Linux 1 Flashcards
Chapter 6-12 RHE
Term/Command
Description
/home
Directory containing user home directories
/root
Home directory for the root user
/etc/passwd
File containing user account information
/etc/shadow
File containing encrypted passwords and other security information for user accounts
/etc/group
File containing group account information
/etc/gshadow
File containing encrypted passwords and other security information for group accounts
/etc/dnf.conf
Configuration file for the DNF package manager
/etc/ssh/sshd_config
Configuration file for the SSH daemon
/etc/yum.repos.d/
Directory containing YUM repository configuration files
/etc/hostname
File containing the system hostname
/etc/hosts
File mapping hostnames to IP addresses
/etc/resolv.conf
File containing DNS resolver configuration
alias
Command to create aliases for other commands
bash
Command to execute the Bash shell
cat
Command to concatenate and display file contents
cut
Command to extract sections from each line of files
dnf
Package manager command for Fedora/RHEL
echo
Command to display a line of text
env
Command to display environment variables
export
Command to set environment variables
file
Command to determine file type
grep
Command to search text patterns in files
gzip
Command to compress files
gunzip
Command to decompress gzip files
head
Command to display the beginning of files
history
Command to display command history
less
Command to view files with pagination
let
Command for integer arithmetic in Bash
locate
Command to find files by name
man
Command to display manual pages
nologin
Shell used for users who are not allowed to log in
pwd
Command to print current working directory
set
Command to set or unset shell options and positional parameters
sort
Command to sort lines of text files
tail
Command to display the end of files
tar
Command to manipulate tape archives
tee
Command to read from standard input and write to standard output and files simultaneously
tr
Command to translate or delete characters
type
Command to display information about commands
umask
Command to set default permissions for new files and directories
uniq
Command to remove duplicate lines from sorted files
unset
Command to unset environment variables
wc
Command to count words, lines, and characters in a file
whereis
Command to locate binary, source, and manual page files for a command
which
Command to display the full path of shell commands
whoami
Command to display the current username
cp
Command to copy files and directories
find
Command to search for files in a directory hierarchy
ln
Command to create links between files
ls
Command to list directory contents
mkdir
Command to create directories
mv
Command to move or rename files and directories
rm
Command to remove files or directories
rmdir
Command to remove empty directories
touch
Command to create empty files or update file timestamps
bg
Command to move a job to the background
chage
Command to change user password expiry information
chfn
Command to change user information
chgrp
Command to change group ownership of files and directories
chmod
Command to change file permissions
chown
Command to change file owner and group
chsh
Command to change the user’s login shell
fg
Command to bring a job to the foreground
free
Command to display amount of free and used memory in the system
groupadd
Command to create a new group
groupdel
Command to delete a group
groupmod
Command to modify a group
iostat
Command to display CPU and I/O statistics
jobs
Command to list active jobs
kill
Command to send signals to processes
killall
Command to kill processes by name
nice
Command to run a command with modified scheduling priority
passwd
Command to change user password
pkill
Command to send signals to processes based on name
ps
Command to display information about processes
pstree
Command to display a tree of processes
renice
Command to alter the priority of running processes
rpm
Package manager command for RPM-based Linux distributions
shutdown
Command to shut down or reboot the system
su
Command to switch user
sudo
Command to execute a command as another user with superuser privileges
top
Command to display system resource usage and running processes
updatedb
Command to update the file database used by locate
useradd
Command to create a new user
userdel
Command to delete a user
usermod
Command to modify user account attributes
watch
Command to execute a program periodically and display the output
uname
Command to display system information
dig
Command-line DNS lookup utility
host
Command-line utility for performing DNS lookups
hostname
Command to display or set the system’s hostname
ip
Command to show/manipulate routing, devices, policy routing, and tunnels
ping
Command to send ICMP Echo Request to network hosts
ping6
Command to send ICMPv6 Echo Request to network hosts
ss
Command to investigate sockets
tracepath
Command to discover the MTU along the path to a target destination
traceroute
Command to trace the route that packets take to reach a network host
traceroute6
Command to trace the route that IPv6 packets take to reach a network host
nmcli
Command-line interface for NetworkManager
ssh
Command to connect to a remote machine securely using the SSH protocol
ssh-copy-id
Command to copy SSH keys to a remote server’s authorized keys file
ssh-keygen
Command to generate, manage, and convert authentication keys for SSH
OpenSSH
Suite of secure networking utilities based on the SSH protocol
NetworkManager
Daemon managing network connections and devices
sshd
SSH daemon responsible for securely accepting connections, providing shell access, etc.
