Course 4 - Tools of the Trade: Linux and SQL Flashcards

1
Q

When you press the power button, you’re interacting with the hardware. This boots the computer and brings up the operating system. Booting the computer means that a special microchip called a BIOS is activated. On many computers built after 2007, the chip was replaced by the UEFI. Both BIOS and UEFI contain booting instructions that are responsible for loading a special program called the bootloader. Then, the bootloader is responsible for starting the operating system. Just like that, your computer is on.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

A virtual machine (VM) is a virtual version of a physical computer. Virtual machines are one example of virtualization. Virtualization is the process of using software to create virtual representations of various physical machines. The term “virtual” refers to machines that don’t exist physically, but operate like they do because their software simulates physical hardware. Virtual systems don’t use dedicated physical hardware. Instead, they use software-defined versions of the physical hardware. This means that a single virtual machine has a virtual CPU, virtual storage, and other virtual hardware. Virtual systems are just code.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

One benefit is that virtualization can provide an isolated environment, or a sandbox, on the physical host machine. When a computer has multiple virtual machines, these virtual machines are “guests” of the computer. Specifically, they are isolated from the host computer and other guest virtual machines. This provides a layer of security, because virtual machines can be kept separate from the other systems. For example, if an individual virtual machine becomes infected with malware, it can be dealt with more securely because it’s isolated from the other machines. A security professional could also intentionally place malware on a virtual machine to examine it in a more secure environment.

Note: Although using virtual machines is useful when investigating potentially infected machines or running malware in a constrained environment, there are still some risks. For example, a malicious program can escape virtualization and access the host machine. This is why you should never completely trust virtualized systems.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Virtual machines can be managed with a software called a hypervisor. Hypervisors help users manage multiple virtual machines and connect the virtual and physical hardware. Hypervisors also help with allocating the shared resources of the physical host machine to one or more virtual machines.

One hypervisor that is useful for you to be familiar with is the Kernel-based Virtual Machine (KVM). KVM is an open-source hypervisor that is supported by most major Linux distributions. It is built into the Linux kernel, which means it can be used to create virtual machines on any machine running a Linux operating system without the need for additional software.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A GUI is a user interface that uses icons on the screen to manage different tasks on the computer. Most operating systems can be used with a graphical user interface. If you’ve used a personal computer or a cell phone, you have experienced operating a GUI. Most GUIs include these components: a start menu with program groups, a task bar for launching programs, and a desktop with icons and shortcuts. All these components help you communicate with the OS to execute tasks. In addition to clicking on icons, when you use a GUI, you can also search for files or applications from the start menu. You just have to remember the icon or name of the program to activate an application.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Now let’s discuss the command-line interface. In comparison, the command-line interface, or CLI, is a text-based user interface that uses commands to interact with the computer. These commands communicate with the operating system and execute tasks like opening programs. The command-line interface is a much different structure than the graphical user interface. When you use the CLI, you’ll immediately notice a difference. There are no icons or graphics on the screen. The command-line interface looks similar to lines of code using certain text languages. A CLI is more flexible and more powerful than a GUI. Think about using a CLI like creating whatever meal you’d like from ingredients bought at a grocery store. This gives you a lot of control and customization about what you’re going to eat.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Because a CLI can accept multiple requests at one time, it’s more powerful when you need to perform multiple tasks efficiently. For example, if you had to create multiple new files in your system, you could quickly perform this task in a CLI. If you were using a GUI, this could take much longer, because you have to repeat the same steps for each new file.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

For security analysts, using the Linux CLI is helpful because it records a history file of all the commands and actions in the CLI. If you were using a GUI, your actions are not necessarily saved in a history file.

For example, you might be in a situation where you’re responding to an incident using a playbook. The playbook’s instructions require you to run a series of different commands. If you used a CLI, you’d be able to go back to the history and ensure all of the commands were correctly used. This could be helpful if there were issues using the playbook and you had to review the steps you performed in the command line.

Additionally, if you suspect an attacker has compromised your system, you might be able to trace their actions using the history file.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A microchip that contains loading instructions for the computer and is prevalent in older systems

A

Basic Input/Output System (BIOS):

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A software program that boots the operating system

A

Bootloader:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A text-based user interface that uses commands to interact with the computer

A

Command-line interface (CLI):

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A hardware component used for short-term memory

A

Random Access Memory (RAM):

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A user interface that uses icons on the screen to manage different tasks on the computer

A

Graphical user interface (GUI):

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A microchip that contains loading instructions for the computer and replaces BIOS on more modern systems

A

Unified Extensible Firmware Interface (UEFI):

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A virtual version of a physical computer

A

Virtual machine (VM):

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A program that allows the user to control the functions of the operating system

A

User interface:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The components of Linux include…

A

the user, applications, the shell, the Filesystem Hierarchy Standard, the kernel, and the hardware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The shell is a…

A

command line interpreter. It processes commands and outputs the results.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Another element of the architecture of Linux is the ________________. It’s the component of the Linux OS that organizes data. An easy way for you to think about the ____ is to think about it as a filing cabinet of data. The ____ is how data is stored in a system. It’s a way to organize data so that it can be found when the data is accessed by the system.

