ADV *NIX DAY 7

Question 1

A hashing tool which can be used to perform a manual file integrity on files

Answer 1

md5sum

Question 2

Initialize the Tripwire database.

Answer 2

tripwire -init

Question 3

Convert the text files into secure, cryptographically signed versions.

Answer 3

twadmin

Question 4

Accomplish an integrity check.

Answer 4

tripwire -check

Question 5

Add any changes/updates to the database.

Answer 5

tripwire -update

Question 6

View report generated after running an integrity check.

Answer 6

twprint -m r -twrfile /var/lib/tripwire/report/reportname

Question 7

A firewall used to place rules into a set of pre-defined chains(e.g., INPUT, OUTPUT, FORWARD), that are then compared to packets relevant to those chains.

Answer 7

iptables

Question 8

A network discovery and port scanning tool used for security auditing on local and remote networks.

Answer 8

nmap

Question 9

Describes system objects to monitor and identifies what properties for each object should be collected and stored in the database file.

Answer 9

/etc/tripwire/tw.pol

Question 10

Stores system-specific information, including location of Tripwire data files and settings to send email notifications.

Answer 10

/etc/tripwire/tw.cfg

Question 11

iptablesrules are stored and applied when the service is started or restarted, including when system is rebooted.

Answer 11

/etc/sysconfig/iptables