types of files that can be represented in the metadata?
”-“ regular file
“d” directory entry
“l” soft link
“c” character device
“b” block device
“p” named pipe
“s” socket
What is an ACL
Access Control List, list of permissions associated with the file. Allows more than one user or group per file.
What is SELinux?
Security Enhanced Linux, finer grained access control. If something is not explicitly allowed the action is denied
What is AppArmor?
Linux kernel security module that lets sysadmins control a program’s capabilities and use of resources
What is GPG?
GNU Privacy Guard. Create keys, prepare keys for exchange with others, and manage keys.
What utility is often used to encrypt filesystems?
cryptsetup, often used on partitions
What are some applications that utilize OpenSSL?
https, ssh, OpenSSH, and postfix
What is the linux firewall and what are it’s two most common types?
Netfilter, two types are iptables and nftables. iptables is the older more simpler one, nftables is more advanced and flexible
in packet filtering, what does a INVALID state mean?
packet is associated with no known connection
in packet filtering, what does an ESTABLISHED state mean?
packet is associated with a connection that has seen packets in both directions
in packet filtering, what does a NEW state mean?
packet has started a new connection
in packet filtering, what does a RELATED state mean?
packet is starting a new connection but is associated with an existing connection
when packet filtering, what are some of the details given by a packet’s context
IP address and port destination
IP address and port source
Timer for idle connections
Packet length
TCP sequence
Packet fragmentation
Name the 5 IDS described by this course, besides AIDE
SELinux
Open Source Tripwire
Fail2ban
OSSEC
Snort
