IS3440 CHAP 3 BASIC SECURITY: FACILITIES THROUGH THE BOOT PROCESS Flashcards
___ is the main configuration file for GUB version 1, AKA traditional GRUB.
COMMAND /boot/grub.conf
___ is the mount configuration file for Linux filesystems.
COMMAND /etc/fstab
___ is the main configuration file for the Linux Loader (LILO).
COMMAND /etc/lilo.conf
___ is the configuration file that associates Internet services with Transmission Control Protocol/Internet Protocol (TCP/IP) port numbers and protocols.
COMMAND /etc/services
___ is the Linux package with management tools for the (COMMAND) trousers package, associated with the Trusted Computing Software Stack and the TPM chip.
COMMAND tpm-tools
___ is the Linux package associated with the Trusted Computing Software Stack, in support of the TPM chip.
COMMAND/ trousers
___is an interface often embedded in the motherboard. In some cases, it may be configured to allow remote access to the system boot menus.
(BMC) Baseboard management controller
___ is the identification controls based on uniqued characteristics of authorized personnel. It may be used for authentication to access a secure location such as a server room.
Biometric controls
___ is a sequence of programs that may be verified by the TPM. Example of this is Trusted GRUB.
Chain of trust
___ is a self-described “donor-funded nonprofit” created to protect the digital rights of consumers.
(EFF) Electronic Frontier Foundation
___ is the organization behind the GNU project.
(FSF) Free Software Foundation
___ is a newer version of the Grand Unified Bootloader, not yet in use on many Linux distributions.
GRUB 2.0
___ is a one-way function that converts a large amount of data to a single (long) number in an irreversible manner.
Hash function
___ is a Linux security module developed by IBM to check the integrity of executable files before the are loaded during the boot process.
(IMA) Integrity Measurement Architecture
___ is a nonprofit organization that sponsors Linux certification exams.
(LPI) Linux Professional Institute
___ is a cryptographic hash function with a 128-bit value. It is also used to encrypt local Linux passwords in the (COMMAND FILE) /etc/shadow.
(MD5) Message Digest 5
___is a consortium of security professionals and organizations sponsored by the European Union. ISECOM is working through ___ to modify standards for the TPM chip.
(OPEN TC) Open Trusted Computing
___is a feature requested ty the EFF for inclusion in TPM chips that would enable fine-grained control over its use.
Owner override
___ is a feature of a network card and a BIOS/UEFI system that gives a system the ability to boot an operating system from a remote location.
(PXE) Pre-boot eXecution Environment
Colloquially known as a sniffer, a ___ can listen in on messages transmitted on a network. One Linux example is Wireshark.
Protocol analyzer
___ is part of a Trusted Computing concept, known as the roots of trust. The core may reside in the first boot program, the BIOS or UEFI.
(RTM) Root Trust for Measurement
___ is part of a Trusted Computing concept, known as the roots of trust. It reports on the integrity of a software component using SHA-1 keys.
(RTR) Root Trust for Reporting
___ is part of a Trusted Computing concept, known as the roots of trust. It uses an endorsement key created by the TPM to store data implicitly trusted by the operating system.
(RTS) Root Trust for Storage
___ is a set of cryptographic functions created by the US National Security Agency (NSA). Because of a weakness in it, the NIST has sponsored a competition for the development of this algorithm.
(SHA-1) Secure Hash Algorithm 1
___ is a set of cryptographic functions being developed through a competition sponsored by NIST.
(SHA-3) Secure Has Algorithm 3
___ is a Web-based software development site.
SourceForge
___ is the President of the Free Software Foundation (FSF), the organization behind the GNU project. It is the leading opponent of the TPM chip.
Stallman, Richard
___ is a key used to encrypt keys stored outside the TPM chip.
(SRK) Storage Root Key
___ is an open source software stack of programs designed to work with the TPM chip. It may be downloaded and installed as the (COMMAND package) trousers .
TCG Software Stack
___ is a chip that may be installed on hardware such as a motherboard. It may be used for password protection, software license protection, digital rights management, and disk encryption.
(TPM) Trusted Platform Module
___ is a specialized version of GRUB that can work with the TPM chip in a chain of trust.
TrustedGRUB
___ is a paravirtualized device in a hardware-virtualized machine, designed for faster virtual hard drives.
Virtio block device
___Is the operating system installed inside a host’s virtual machine software.
Virtual guest
___ is the operating system that hosts virtual machine software.
Virtual host
___ is a protocol analyzer and previously know as Ethereal.
Wireshark
- Which of the following hardware components is NOT used to boot a Linux system?
- A PXE-enabled network card
- A USB port
- A CD drive
- An Ethernet port
An Ethernet port
- From the following answers, what is NOT addressed by a TPM chip?
- DRM
- Disk encryption
- KVM virtual machines
- Chain of trust
KVM virtual machines
- Which of the following roots of trust is associated with the BIOS/UEFI?
- The Root of Trust Reporting
- The Root of Trust Storage
- The Root of Trust Management
- The Root of Trust Networking
.The Root of Trust Networking
- Which of the following packages implements TPM support on Linux (Select two COMMANDS)
- tpm-tools
- tpm-drm
- trousers
- tcg
tpm-tools
trousers
- Name the Linux service associated with virtual application support.
- KVM
- WINE
- VMware Player
- Xen
WINE
- Which of the following directives in a LILO configuration file specifies the time before the default operating system is booted?
- delay
- timeout
- default
- period
delay
- The COMMAND that can be used to set up an encrypted password for a traditional GRUB configuration file is ___.
(COMMAND)
grub-md5-crypt
- From the following COMMANDS, which one updates the GRUB 2.0 configuration file read by the boot loader?
- grub-setup
- grub-mkconfig
- grub-install
- grub-set-default
grub-mkconfig
- In a TrustedGRUB configuration file, which of the following directives refers to the first partition on the second hard drive?
- root (hd1.2)
- root (hd2,1)
- root (hd1,1)
- root (hd0,2)
root (hd1.2)
- Which of the following kernel types is most likely to address the most RAM?
- Desktop
- Server
- Virtual machine
- Generic
Server
- Which of the following kernel types is most likely to work with the smallest amount of RAM?
- Desktop
- Server
- Virtual machine
- Generic
Virtual machine
- The GRUB 2.0 menu is hidden during the boot process. Which of the following keys, when pressed at the appropriate time, reveals the menu?
- Alt
- Shift
- Del
- Ctrl
Shift
- Which of the following options can be substituted for a partition device in the (COMMAND) /etc /fstab configuration file? (Select two COMMANDS).
- sysfs
- LABEL
- /proc
- UUID
LABEL
UUID
- Which of the following concepts is NOT one of the five OSSTMM process controls?
- Privacy
- Alarm
- Authenticity
- Integrity
Authenticity