systemctl
Command to control systemd system and service manager
systemctl –version
Command to display the systemd version
systemctl is-active
Command to check if a unit is active
systemctl isolate multi-user.target
Command to change the system state to multi-user mode
systemctl isolate graphical.target
Command to change the system state to graphical mode
systemctl status x.service
Command to display status of a specific service
systemctl stop x.service
Command to stop a specific service
systemctl enable x.service
Command to enable a specific service to start automatically at boot
systemctl disable x.service
Command to disable a specific service from starting automatically at boot
systemctl list-dependencies x.service
Command to list dependencies of a specific service
systemctl list-dependencies x.target
Command to list dependencies of a specific target
systemctl list-units
Command to list loaded units (services)
systemctl list-units –type service
Command to list loaded services
systemctl list-unit-files
Command to list installed unit files
/etc/systemd/
Directory containing systemd configuration files
/usr/lib/systemd/system/
Directory containing systemd unit files
/etc/systemd/system/
Directory containing user-created systemd unit files
/etc/systemd/system/default.target
Symbolic link to the default systemd target unit
/etc/systemd/system/multi-user.target.wants/
Directory containing symlinks to services that should be started when the system enters multi-user mode
/etc/systemd/system/multi-user.target
Symbolic link to the multi-user target unit
/etc/systemd/system/sysinit.target
Symbolic link to the sysinit target unit
/etc/systemd/system/basic.target
Symbolic link to the basic target unit
/etc/systemd/system/graphical.target
Symbolic link to the graphical target unit
^Z
Keyboard shortcut to suspend a process
^C
Keyboard shortcut to interrupt/terminate a process
^D
Keyboard shortcut to signal end-of-file (EOF)
&
Special character used for job control and running processes in the background
Process Attributes and States
Different states a process can be in: Running (R), Sleeping (S), Stopped (T), Dead (D), Idle (I), Zombie (Z)
Environment variables
Variables that define the environment in which a process runs
Standard input
Default input stream for a process
Standard output
Default output stream for a process
Standard error
Default error output stream for a process
Healthy Multiuser System
Maintaining system health and stability with multiple users
Regular Maintenance
Scheduled tasks and routines to ensure system reliability
Software Update with RHEL
Updating software packages and repositories with Red Hat Enterprise Linux (RHEL)
Usernames and UserIDs (UIDs)
Identifiers used to uniquely identify users on a Unix-like operating system
root account
Superuser account with administrative privileges
system accounts
Special user accounts used by system services and daemons
user accounts
Accounts created for individual users
Network Interface Names
Naming conventions for network interfaces
Security Best Practices
Best practices for ensuring system and network security
Public and Private Keys
Cryptographic keys used for authentication and encryption
File globbing
Pattern matching for file and directory names
Absolute and relative paths
Methods for specifying the location of files and directories
File formats
Formats and structures of commonly used system files
/etc/passwd
Format of the password file containing user account information
/etc/group
Format of the group file containing group account information
Importance of Software Updates
Importance of keeping software up to date to address security vulnerabilities and bugs
Concept of Package Management
Managing software installation, updates, and removal in a systematic manner
Dependency concept
Relationship between software packages and their dependencies
Package Managers
Tools used for installing, upgrading, configuring, and removing software packages
RPM Package Manager
Package management system used in Red Hat-based Linux distributions
chown command
Changes file ownership. The -R option recursively changes the ownership of a directory tree.
umask command
Displays or sets the default file permissions for newly created files.
