IS3440 CHAP 2 BASIC COMPONENTS OF LINUX SECURITY

Question 1

COMMAND ____ is the Linux packet filtering command for firewalls and masquerading. Primary use is of packet filtering firewalls; it can also be used in network address translation.

Answer 1

COMMAND

iptables

Question 2

COMMAND ___ is the RPC port number mapper, commonly used for services such as NFS and NIS.

Answer 2

COMMAND

portmap

Question 3

COMMAND ___ is the daemon for the SSH service.

Answer 3

COMMAND

sshd

Question 4

COMMAND ___ is the system log message service, associated with the syslog daemon. When combined with the kernel log daemon, known as klogd, it is sometimes shown as the sysklogd daemon.

Answer 4

COMMAND

syslog

Question 5

In Linux, ___ allows authorized users to set the permissions associated with a file or directory. Those permissions can supersede standard discretionary access controls.

Answer 5

(ACLs) ACCESS CONTROL LISTS

Question 6

___ is when the source code of a kernel is compiled in an installable package, it is changed from a human-readable format to a binary format readable only by a computer.

Answer 6

BINARY KERNEL

Question 7

____ is the most common DNS server on the Internet, originally created at the University of California at Berkeley, it is maintained by the Internet Systems Consortium.

Answer 7

(BIND) BERKELEY INTERNET NAME DOMAIN

Question 8

___ is often known as a rebuild because it is a distribution built by third parties, based on source code released for the Red Hat Enterprise Linux distribution and is short for the Community Enterprise Operating System.

Answer 8

CentOS

Question 9

___ is the default print service for most modern Linux distributions. By default this uses the (IPP), but it can also administer with printers in a number of other protocols.

Answer 9

(CUPS)COMMON UNIX PRINTING SYSTEM

Question 10

___ is an email server developed at Carnegie-Mellon University, primarily for IMAP version 4 email delivery.

Answer 10

CYRUS

Question 11

___ is the group of services and daemons started by default when Linux is booted. Other services and daemons are started in other ___. If Linux is already running, a move to the ___ may also stop other services and daemons.

Answer 11

DEFAULT RUNLEVEL

Question 12

___ is a security control system that limits access to objects such as files and directories to specified users and groups.

Answer 12

DISCRETIONARY ACCESS CONTROL

Question 13

___ is a relatively light-weight DNS server alternative to BIND. It is released under a public-domain license, which is not open source.

Answer 13

(djbdns) DANIEL J BERNSTEIN’S DNS

Question 14

___ is a hierarchical database of domain names and Internet Protocol (IP) addresses. Two major services on Linux are BIND and djbdns.

Answer 14

(DNS) DOMAIN NAME SYSTEM

Question 15

___ is an open source email service, designed for regular and secure versions of the POP and IMAP protocols.

Answer 15

DOVECOT

Question 16

___ is the open source SMTP server developed by the University of Cambridge and is the default MTA for Debian systems.

Answer 16

EXIM

Question 17

___ is a protocol and service for exchanging files.

Answer 17

(FTP) FILE TRANSFER PROTOCOL

Question 18

___ is a graphical login manager built by the developers of the GNOME Desktop Environment.
It may be used to log into graphical desktop environments other than GNOME.

Answer 18

(GDM) GNOME Display Manager

Question 19

___ is the default boot loader for Ubuntu, Red Hat, and many other Linux distributions. There are two versions in common use, with different options for security.

Answer 19

(GRUB) GRAND UNIFIED BOOTLOADER

Question 20

In Linux, the ___ is separate from but requires the use of an X Window System Server. It may also include a window manager to control the placement of windows within that GUI. Two types are GNOME and KDE.

Answer 20

GRAPHICAL DESKTOP ENVIRONMENT

Question 21

A ___ is for graphical logins to a Linux GUI.

Three standard Linux graphical login managers are GDM, KDM, and XDM.

Answer 21

GRAPHICAL LOGIN MANAGER

Question 22

___ is a computer system designed to detect attempts by black-hat hackers to break into a network.
It includes data that appears to be of value.
It is carefully monitored, and isolated from other systems on the local network.

Answer 22

HONEYPOT

Question 23

___ is a graphical login manager built by the developers of KDE and may be used to log into graphical desktop environments other than KDE.

