Module 4

Question 1

What is Source code?

Answer 1

Source code: Programming code in text format compiled into software you can run

Question 2

What does closed source mean?

Answer 2

Closed source: Describes software that gives the end user little to no access to the source code and limited freedom to change and implement that software based on a very restrictive license compared to open-source licenses. Examples: Microsoft, UNIX, IBM z/OS

Question 3

What is Linux Kernel?

Answer 3

Linux kernel: A foundational Linux component responsible for the low-level interface between an operating system and hardware

Question 4

what is Bootloader?

Answer 4

Bootloader: Code run by a computer after it starts. The bootloader can then be pointed to the Linux kernel on storage/disk to start the Linux kernel (i.e., bootstrapping).

Question 5

What are drivers?

Answer 5

Drivers: Software that makes computer devices available for use by applications. File system drivers “present” the filesystem to applications that save files.

Question 6

What does the network do?

Answer 6

Network: Allows applications to communicate from a computer to other computers over wired (Ethernet) and wireless networks (IEEE 802.11)

Question 7

What are Linux Security Modules do? (LSM)

Answer 7

Linux Security Modules (LSM): Primarily designed as enhanced access control
mechanisms called mandatory access control (MAC); including AppArmor, SELinux, Smack, and TOMOYO. Do not confuse this MAC with the layer 2 media access control addresses in Ethernet.

Question 8

What are Processes, instances, and threads?

Answer 8

Processes, instances, and threads: Hardware resources and “time” to run (i.e., an instance) allocated by an operating system when code is run. This process can perform multiple activities, which are known as threads.

Question 9

What are sessions?

Answer 9

Sessions: Consists of a group of processes. When users log in, applications and services
(known as daemons) are instantiated and grouped into process groups.

Question 10

What does tty, pty: Teletype and pseudo-teletype mean?

Answer 10

tty, pty: Teletype and pseudo-teletype; terminal types used for interactive CLI and GUI applications

Question 11

What is a Service (daemon)?

Answer 11

Service (daemon): A process that involves no interaction with a user

Question 12

What are Applications?

Answer 12

Applications: Any process that the user can interact with

Question 13

What is a password?

Answer 13

Password: A series of characters known by a user and used in conjunction with user
accounts to ensure a user’s identity

Question 14

What is a login prompt?

Answer 14

Login prompt: Triggers applications and services (daemons) to instantiate and group into process groups when a user logs in

Question 15

What is a Command-line interface (CLI)?

Answer 15

Command-line interface (CLI): A user interface that allows for typing commands within a Linux system; starts on bootup or launches from the graphical user interface (GUI) via the terminal emulator application

Question 16

What is a Graphical user interface?

Answer 16

Graphical user interface (GUI): A user interface that provides interaction with a windowed environment to launch applications with a pointing device (e.g., a mouse); generally starts on
bootup

Question 17

What is a GNU Core Utilities (coreutils)

Answer 17

GNU Core Utilities (coreutils): A foundational Linux component that provides common
commands integrated with the command-line interface (CLI). The coreutils package contains many common commands that include but are not limited to ls, mv, cp, touch, cat, and pwd.

Question 18

What is a X server?

Answer 18

X server: A foundational Linux distro component that provides a graphical user interface
(GUI)

Question 19

What is a Package Management?

Answer 19

Package management: A foundational component that provides software and service installation, updates, and removal

Question 20

What does Client mean in regards to Lenux or networking?

Answer 20

Client: Requests resources or services from a server

Question 21

What does a Server do?

Answer 21

Server: Provides resources or services for a client

Question 22

How do computers use protocols?

Answer 22

Protocols: Used by computer systems to agree on how to communicate with one another over a network

Question 23

What are Vulnerabilities?

Answer 23

Vulnerabilities: Weakness in software or a system

Question 24

What are threats?

Answer 24

Threats: Actor that seeks to exploit vulnerabilities

Question 25

What are exploits?

Answer 25

Exploits: An action taken by an actor to compromise a system by using vulnerabilities

Question 26

what is ransomware?

Answer 26

Ransomware: Malware used to deprive organizations of access to their information until they pay a ransom

Question 27

What is a bot?

Answer 27

Bot: A system infected by malware that allows for remote command and control (C&C) of the infected systems

Question 28

What does C&C mean?

Answer 28

C&C: Command and control or C2; refers to systems that control already infected systems (bots) to launch various attacks (e.g., a DDoS or a coin-mining operation)

Question 29

How does a worm work and what is it?

Answer 29

Worms: Malware that propagates by detecting other systems on a network with specific vulnerabilities and then by replicating its code on the system to exploit those vulnerabilities

Question 30

What does DDoS stand for and what does it do?

Answer 30

Distributed Denial of Service (DDoS): An attack that uses C&C and bots to send traffic to systems that overwhelm those systems

Question 31

What is Kali Linux?

Answer 31

Kali Linux: A popular Linux distro that includes many useful security tools

Question 32

What is Endpoint Security?

Answer 32

Endpoint security: Security controls installed on endpoint systems, such as computers

Question 33

What is Anti-Malware?

Answer 33

Anti-Malware: Software or tools designed to detect, prevent, and remove malicious
software (malware) from computer systems, protecting them from cyber threats such as
viruses, ransomware, and spyware

Question 34

What is ClamAV?

Answer 34

ClamAV: A toolkit and malware detection engine that can quickly scan files

Question 35

How does a firewall work?

Answer 35

Firewall: A system or device that has configurable rules that protect systems from other hosts on the network

Question 36

What are iptables?

Answer 36

iptables: A firewall software package for Linux systems

Question 37

What doe DDoS mitigation mean?

Answer 37

DDoS mitigation: The people, processes, and technology involved in thwarting a DDoS attack

Question 38

What is ClamAV ?

Answer 38

ClamAV is an open source (GPLv2) anti-virus toolkit, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library.

Tip: ClamAV is not a traditional anti-virus or endpoint security suite. For a fully featured modern endpoint security suite, check out Cisco Secure Endpoint.

ClamAV is brought to you by Cisco Systems, Inc.

Question 39

what is hardening?

Answer 39

Hardening: An all-encompassing term that describes tools, controls, and processes used to increase infrastructure security

Question 40

What is user configuration?

Answer 40

User configuration: Proper password rules and user setup, which are critical to server
security and required in modern server software

Question 41

What are business requirements in regards to security?

Answer 41

Business requirements: The processes, assets, people, and practices that are necessary for a business to operate and that must be considered when assessing security updates

Question 42

What is over hardening?

Answer 42

“Over hardening”: Occurs when the application of security controls impacts the ability of users to work on a system (i.e., availability is impacted)

Question 43

What is under hardening?

Answer 43

“Under hardening”: Occurs when there are insufficient security controls in place to address risks identified in the risk management process

Question 44

What is access control?

Answer 44

Access control: A security control that endeavors to limit access to individuals who need permission to obtain specific information

Question 45

What is baselining?

Answer 45

Baselining: A standard set of security configurations applied to a set of similar systems in an organization

Question 46

What are security controls?

Answer 46

Security controls: Any administrative, technological, or physical controls used to implement proper security

Question 47

What is a host firewall?

Answer 47

Host firewall: A generic term for a firewall installed on a host system. Example:
iptables/nftables

Question 48

What is patching?

Answer 48

Patching: Software updates that remediate security vulnerabilities