Day 6: Linux Security Essentials Flashcards
(T/F) Windows is loaded on over 80% of all computers.
True
(T/F) Windows is the OS that most mission-critical systems run on.
False
(T/F) Most security appliances that are installed in a data center are running Linux
True
What is the difference between a major breach and a minor breach?
It is not the system that is compromised, but the data it contains.
What OS do most appliances and security devices run?
Linux
(T/F) It is important to remember that although Windows has a much larger install base, Linux is usually installed on most important, mission critical systems.
True
What OS do security analysts, assessment and penetration testers and many security teams using?
Linux
(T/F) Linux started as a desktop OS, but has moved into the data center as a server.
False
What are the main linux distributions?
- Ubuntu (Debian)
- Fedora (Red Hat)
- Cygwin for Windows
- Mac OS (BSD)
What distribution is Kali based on?
Debian
Often just called Linux, what is the proper nominclature?
GNU/Linux
Who ported Minix (a UNIX teaching tool) to Linux from scratch for the Intel 386 platform?
Linus Torvalds
What does Ubuntu mean when translated back to it’s African word?
Humanity to others
Ubuntu is based on what branch of Linux?
Debian
What linux branch is best known for its package management system?
Debian
What is the Debian package-management system called?
APT: Advanced Package Tool
How does APT work?
APT researches the package in question, sees what libraries and other programs that the package might need (these are called dependencies), goes out to the Internet and downloads them, installs them, presents any configuration choices to the user, and Chen checks it work - all done automatically.
Does Ubuntu come with a default firewall and a graphical control for the firewall ENABLED?
no
What Linux is Fedora based on?
RedHat
With Fedora, is the firewall included and enabled?
Yes
What is the most profitable Linux version?
RedHat
With any OS is it critical to continually think about security and look at additional hardening measures?
Yes
What are the major steps to securing Mac OS?
- Turn on firewall to control access to the system.
- Turn off unneeded services
- Limit service sharing
- Set up securing file sharing
- Carefully monitor access lists
- Use password assistant for stronger authentication
What is the Linux command to list contents of a directory?
ls
What is the Linux command to list contents of a directory including long listing and shows attributes?
ls -l
What is the Linux command to list contents of a directory including both hidden and regular files?
ls -al
What is the Linux command to change the working directory?
cd
What is the Linux command to rename a file?
mv
What is the Linux command to change file attributes?
chmod
What is the Linux command to make a new directory?
mkdir
What is the Linux command to remove a directory?
rmdir
What is the Linux command to delete files?
rm
What is the Linux command to copy files?
cp
What is the DOS command to list contents of a directory?
dir /w
What is the DOS command to list contents of a directory including both hidden and regular files?
dir
What is the DOS command to list contents of a directory including both hidden and regular files?
dir /a
What is the DOS command to change the working directory?
cd
What is the DOS command to rename a file?
rename
What is the DOS command to change file attributes?
attrib
What is the DOS command to make a new directory?
md
What is the DOS command to remove a directory?
rd
What is the DOS command to delete files?
del
What is the DOS command to copy files?
copy
What is the Linux command to view file contents?
cat
What is the Linux command to print the current working directory?
pwd
What is the Linux command to view a page at a time
more
What is the Linux command to read the help manual?
man
What is the Linux command to find specific files?
find
What is the Linux command to perform string searches?
grep
What is the Linux command to switch user accounts?
su
What is the Linux command to delegate authority to users?
sudo
What is the Linux character to pipe one command into another one?
|
How do you create a file as output from commands?
>
What is the Linux command-line interpreter used to run programs on the computer?
shell
In Linux, what provides the use with an interface to the system?
shell
In linux, what listens to the terminal and translates requests into action by the kernel and programs?
shell
In Linux, what is the vehicle through which applications obtain permissions and interact with the kernel?
shell
In Linux, what is the root file system?
/
In Linux, what is the top of the directory hierarchy?
/
What can you use to find the commands for each different Linux distributions?
Unix Rosetta Stone
In Linux, what directory contains files used to talk to system devices?
/dev
/devices
In Linux, what directory contains the primary OS?
/usr
How should you setup the /usr directory for security?
Mount it read-only
In Linux, what directory contains logs, queues, etc.?
/var
In Linux, what directories contain executable programs, some of which are SUID or SGID?
/bin
/usr/bin
/usr/local
/opt
In Linux, what directories contain user home directories?
/home
/export/home
(T/F) There used to be a lot of variance about where different files were located in different Linux flavors, but modern Linux variants use the same general file system layout.
True
In Linux, what is the top of the file system?
/
In Linux, what directory contains the special device files that programs running on the system use to communicate with the physical hardware devices controlled by the kernel?
/dev
In Linux, where are the most critical components of the OS found - including system binaries, programming library and tools?
/usr
In Linux, what directory has the online documentation?
/usr
In Linux, what directory should be thought of as read-only after the OS is loaded until the system is upgraded or patched?
/usr
In Linux, what directory is the place where the system keeps frequently changing data, such as logs and temporary queues?
/var
In Linux, the standard convention is to put 3rd party software obtained from the Internet into what directory?
/usr/local
SYSV-derived systems such as Solaris and HP-UX often put 3rd-party software into which directory?
/opt
What are the Linux File System Security Goals?
- Protect OS binaries in /usr
- Prevent introduction of SUID programs and unauthorized devices
- Allow other software to be installed
- Discourage DoS attacks
After a system is compromised, the attacker likely wants to install a rootkit. Typically, the binaries that the attacker replaces are OS programs in which directory?
/usr/bin
/usr/sbin
What is called a set of binaries that gives an attacker a back door into the system and helps them escape detection by the system administrator?
Rootkit
(T/F) The administrator should not attempt to stop people from creating or bringing unauthorized set-UID and set-GID programs on the machine.
Falst
Administrators partition file systems to prevent what types of attacks?
Denial of Service (DoS)
What is the golden rule?
The best way to secure a service is to turn it off, and if it’s not needed, uninstall it.
The phase “The best way to secure a service is to turn it off, and if it’s not needed, uninstall it” is known as?
The golden rule
(T/F) Although many security mechanisms are built into Linux, there is no such thing as a secure Linux install.
True
Linux Classic init is also known as what style initialization?
System-V
In Linux, what is the original boot time service starter?
init
(T/F) In Linux, init does not follow a linear process.
false
(T/F) In Linux, init is able to detect and handle sudden changes in the system.
False
In Linux, when does init track services?
boot & shutdown
Does init in Linux System-V use runlevels ?
Yes
Using Classic init Linux, when the system is powered on and after the kernel if fully running, what is the first process to start?
init
In Classic init Linux, what is responsible for the setup of the entire user environment?
init
The init process starts as what process id (PID)?
1
In Classic Linux, what is the parent process to all other processes and adopts all orphaned processes in the user space?
init
PID 1
(T/F) init was created at a time when parallel processing and changes to a running system did not exists, put they are now commonplace.
True
(T/F) init is aware of changes made to the system while it is running.
False
When is the only time that init deals with services?
Startup and Shutdown