IS3440 CHAP 2 BASIC COMPONENTS OF LINUX SECURITY Flashcards
COMMAND ____ is the Linux packet filtering command for firewalls and masquerading. Primary use is of packet filtering firewalls; it can also be used in network address translation.
COMMAND
iptables
COMMAND ___ is the RPC port number mapper, commonly used for services such as NFS and NIS.
COMMAND
portmap
COMMAND ___ is the daemon for the SSH service.
COMMAND
sshd
COMMAND ___ is the system log message service, associated with the syslog daemon. When combined with the kernel log daemon, known as klogd, it is sometimes shown as the sysklogd daemon.
COMMAND
syslog
In Linux, ___ allows authorized users to set the permissions associated with a file or directory. Those permissions can supersede standard discretionary access controls.
(ACLs) ACCESS CONTROL LISTS
___ is when the source code of a kernel is compiled in an installable package, it is changed from a human-readable format to a binary format readable only by a computer.
BINARY KERNEL
____ is the most common DNS server on the Internet, originally created at the University of California at Berkeley, it is maintained by the Internet Systems Consortium.
(BIND) BERKELEY INTERNET NAME DOMAIN
___ is often known as a rebuild because it is a distribution built by third parties, based on source code released for the Red Hat Enterprise Linux distribution and is short for the Community Enterprise Operating System.
CentOS
___ is the default print service for most modern Linux distributions. By default this uses the (IPP), but it can also administer with printers in a number of other protocols.
(CUPS)COMMON UNIX PRINTING SYSTEM
___ is an email server developed at Carnegie-Mellon University, primarily for IMAP version 4 email delivery.
CYRUS
___ is the group of services and daemons started by default when Linux is booted. Other services and daemons are started in other ___. If Linux is already running, a move to the ___ may also stop other services and daemons.
DEFAULT RUNLEVEL
___ is a security control system that limits access to objects such as files and directories to specified users and groups.
DISCRETIONARY ACCESS CONTROL
___ is a relatively light-weight DNS server alternative to BIND. It is released under a public-domain license, which is not open source.
(djbdns) DANIEL J BERNSTEIN’S DNS
___ is a hierarchical database of domain names and Internet Protocol (IP) addresses. Two major services on Linux are BIND and djbdns.
(DNS) DOMAIN NAME SYSTEM
___ is an open source email service, designed for regular and secure versions of the POP and IMAP protocols.
DOVECOT
___ is the open source SMTP server developed by the University of Cambridge and is the default MTA for Debian systems.
EXIM
___ is a protocol and service for exchanging files.
(FTP) FILE TRANSFER PROTOCOL
___ is a graphical login manager built by the developers of the GNOME Desktop Environment.
It may be used to log into graphical desktop environments other than GNOME.
(GDM) GNOME Display Manager
___ is the default boot loader for Ubuntu, Red Hat, and many other Linux distributions. There are two versions in common use, with different options for security.
(GRUB) GRAND UNIFIED BOOTLOADER
In Linux, the ___ is separate from but requires the use of an X Window System Server. It may also include a window manager to control the placement of windows within that GUI. Two types are GNOME and KDE.
GRAPHICAL DESKTOP ENVIRONMENT
A ___ is for graphical logins to a Linux GUI.
Three standard Linux graphical login managers are GDM, KDM, and XDM.
GRAPHICAL LOGIN MANAGER
___ is a computer system designed to detect attempts by black-hat hackers to break into a network.
It includes data that appears to be of value.
It is carefully monitored, and isolated from other systems on the local network.
HONEYPOT
___ is a graphical login manager built by the developers of KDE and may be used to log into graphical desktop environments other than KDE.
(KDM) KDE DISPLAY MANAGER
___ is a version of the Telnet server that can use Kerberos tickets to enhance security.
KERBEROS TELNET
___ is the core component of the operating system, which supports communication between applications and hardware.
KERNEL
\_\_\_ is a virtual machine monitor. On Linux systems, it requires a specialized kernel module and supports hardware virtualization and para-virtualization.
(KVM)
KERNEL-BASED VIRTUAL MACHINE
___ is a Linux distribution most well known for its live CDs and DVDs.
KNOPPIX
___ is a unified collection of applications, services, drivers, and libraries configured with a Linux kernel.
LINUX DISTRIBUTION
___The core of the Linux operating system. Different Linux kernels are in effect different operating systems. It includes a monolithic core and modular components.
LINUX KERNEL
___ is a nonprofit group established to distribute the Linux kernel and other open source software.
LINUX KERNEL ORGANIZATION
___ is an alternative Linux boot loader.
It is a legacy boot loader for many Linux distributions.
(LILO) LINUX LOADER
___ may refer to a CD or DVD with a bootable operating system.
That same data may also be loaded on a USB drive. When loaded, it provides password-free root administrative access to the system.
LIVE CD
___ is a kernel with components that are loaded during the boot process.
Loaded components depend on detected hardware, configuration files, and more.
MODULAR KERNEL
___ is a kernel with components that are loaded during the boot process.
Loaded components depend on detected hardware, configuration files, and more.
MONOLITHIC KERNEL
___ is the open source database program.
It is a Structured Query Language database.
It is currently owned by Oracle.