Answer 23

(KDM) KDE DISPLAY MANAGER

Question 24

___ is a version of the Telnet server that can use Kerberos tickets to enhance security.

Answer 24

KERBEROS TELNET

Question 25

___ is the core component of the operating system, which supports communication between applications and hardware.

Answer 25

KERNEL

Question 26

\_\_\_ is a virtual machine monitor.  
On Linux systems, it requires a specialized kernel module and supports hardware virtualization and para-virtualization.

Answer 26

(KVM)

KERNEL-BASED VIRTUAL MACHINE

Question 27

___ is a Linux distribution most well known for its live CDs and DVDs.

Answer 27

KNOPPIX

Question 28

___ is a unified collection of applications, services, drivers, and libraries configured with a Linux kernel.

Answer 28

LINUX DISTRIBUTION

Question 29

___The core of the Linux operating system. Different Linux kernels are in effect different operating systems. It includes a monolithic core and modular components.

Answer 29

LINUX KERNEL

Question 30

___ is a nonprofit group established to distribute the Linux kernel and other open source software.

Answer 30

LINUX KERNEL ORGANIZATION

Question 31

___ is an alternative Linux boot loader.

It is a legacy boot loader for many Linux distributions.

Answer 31

(LILO) LINUX LOADER

Question 32

___ may refer to a CD or DVD with a bootable operating system.
That same data may also be loaded on a USB drive. When loaded, it provides password-free root administrative access to the system.

Answer 32

LIVE CD

Question 33

___ is a kernel with components that are loaded during the boot process.
Loaded components depend on detected hardware, configuration files, and more.

Answer 33

MODULAR KERNEL

Question 34

___ is a kernel with components that are loaded during the boot process.
Loaded components depend on detected hardware, configuration files, and more.

Answer 34

MONOLITHIC KERNEL

Question 35

___ is the open source database program.
It is a Structured Query Language database.
It is currently owned by Oracle.

Answer 35

MySQL

Question 36

___ is a protocol and service that synchronizes clocks over a network.

Answer 36

(NTP) NETWORK TIME PROTOCOL

Question 37

___ is a development practice in which source code is released publicly.
Its licenses allow others to use and even improve upon that same source code, as long as they give credit to the original developers. The GNU General Public License (GPL) is an example.

Answer 37

OPEN SOURCE

Question 38

When a security issue requires a kernel ___, you will have to repeat the process of customizing and recompiling a kernel.
In other words, in the context of the Linux kernel, a ____ is an incremental upgrade to the Linux kernel.

Answer 38

PATCH

Question 39

For Linux, ___ is a series of configuration files that provide dynamic authentication for administrative and other services.

Answer 39

(PAM) PLUGGABLE AUTHENTICATION MODULES

Question 40

___ supports fine-grained control administrative tools from regular accounts. The focus is on the GNOME desktop environment.

Answer 40

POLICYKIT

Question 41

A relatively popular open source alternative is ___.
It is the default MTA for the Ubuntu and SUSE Linux distributions.
It is an open source SMTP server originally developed at IBM and it is designed to be simpler than sendmail.

Answer 41

POSTFIX

Question 42

___ is an open source database alternative program, sponsored by a variety of open source and other IT companies.

Answer 42

PostgreSQL

Question 43

___ is the self-declared replacement for sendmail, developed by Daniel J. Bernstein, who also developed dfbdns.

Answer 43

QMAIL

Question 44

___ is a mode of operation in Linux associated with a group of services and daemons. Specified services and daemons are started or killed when starting a particular ___.

Answer 44

RUNLEVEL

Question 45

___ is the open source SMTP server maintained by the Sendmail Consortium. Do not confuse this with the commercial SMTP server know as Sendmail.
(Hint: No caps in sendmail)

Answer 45

sendmail

Question 46

___ is a commercial SMTP server painted by Sendmail, Inc. Do not confuse this with the open source SMTP server with a very similar name.
(Hint: Has caps in Sendmail)

Answer 46

Sendmail

Question 47

___ is a human-readable computer language that can be collected and compiled into computer program, library, or application.

