E05: Linux Security Posture Flashcards

1
Q

What enables packet filtering, NAT, and packet logging?

  • Nftables
  • iptables
  • netfilter
  • tables
A

netfilter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Ubuntu 20.04 for example has netfilter and iptables but has another command-line front end for iptables. What is the command?

A

ufw (Uncomplicated Firewall)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What was designed to replace the old iptables in pursuit of better performance, scalabiltiy, and useability?

  • Nftables
  • iptables
  • netfilter
  • tables
A

Nftables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Iptables filters packets based on Tables, Chains, Rules, and Targets

T/F

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Within iptables, what are files that join similar actions and consists of several chains?

  • Chains
  • rules
  • tables
  • targets
A

tables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Within iptables, what is a statement that tells the system what to do with a packet?

  • Chains
  • rules
  • tables
  • targets
A

rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a decision of what to do with a packet.

  • chains
  • rules
  • tables
  • targets
A

targets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is not one of the default tables that can be used within iptables?

  • Chain
  • Filter
  • NAT
  • Mangle
A

Chain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is used to adjust the TCP headers of the packet.

  • Raw
  • Filter
  • NAT
  • Mangle
A

Mangle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is used to exempt packets from connection tracking?

  • Raw
  • Filter
  • NAT
  • Mangle
A

Raw

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The default chains for NAT include all of the following except:

  • Prerouting
  • Postroutiing
  • Input
  • Output
A

Input

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The default chains for Filter include all of the following except:

  • Routing
  • Input
  • Output
  • Forward
A

Routing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

This table rules for routing packets to networks that cannot be accessed directly.

  • Filter
  • Mangle
  • RAW
  • NAT
A

NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

For more information on iptables, what command could a user use in a terminal?

A

man iptables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What Chain in Targets, is defined as targets that keep matching the packets against rules in a chain even when the packet matches a rule?

  • Terminating
  • Non-Terminating
  • Accept
  • Reject
A

Non-Terminating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What option would be utilized in iptables to initiate a protocol check?

  • p
  • P
  • j
  • s
A

p

17
Q

What option would be utilized in iptables to identify source specification?

  • S
  • m
  • s
  • D
A

-s

18
Q

What command can be used to see all existing tables in iptables? (full command to include –)

A

sudo iptables –list

19
Q

What command can be utilized to set a default policy that alllows all incoming traffic in iptables?

A
20
Q

File integrity monitoring (FIM) refers to an IT security process and technology that tests and checks operating system (OS), database, and application software files to determine whether or not they have been tampered with or corrupted.

T/F

A

True

21
Q

What command did we utilize in this lesson to create a hash?

A

md5sum

22
Q

File integrity can be verified with ______ hashing tools like md5sum.

A

MD5

23
Q

All of the following are common hashing tools except:

  • md5sum
  • Hash
  • HAVAL
  • CRC-32
A

Hash

24
Q

What is a broad term that covers a multitude of devices, technologies, and processes?

  • Switch
  • Router
  • Security Information
  • Network Security
A

Network Security

25
Q

The protection and secure configuration of Network Services like DNS Servers, Time Servers, VPN Concentrators that provide secure remote access, and VPN Tunnels to remote sites is also usualy considered network security.

T/F

A

True

26
Q

Which command includes the functionality for retrieving the banner details from HTTP servers.

A

wget

27
Q

Two main types of Banner grabbing are Active and ________

A

Passive

28
Q

What is often termed as Service Fingerprinting?

  • HTTP grabbing
  • Banner Grabbing
  • Active Banner
  • Passive Banner
A

Banner Grabbing

29
Q

Which banner is described as the attacker collecting data about our target using publically available information i.e. by analyzing the server either with the help of “Error Messages” or by “Sniffing up the Network Traffic”?

  • Reactive Banner
  • Active Banner
  • Passive Banner
  • Pattern Banner
A

Passive Banner

30
Q

What provides basic traffic filtering of incoming network traffic?

A

tcp wrappers

31
Q

TCP Wrappers include two main files which are /etc/hosts.allow and ________

A

/etc/hosts.deny

32
Q

What type of security refers to security tools that are deployed at the host level.

  • Host-Based
  • Network-Based
  • Software-Based
  • STIGS
A

Host-Based

33
Q

What are a configuration standard consisting of cybersecurity requirements that must be adhered to by any organization that is working with the Department of Defense?

  • SOP
  • OWASP
  • STIGs
  • NISST
A

STIGs

34
Q

What is an implementation of Mandatory Access Control for Linux written and published by the National Security Agency (NSA) that significantly increases the security of a Linux installation?

  • Linux
  • SSH
  • SecureFTP
  • SELinux
A

SELinux

35
Q

To maintain web host security, you can use what command?

A

netstat