Default umask values for Bash
Defined in /etc/login.defs and might be affected by settings in /etc/profile, /etc/bashrc, files in /etc/profile.d, or user’s shell initialization files.
suid, sgid, and sticky bits
Special permissions providing additional access-related features to files.
Process
A running instance of an executable program, with states including running, sleeping, stopped, or zombie.
ps command
Lists processes running on the system.
Terminal Session
Each terminal has its own session, with a foreground process and independent background processes.
jobs command
Displays processes within a terminal session.
Signal
A software interrupt reporting events to an executing program.
kill command
Sends a signal to control processes.
pkill command
Sends a signal to control processes based on process names.
killall command
Sends a signal to control processes based on process names.
Load Average
An estimate of how busy the system is.
top command
Displays dynamic real-time information about running processes and system resource usage.
uptime command
Displays how long the system has been running and the average system load over different time intervals.
w command
Displays information about currently logged-in users and what they are doing, including load average.
systemd
Provides a method for activating system resources, server daemons, and other processes at boot time and on a running system.
systemctl start/stop/reload/enable/disable [service]
Commands used with systemctl to manage services, including starting, stopping, reloading, enabling, and disabling.
systemd utility
Used to manage service units, socket units, and path units.
systemctl status [unit]
Command used to determine the status of system daemons and network services started by the systemd utility.
systemctl list-dependencies [unit]
Command to list all service units that a specific service unit depends on.
Masking a service unit
systemd feature allowing a service unit to be masked so that it does not run, even to satisfy dependencies.
ssh command
Allows users to securely access remote systems using the SSH protocol.
Known Hosts files (~/.ssh/known_hosts and /etc/ssh/ssh_known_hosts)
Files where client systems store identities of remote servers.
SSH authentication types
Supports both password-based and key-based authentication methods.
ssh-keygen command
Generates an SSH key pair for authentication.
ssh-copy-id command
Exports the public key to remote systems for key-based authentication.
sshd service
Implements the SSH protocol on Red Hat Enterprise Linux systems.
/etc/ssh/sshd_config file
Configuration file for advanced SSH settings.
Recommended SSH configurations
Disable remote logins as root and require public key authentication instead of password-based authentication.
TCP/IP network model
A simplified, four-layered model describing how different protocols interoperate for sending traffic over the internet.
IPv4
The primary network protocol used on the internet today.
IPv6
Intended as a replacement for IPv4 network protocol.
Dual-stack mode
Red Hat Enterprise Linux operates using both IPv4 and IPv6 protocols simultaneously by default.
Network routes
Determine the correct network interface to send packets to a particular network.
NetworkManager daemon
Monitors and manages network configuration.
nmcli command-line tool
Configures network settings with the NetworkManager daemon.
Network configurations directory
In Red Hat Enterprise Linux 9, the default location is /etc/NetworkManager/system-connections.
System’s static hostname
Stored in the /etc/hostname file.
hostnamectl command
Modifies or views the status of the system’s hostname and related settings.
Red Hat Subscription Management
Provides tools for entitlements, updates, and tracking support contracts and subscriptions.
RPM packages
Software provided in RPM format for installation, upgrading, and uninstallation on the system.
rpm command
Can query local database for package information and install downloaded package files.
dnf utility
A powerful command-line tool for installing, updating, removing, and querying software packages.
Application Streams
Red Hat’s feature to provide a single repository hosting multiple versions of application packages and dependencies.
For hardening purposes, what is the primary benefit of having the file /etc/shadow?
It stores encrypted user passwords, making them unreadable directly.
