Day 6: Linux Security Essentials

Question 1

(T/F) Windows is loaded on over 80% of all computers.

Answer 1

True

Question 2

(T/F) Windows is the OS that most mission-critical systems run on.

Answer 2

False

Question 3

(T/F) Most security appliances that are installed in a data center are running Linux

Answer 3

True

Question 4

What is the difference between a major breach and a minor breach?

Answer 4

It is not the system that is compromised, but the data it contains.

Question 5

What OS do most appliances and security devices run?

Answer 5

Linux

Question 6

(T/F) It is important to remember that although Windows has a much larger install base, Linux is usually installed on most important, mission critical systems.

Answer 6

True

Question 7

What OS do security analysts, assessment and penetration testers and many security teams using?

Answer 7

Linux

Question 8

(T/F) Linux started as a desktop OS, but has moved into the data center as a server.

Answer 8

False

Question 9

What are the main linux distributions?

Answer 9

• Ubuntu (Debian)
• Fedora (Red Hat)
• Cygwin for Windows
• Mac OS (BSD)

Question 10

What distribution is Kali based on?

Answer 10

Debian

Question 11

Often just called Linux, what is the proper nominclature?

Answer 11

GNU/Linux

Question 12

Who ported Minix (a UNIX teaching tool) to Linux from scratch for the Intel 386 platform?

Answer 12

Linus Torvalds

Question 13

What does Ubuntu mean when translated back to it’s African word?

Answer 13

Humanity to others

Question 14

Ubuntu is based on what branch of Linux?

Answer 14

Debian

Question 15

What linux branch is best known for its package management system?

Answer 15

Debian

Question 16

What is the Debian package-management system called?

Answer 16

APT: Advanced Package Tool

Question 17

How does APT work?

Answer 17

APT researches the package in question, sees what libraries and other programs that the package might need (these are called dependencies), goes out to the Internet and downloads them, installs them, presents any configuration choices to the user, and Chen checks it work - all done automatically.

Question 18

Does Ubuntu come with a default firewall and a graphical control for the firewall ENABLED?

Answer 18

no

Question 19

What Linux is Fedora based on?

Answer 19

RedHat

Question 20

With Fedora, is the firewall included and enabled?

Answer 20

Yes

Question 21

What is the most profitable Linux version?

Answer 21

RedHat

Question 22

With any OS is it critical to continually think about security and look at additional hardening measures?

Answer 22

Yes

Question 23

What are the major steps to securing Mac OS?

Answer 23

1. Turn on firewall to control access to the system.
2. Turn off unneeded services
3. Limit service sharing
4. Set up securing file sharing
5. Carefully monitor access lists
6. Use password assistant for stronger authentication

Question 24

What is the Linux command to list contents of a directory?

Answer 24

ls

Question 25

What is the Linux command to list contents of a directory including long listing and shows attributes?

Answer 25

ls -l

Question 26

What is the Linux command to list contents of a directory including both hidden and regular files?

Answer 26

ls -al

Question 27

What is the Linux command to change the working directory?

Answer 27

cd

Question 28

What is the Linux command to rename a file?

Answer 28

mv

Question 29

What is the Linux command to change file attributes?

Answer 29

chmod

Question 30

What is the Linux command to make a new directory?

Answer 30

mkdir

Question 31

What is the Linux command to remove a directory?

Answer 31

rmdir

Question 32

What is the Linux command to delete files?

Answer 32

rm

Question 33

What is the Linux command to copy files?

Answer 33

cp

Question 34

What is the DOS command to list contents of a directory?

Answer 34

dir /w

Question 35

What is the DOS command to list contents of a directory including both hidden and regular files?

Answer 35

dir

Question 36

What is the DOS command to list contents of a directory including both hidden and regular files?

Answer 36

dir /a

Question 37

What is the DOS command to change the working directory?

Answer 37

cd

Question 38

What is the DOS command to rename a file?

Answer 38

rename

Question 39

What is the DOS command to change file attributes?

Answer 39

attrib

Question 40

What is the DOS command to make a new directory?

Answer 40

md

Question 41

What is the DOS command to remove a directory?

Answer 41

rd

Question 42

What is the DOS command to delete files?

Answer 42

del

Question 43

What is the DOS command to copy files?

Answer 43

copy

Question 44

What is the Linux command to view file contents?

Answer 44

cat

Question 45

What is the Linux command to print the current working directory?

Answer 45

pwd

Question 46

What is the Linux command to view a page at a time

Answer 46

more

Question 47

What is the Linux command to read the help manual?

Answer 47

man

Question 48

What is the Linux command to find specific files?

Answer 48

find

Question 49

What is the Linux command to perform string searches?

Answer 49

grep

Question 50

What is the Linux command to switch user accounts?

Answer 50

su

Question 51

What is the Linux command to delegate authority to users?

Answer 51

sudo

Question 52

What is the Linux character to pipe one command into another one?