A

Filesystem Hierarchy Standard, or FHS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

The ________ is a component of the Linux OS that manages processes and memory. The _______ communicates with the hardware to execute the commands sent by the shell. The ________ uses drivers to enable applications to execute tasks. The Linux kernel helps ensure that the system allocates resources more efficiently and makes the system work faster.

A

kernel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Finally, the last component of the architecture is the hardware. Hardware refers to the physical components of a computer. You can compare this to software applications which can be downloaded into a system. The hardware in your computer are things like the CPU, mouse, and keyboard.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A directory is a file that organizes where other files are stored. Directories are sometimes called “folders,” and they can contain files or other directories. The FHS defines how directories, directory contents, and other storage is organized so the operating system knows where to find specific data.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Internal hardware
Internal hardware are the components required to run the computer. Internal hardware includes a main circuit board and all components attached to it. This main circuit board is also called the motherboard. Internal hardware includes the following:

The Central Processing Unit (CPU) is a computer’s main processor, which is used to perform general computing tasks on a computer. The CPU executes the instructions provided by programs, which enables these programs to run.

Random Access Memory (RAM) is a hardware component used for short-term memory. It’s where data is stored temporarily as you perform tasks on your computer. For example, if you’re writing a report on your computer, the data needed for this is stored in RAM. After you’ve finished writing the report and closed down that program, this data is deleted from RAM. Information in RAM cannot be accessed once the computer has been turned off. The CPU takes the data from RAM to run programs.

The hard drive is a hardware component used for long-term memory. It’s where programs and files are stored for the computer to access later. Information on the hard drive can be accessed even after a computer has been turned off and on again. A computer can have multiple hard drives.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

KALI LINUX ™ is a Debian-derived distribution, it contains many pre-installed tools for cybersecurity tasks, and it should be used on a virtual machine. It is an open-source distribution.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Metasploit can be used to look for and exploit vulnerabilities on machines.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Burp Suite is another tool that helps to test for weaknesses in web applications

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

John the Ripper is a tool used to guess passwords.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

tcpdump is a command-line packet analyzer. It’s used to capture network traffic.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Wireshark. It has a graphical user interface that can be used to analyze live and captured network traffic.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Autopsy is a forensic tool used to analyze hard drives and smartphones.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Ubuntu is an open-source, user-friendly distribution that is widely used in security and other industries. It has both a command-line interface (CLI) and a graphical user interface (GUI). Ubuntu is also Debian-derived and includes common applications by default. Users can also download many more applications from a package manager, including security-focused tools. Because of its wide use, Ubuntu has an especially large number of community resources to support users.

Ubuntu is also widely used for cloud computing. As organizations migrate to cloud servers, cybersecurity work may more regularly involve Ubuntu derivatives.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Parrot is an open-source distribution that is commonly used for security. Similar to KALI LINUX ™, Parrot comes with pre-installed tools related to penetration testing and digital forensics. Like both KALI LINUX ™ and Ubuntu, it is based on Debian.

Parrot is also considered to be a user-friendly Linux distribution. This is because it has a GUI that many find easy to navigate. This is in addition to Parrot’s CLI.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Red Hat Enterprise Linux is a subscription-based distribution of Linux built for enterprise use. Red Hat is not free, which is a major difference from the previously mentioned distributions. Because it’s built and supported for enterprise use, Red Hat also offers a dedicated support team for customers to call about issues.

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

CentOS is an open-source distribution that is closely related to Red Hat. It uses source code published by Red Hat to provide a similar platform. However, CentOS does not offer the same enterprise support that Red Hat provides and is supported through the community.

A
37
Q

Different package managers typically use different file extensions. For example, Red Hat Package Manager (RPM) has files which use the .rpm file extension, such as Package-Version-Release_Architecture.rpm. Package managers for Debian-derived Linux distributions, such as dpkg, have files which use the .deb file extension, such as Package_Version-Release_Architecture.deb.

A
38
Q

Package management tools
In addition to package managers like RPM and dpkg, there are also package management tools that allow you to easily work with packages through the shell. Package management tools are sometimes utilized instead of package managers because they allow users to more easily perform basic tasks, such as installing a new package. Two notable tools are the Advanced Package Tool (APT) and Yellowdog Updater Modified (YUM)

A
39
Q

Advanced Package Tool (APT)
APT is a tool used with Debian-derived distributions. It is run from the command-line interface to manage, search, and install packages.

A
40
Q

Yellowdog Updater Modified (YUM)
YUM is a tool used with Red Hat-derived distributions. It is run from the command-line interface to manage, search, and install packages. YUM works with .rpm files.