MySQL
___ is a protocol and service that synchronizes clocks over a network.
(NTP) NETWORK TIME PROTOCOL
___ is a development practice in which source code is released publicly.
Its licenses allow others to use and even improve upon that same source code, as long as they give credit to the original developers. The GNU General Public License (GPL) is an example.
OPEN SOURCE
When a security issue requires a kernel ___, you will have to repeat the process of customizing and recompiling a kernel.
In other words, in the context of the Linux kernel, a ____ is an incremental upgrade to the Linux kernel.
PATCH
For Linux, ___ is a series of configuration files that provide dynamic authentication for administrative and other services.
(PAM) PLUGGABLE AUTHENTICATION MODULES
___ supports fine-grained control administrative tools from regular accounts. The focus is on the GNOME desktop environment.
POLICYKIT
A relatively popular open source alternative is ___.
It is the default MTA for the Ubuntu and SUSE Linux distributions.
It is an open source SMTP server originally developed at IBM and it is designed to be simpler than sendmail.
POSTFIX
___ is an open source database alternative program, sponsored by a variety of open source and other IT companies.
PostgreSQL
___ is the self-declared replacement for sendmail, developed by Daniel J. Bernstein, who also developed dfbdns.
QMAIL
___ is a mode of operation in Linux associated with a group of services and daemons. Specified services and daemons are started or killed when starting a particular ___.
RUNLEVEL
___ is the open source SMTP server maintained by the Sendmail Consortium. Do not confuse this with the commercial SMTP server know as Sendmail.
(Hint: No caps in sendmail)
sendmail
___ is a commercial SMTP server painted by Sendmail, Inc. Do not confuse this with the open source SMTP server with a very similar name.
(Hint: Has caps in Sendmail)
Sendmail
___ is a human-readable computer language that can be collected and compiled into computer program, library, or application.
SOURCE CODE
___ is a protocol and service that uses a simplified form of FTP.
(TFTP) TRIVIAL FILE TRANSFER PROTOCOL
___is the open source FTP server used by developers of Red Hat, SUSE, and Debian to share their distributions.
(vsftpd) very secure File Transfer Protocol daemon
___ is a component of the Samba file server that supports integration of Linux/Unix and Microsoft authentication informations.
Winbind
___ is a graphical login manager built by the developers of the X.Org GUI server.
(XDM) X Display Manager
___ is an older X Window System Server, commonly used in older Linux distributions.
XFree86
___ is a virtual machine monitor developed at the University of Cambridge. On the Linux systems, it requires a specialized kernel. It supports hardware virtualization and paravirtualization.
Xen
- Which of the following statements best describes the structure of the Linux kernel?
- A single monolithic kernel
- A completely modular kernel
- A modular core with monolithic components
- A monolithic core with modular components
A monolithic core with modular components
- The Web site associated with the Linux Kernel Organization is ___?
http://kernal.org
- Which of the following statements is NOT true about a live CD distribution? Assume your system can boot from appropriate locations.
- It can be booted from a DVD drive
- It can be booted from a USB port
- It automatically installs that Linux distribution on your system
- It provides administrative control of your system without a passport.
It automatically installs that Linux distribution on your system
- Which of the following is a security risk associated with the LILO boot loader?
- Changes to LILO can be password protected
- It supports password-free access to the administrative account
- It allows a user to boot Microsoft Windows.
- It supports the booting of a monolithic Linux kernel
It supports password-free access to the administrative account
- Which of the following services should NOT be disabled on a bastion host used as an FTP server> Assume that the host is administered remotely, over an encrypted connection.
- SSH
- Telnet
- CUPS
- COMMAND iptables
SSH
- Which of the following is NOT a potential security issue with respect to the Linux GUI?
- The Linux GUI is a client-server system
- Linux GUI applications can be networked
- Linux GUI applications can be accessed over an SSH connection
- Users can log into the Linux GUI remotely
Linux GUI applications can be accessed over an SSH connection
- Which of the following authentication tools work locally?
- NIS
- PAM
- LDAP
- Winbind
PAM
- Which of the following is an example of discretionary access controls?
- SELinux
- AppArmor
- PolicyKit
- User-defined read, write, and execute permissions
User-defined read, write, and execute permissions
- Which of the following options is NOT used to block access from certain IP addresses?
- COMMAND iptables
- SELinux
- TCP Wrappers
- Extended internet super server
SELinux
- Which of the following statements best describes the role of mandatory access controls?
- They protect other services after a security breach in an account
- They protect a system from black-hat hacker access through firewalls
- They disable clear-text services such as Telnet
- They provide specific requirements for access to critical services
They protect other services after a security breach in an account
- Packages associated with SSH include a client for which of the following protocols?
- Samba
- FTP
- Telnet
- SMTP
FTP
- Under normal circumstances, what happens when a system can’t be booted with a newly installed Linux kernel?
- You need to install the old kernel
- The system can’t be booted. You need to reinstall that Linux distribution
- The system can not be booted. You need to recover the old Linux kernel with the help of a recovery or rescue mode for that distribution
- The old kernel is still available through the boot loader
The old kernel is still available through the boot loader
- What is the best course of action if you want to take control of those packages that are updated on your distribution?
- Create your own update repository
- Deselect the packages that should not be updated
3 Change to a different distribution - Use the update repositories from a different distribution
Create your own update repository
- Which of the following is NOT a standard open source option for SMTP email services?
- sendmail
- Postfix
- Dovecot
- Exim
Dovecot