Answer 52

|

Question 53

How do you create a file as output from commands?

Answer 53

>

Question 54

What is the Linux command-line interpreter used to run programs on the computer?

Answer 54

shell

Question 55

In Linux, what provides the use with an interface to the system?

Answer 55

shell

Question 56

In linux, what listens to the terminal and translates requests into action by the kernel and programs?

Answer 56

shell

Question 57

In Linux, what is the vehicle through which applications obtain permissions and interact with the kernel?

Answer 57

shell

Question 58

In Linux, what is the root file system?

Answer 58

/

Question 59

In Linux, what is the top of the directory hierarchy?

Answer 59

/

Question 60

What can you use to find the commands for each different Linux distributions?

Answer 60

Unix Rosetta Stone

Question 61

In Linux, what directory contains files used to talk to system devices?

Answer 61

/dev

/devices

Question 62

In Linux, what directory contains the primary OS?

Answer 62

/usr

Question 63

How should you setup the /usr directory for security?

Answer 63

Mount it read-only

Question 64

In Linux, what directory contains logs, queues, etc.?

Answer 64

/var

Question 65

In Linux, what directories contain executable programs, some of which are SUID or SGID?

Answer 65

/bin
/usr/bin
/usr/local
/opt

Question 66

In Linux, what directories contain user home directories?

Answer 66

/home

/export/home

Question 67

(T/F) There used to be a lot of variance about where different files were located in different Linux flavors, but modern Linux variants use the same general file system layout.

Answer 67

True

Question 68

In Linux, what is the top of the file system?

Answer 68

/

Question 69

In Linux, what directory contains the special device files that programs running on the system use to communicate with the physical hardware devices controlled by the kernel?

Answer 69

/dev

Question 70

In Linux, where are the most critical components of the OS found - including system binaries, programming library and tools?

Answer 70

/usr

Question 71

In Linux, what directory has the online documentation?

Answer 71

/usr

Question 72

In Linux, what directory should be thought of as read-only after the OS is loaded until the system is upgraded or patched?

Answer 72

/usr

Question 73

In Linux, what directory is the place where the system keeps frequently changing data, such as logs and temporary queues?

Answer 73

/var

Question 74

In Linux, the standard convention is to put 3rd party software obtained from the Internet into what directory?

Answer 74

/usr/local

Question 75

SYSV-derived systems such as Solaris and HP-UX often put 3rd-party software into which directory?

Answer 75

/opt

Question 76

What are the Linux File System Security Goals?

Answer 76

1. Protect OS binaries in /usr
2. Prevent introduction of SUID programs and unauthorized devices
3. Allow other software to be installed
4. Discourage DoS attacks

Question 77

After a system is compromised, the attacker likely wants to install a rootkit. Typically, the binaries that the attacker replaces are OS programs in which directory?

Answer 77

/usr/bin

/usr/sbin

Question 78

What is called a set of binaries that gives an attacker a back door into the system and helps them escape detection by the system administrator?

Answer 78

Rootkit

Question 79

(T/F) The administrator should not attempt to stop people from creating or bringing unauthorized set-UID and set-GID programs on the machine.

Answer 79

Falst

Question 80

Administrators partition file systems to prevent what types of attacks?

Answer 80

Denial of Service (DoS)

Question 81

What is the golden rule?

Answer 81

The best way to secure a service is to turn it off, and if it’s not needed, uninstall it.

Question 82

The phase “The best way to secure a service is to turn it off, and if it’s not needed, uninstall it” is known as?

Answer 82

The golden rule

Question 83

(T/F) Although many security mechanisms are built into Linux, there is no such thing as a secure Linux install.

Answer 83

True

Question 84

Linux Classic init is also known as what style initialization?

Answer 84

System-V

Question 85

In Linux, what is the original boot time service starter?

Answer 85

init

Question 86

(T/F) In Linux, init does not follow a linear process.

Answer 86

false

Question 87

(T/F) In Linux, init is able to detect and handle sudden changes in the system.

Answer 87

False

Question 88

In Linux, when does init track services?

Answer 88

boot & shutdown

Question 89

Does init in Linux System-V use runlevels ?

Answer 89

Yes

Question 90

Using Classic init Linux, when the system is powered on and after the kernel if fully running, what is the first process to start?

Answer 90

init

Question 91

In Classic init Linux, what is responsible for the setup of the entire user environment?

Answer 91

init

Question 92

The init process starts as what process id (PID)?

Answer 92

1

Question 93

In Classic Linux, what is the parent process to all other processes and adopts all orphaned processes in the user space?

Answer 93

init

PID 1

Question 94

(T/F) init was created at a time when parallel processing and changes to a running system did not exists, put they are now commonplace.

Answer 94

True

Question 95

(T/F) init is aware of changes made to the system while it is running.

Answer 95

False

Question 96

When is the only time that init deals with services?

Answer 96

Startup and Shutdown