Which of the following represents the symbolic permission to give the owner read and write access, the group only read access, and others no access?
u=rw,g=r,o=-
If a Linux file has the permissions -rw-r–r–, who has the ability to write to the file?
Only the owner
Which of the following files contains encrypted passwords of users?
/etc/shadow
Setting the ‘s’ bit on a file in the user ownership does which of the following:
All processes created using that file run with the user ownership of the command file
To be able to change into directory Dir1, what is the minimum permissions necessary for the Dir1 directory?
Execute (x)
What is the octal permission of a directory that allows the owner to access files if they know their names, but not to list or to change the file names?
100
Setting the ‘s’ bit on a directory in the group ownership does which of the following:
All files created in that directory will have the same group ownership as the parent directory
The UID and GID for a user can be found in which file?
/etc/passwd
The /etc/group file contains information about:
Group memberships
For system hardening purposes, how can an administrator restrict a specific user from using the sudo command to gain superuser privileges?
Explicitly deny the user in the /etc/sudoers file or associated configurations.
In the context of Linux access controls, what does DAC stand for?
Discretionary Access Control
Setting the ‘s’ bit on a file in the group ownership does which of the following:
All processes created using that file run with the group ownership of the command file
In an empty directory, you run the commands: touch ??? * ; chmod 111 * chmod 444 ??? ; chmod 666 ‘*’ ; chmod 333 * What permissions are on file ??? after above commands?
-wx -wx -wx
What is the octal mode of a directory that allows only the user to cd into it and list the names in it and create any new files?
700
Which command is used to change the ownership of a file in Linux?
chown
Which of the following commands is used to show the user’s own identity and group information?
id
Which of the following commands can be used to change the ownership of a file in Linux?
chown
Which file in Linux contains the encrypted passwords of users?
/etc/shadow
Which command is used to modify an existing user’s information in Linux?
usermod
Which of the following commands is used to change a user’s default login shell?
chsh
In the file /etc/group, what does the last field represent?
List of users
What is the easiest way for root to allow a regular user in Red Hat Enterprise Linux to run any administrator commands with sudo?
Add the user to the wheel group
What value of umask gives the permissions below to a new file: rw-rw-r–
2
You are working at the Linux command line and your username is “homer”. You execute the command ls and see the following output: -rw-rw-r– 1 homer homer 387 Nov 28 08:26 bigfoot -rwxr-xr-x 1 homer homer 1851882 Nov 28 08:26 dragon -rwxrwxr-x 1 homer homer 15957213 Nov 28 08:26 kraken What command can you type which will remove execute permission from the file dragon for all users except yourself?
chmod 744 dragon
Refer to the exhibit above. What would be the permissions of f1.txt after executing the last command?
700
When hardening a server system, which account should have its direct login access blocked?
Root user
In a Linux system, which account type is created for running specific services or applications?
System users
If an administrator wants to efficiently manage multiple users’ default settings upon creation, which directory plays a critical role?
/etc/skel
What Linux command can be used to set the default permissions for all newly created files?
umask
Which command allows you to view the groups a user belongs to?
id
If an administrator wishes to prevent a specific user from using the sudo command, they should edit which file?
/etc/sudoers
What command is used to create a new group?
groupadd
To ensure a user cannot directly log into the system, which shell should be assigned in /etc/passwd?
/bin/nologin
In a multi-user GNU/Linux environment, which command is the safest to use when changing a user’s default shell?
chsh
What Linux command can be used to change the group of a file?
chgrp
You are working at the Linux command line. What command can you type which will result in a new file being given the following permissions by default: - The file owner can read and write to the file, but not execute it. - Everyone other than the owner can read the file, but not write to or execute it.
umask 133
The filename /etc/passwd is a(n) _________________.
Absolute path
Which of the following is not true of the root user?
The root user can access any computer on the network.
Which Access Control Technique is based on security labels and is mandatory regardless of the user’s wishes?
MAC