A
41
Q

The following contains a list of navigation tips and keyboard shortcuts you may find useful when completing your Linux labs. Your cursor must be in the terminal window to use these navigation tips and keyboard shortcuts.

CTRL + C: Terminates a command that is currently running; from the instructions portion of Qwiklabs, you can use CTRL + C to copy, but within the terminal, it will only terminate a command and if one isn’t running, it will display ^C at the prompt

CTRL + V: Pastes text

clear: Clears the terminal screen; this can also be done by entering CTRL + L

CTRL + A: Sets your cursor at the beginning of a command

CTRL + E: Sets your cursor at the end of a command

Left arrow key: Moves left within a command

Right arrow key: Moves right within a command

Up arrow key: Provides the last command you entered into the command line; can be entered multiple times to go through multiple commands from the command history

Down arrow key: Provides the next command in the command history; must be after using the up arrow key

Tab key: Provides available suggestions for completing your text

A
42
Q

The shell is the command-line interpreter. That means it helps you communicate with the operating system through the command line.

A
43
Q

Types of shells
The many different types of Linux shells include the following:

Bourne-Again Shell (bash)

C Shell (csh)

Korn Shell (ksh)

Enhanced C shell (tcsh)

Z Shell (zsh)

All Linux shells use common Linux commands, but they can differ in other features. For example, ksh and bash use the dollar sign ($) to indicate where users type in their commands. Other shells, such as zsh, use the percent sign (%) for this purpose.

Bash
Bash is the default shell in most Linux distributions. It’s considered a user-friendly shell. You can use bash for basic Linux commands as well as larger projects.

Bash is also the most popular shell in the cybersecurity profession. You’ll use bash throughout this course as you learn and practice Linux commands.

A
44
Q

Standard input consists of information received by the OS via the command line. This is like you asking your friend a question during a conversation. The information is input from your keyboard to the shell. If the shell can interpret your request, it asks the kernel for the resources it needs to execute the related task.

A
45
Q

Bash: The default shell in most Linux distributions

A
46
Q

Application: A program that performs a specific task

A
47
Q

CentOS: An open-source distribution that is closely related to Red Hat

A
48
Q

File path: The location of a file or directory

A
49
Q

Kali Linux ™: An open-source distribution of Linux that is widely used in the security industry

A
50
Q

Package manager: A tool that helps users install, manage, and remove packages or applications

A
51
Q

Parrot: An open-source distribution that is commonly used for security

A
52
Q

Penetration test (pen test): A simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes

A
53
Q

Red Hat® Enterprise Linux® (also referred to simply as Red Hat in this course): A subscription-based distribution of Linux built for enterprise use

A
54
Q

Shell: The command-line interpreter

A
55
Q

String data: Data consisting of an ordered sequence of characters

A
56
Q

Ubuntu: An open-source, user-friendly distribution that is widely used in security and other industries

A
57
Q

AND is an operator that specifies that both conditions must be met simultaneously. Bringing this back to our fruit and vegetable analogy, this is the same as asking someone to select apples from the big box where the apples are large and fresh. This means our results won’t include any small apples even if they’re fresh, or any rotten apples even if they’re large. They’ll only include large fresh apples. The apples must meet both conditions.

A
58
Q

the OR operator is an operator that specifies that either condition can be met.

A
59
Q

NOT negates a condition.

A
60
Q
A
61
Q
A
62
Q
A
63
Q
A
64
Q

An INNER JOIN returns rows matching on a specified column that exists in more than one table.

A
65
Q

In SQL, NULL represents a missing value due to any reason.

A
66
Q
A
67
Q
A
68
Q
A
69
Q
A
70
Q
A
71
Q
A
72
Q
A
73
Q
A
74
Q

A special character that can be substituted with any other character

A

Wildcard:

75
Q

The rules that determine what is correctly structured in a computing language

A

Syntax:

76
Q

A programming language used to create, interact with, and request information from a database

A

SQL (Structured Query Language):

77
Q

Data consisting of an ordered sequence of characters

A

String data:

78
Q

A structured database containing tables that are related to each other

A

Relational database:

79
Q

A request for data from a database table or a combination of tables

A

Query:

80
Q

A column where every row has a unique entry

A

Primary key:

81
Q

A symbol or keyword that represents an operation

A

Operator:

82
Q

Data consisting of numbers

A

Numeric data:

83
Q

A record of events that occur within an organization’s systems

A

Log:

84
Q

An operator that includes the value of comparison

A

Inclusive operator:

85
Q

A column in a table that is a primary key in another table

A

Foreign key:

86
Q

Selecting data that match a certain condition

A

Filtering:

87
Q

An operator that does not include the value of comparison

A

Exclusive operator:

88
Q

Data representing a date and/or time

A

Date and time data:

89
Q

An organized collection of information or data

A

Database:

90
Q
A