Answer 47

SOURCE CODE

Question 48

___ is a protocol and service that uses a simplified form of FTP.

Answer 48

(TFTP) TRIVIAL FILE TRANSFER PROTOCOL

Question 49

___is the open source FTP server used by developers of Red Hat, SUSE, and Debian to share their distributions.

Answer 49

(vsftpd) very secure File Transfer Protocol daemon

Question 50

___ is a component of the Samba file server that supports integration of Linux/Unix and Microsoft authentication informations.

Answer 50

Winbind

Question 51

___ is a graphical login manager built by the developers of the X.Org GUI server.

Answer 51

(XDM) X Display Manager

Question 52

___ is an older X Window System Server, commonly used in older Linux distributions.

Answer 52

XFree86

Question 53

___ is a virtual machine monitor developed at the University of Cambridge. On the Linux systems, it requires a specialized kernel. It supports hardware virtualization and paravirtualization.

Answer 53

Xen

Question 54

1. Which of the following statements best describes the structure of the Linux kernel?
2. A single monolithic kernel
3. A completely modular kernel
4. A modular core with monolithic components
5. A monolithic core with modular components

Answer 54

A monolithic core with modular components

Question 55

2. The Web site associated with the Linux Kernel Organization is ___?

Answer 55

http://kernal.org

Question 56

3. Which of the following statements is NOT true about a live CD distribution? Assume your system can boot from appropriate locations.
4. It can be booted from a DVD drive
5. It can be booted from a USB port
6. It automatically installs that Linux distribution on your system
7. It provides administrative control of your system without a passport.

Answer 56

It automatically installs that Linux distribution on your system

Question 57

4. Which of the following is a security risk associated with the LILO boot loader?
5. Changes to LILO can be password protected
6. It supports password-free access to the administrative account
7. It allows a user to boot Microsoft Windows.
8. It supports the booting of a monolithic Linux kernel

Answer 57

It supports password-free access to the administrative account

Question 58

5. Which of the following services should NOT be disabled on a bastion host used as an FTP server> Assume that the host is administered remotely, over an encrypted connection.
6. SSH
7. Telnet
8. CUPS
9. COMMAND iptables

Answer 58

SSH

Question 59

6. Which of the following is NOT a potential security issue with respect to the Linux GUI?
7. The Linux GUI is a client-server system
8. Linux GUI applications can be networked
9. Linux GUI applications can be accessed over an SSH connection
10. Users can log into the Linux GUI remotely

Answer 59

Linux GUI applications can be accessed over an SSH connection

Question 60

7. Which of the following authentication tools work locally?
8. NIS
9. PAM
10. LDAP
11. Winbind

Answer 60

PAM

Question 61

8. Which of the following is an example of discretionary access controls?
9. SELinux
10. AppArmor
11. PolicyKit
12. User-defined read, write, and execute permissions

Answer 61

User-defined read, write, and execute permissions

Question 62

9. Which of the following options is NOT used to block access from certain IP addresses?
10. COMMAND iptables
11. SELinux
12. TCP Wrappers
13. Extended internet super server

Answer 62

SELinux

Question 63

10. Which of the following statements best describes the role of mandatory access controls?
11. They protect other services after a security breach in an account
12. They protect a system from black-hat hacker access through firewalls
13. They disable clear-text services such as Telnet
14. They provide specific requirements for access to critical services

Answer 63

They protect other services after a security breach in an account

Question 64

11. Packages associated with SSH include a client for which of the following protocols?
12. Samba
13. FTP
14. Telnet
15. SMTP

Answer 64

FTP

Question 65

12. Under normal circumstances, what happens when a system can’t be booted with a newly installed Linux kernel?
13. You need to install the old kernel
14. The system can’t be booted. You need to reinstall that Linux distribution
15. The system can not be booted. You need to recover the old Linux kernel with the help of a recovery or rescue mode for that distribution
16. The old kernel is still available through the boot loader

Answer 65

The old kernel is still available through the boot loader

Question 66

13. What is the best course of action if you want to take control of those packages that are updated on your distribution?
14. Create your own update repository
15. Deselect the packages that should not be updated
    3 Change to a different distribution
16. Use the update repositories from a different distribution

Answer 66

Create your own update repository

Question 67

14. Which of the following is NOT a standard open source option for SMTP email services?
15. sendmail
16. Postfix
17. Dovecot
18. Exim

Answer 67

Dovecot