Chapter 10 - Securing Your System Flashcards

1
Q

what is a super server / super daemon?

10-525

A

this is a program that listens for network connections on behalf of another program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

linux has two primary super daemons. what are their names?

10-525

A

inetd

xinetd

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

the socket type entry tells the system what kind of connection to expect. tell me three of them and contrast them.

10-526

A

stream - reliable two way connection
dgram - less reliable connection with less overhead
raw - low-level connection to the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

how is xinetd an extended super daemon?

10-528

A

provides the functionality of the legacy inetd, but it also has security options that are similar to those of TCP wrappers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

there is a configuration tool you can use to bind a server only to the loopback interface. what is that tool?

10-529

A

Samba Web Administration Tool

SWAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

in linux, how do you program the packet filter firewall capabilities of the kernel?

10-530

A

set up the firewall rules by using the iptables program followed by various options

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

tell me 2 ways you can disable your unused servers for the sake of security

10-531

A

uninstall the package

reconfigure the server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

tell me 3 audit tools available to use for security reasons

10-531

A

netstat
lsof
remote network scanners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

when you want to quickly spot servers listening for connections, what command do you type?

10-533

A

netstat -lp

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

tell me 2 things that lsof is used for

10-534

A

identify what files are open

find who’s accessing those files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

the network scanner Nmap is used in security audits by scanning for what?

10-535

A

open ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what’s a scanning tool that is more user friendly than Nmap? (hint: built on top of Nmap and has a GUI)

10-537

A

Nessus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what would you use the fuser command for?

10-537

A

to determine the processes currently using a particular network port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

you need to move all password information from the /etc/password file to the locked-down /etc/shadow file. what command do you run to accomplish this?

10-541

A

pwconv

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

when mitigating password risks, you should use secure remote login protocols. tell me 2 protocols to disable and 2 to use instead and why

10-541

A

disable Telnet and FTP
use SSH and SFTP

because Telnet and FTP use cleartext passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

tell me how to build a strong password in 2 steps

10-542

A

choose a base that’s easy to remember but difficult to guess

modify that base in ways that increase the difficulty of guessing the password

17
Q

which is more secure, su or sudo?

10-545

A

sudo

18
Q

you will find 2 types of entries in the /etc/sudoers file. what are they?

10-546

A

aliases

user specification

19
Q

there are two primary commands for determining who is currently logged onto a system. what are they?

10-547

A

who

w

20
Q

if you want to see if anyone has been directly accessing the root account, what command do you use?

10-549

A

last root

21
Q

PAM (Pluggable Authentication Modules) limit lines consist of four fields. tell me what they are.

10-551

A

domain
type
item
value

22
Q

an example of a limit is:
@limited hard cpu 2

what does this mean?

10-552

A

hard CPU limit of 2 minutes applied to the limited group. members of the group can log in and run programs, but if a program consumes more than 2 minutes of CPU time, it will be terminated

23
Q

tell me 4 things that SSH does that makes it so awesome

10-555

A

encrypts the password exchange
encrypts all subsequent data transfers
provides file transfer features
provides the ability to tunnel other network protocols

24
Q

you have 2 config files.
one is sshd_config
the other is ssh_config
tell me the difference between the two

10-556

A

sshd_config controls the OpenSSH server

ssh_config controls the SSH client program ssh

25
Q

what command do you use to copy files via SSH?

10-559

A

scp

26
Q

to revoke a key

1-566

A

$ gpg –gen-revoke jennie@luna.edu

27
Q

super user prompt

normal user prompt

A

the pound sign

the dollar sign