Security Flashcards
In an xinetd configuration file, which attribute specifies the network address that will be used to
provide the service?
bind, interface
What argument to the -type option of find will match files that are symbolic links? (Specify only the argument and no other options or words.)
I
With X11 forwarding in ssh, what environment variable is automatically set in the remote host shell that is not set when X11 forwarding is not enabled? (Specify only the environment variable without any additional commands or values.)
DISPLAY, $DISPLAY
The presence of what file will temporarily prevent all users except root from logging into the system? (Specify the full name of the file, including path.)
/etc/nologin
Which configuration file would be edited to change the default options for outbound SSH sessions? A. /etc/ssh/sshd_config B. /etc/ssh/ssh C. /etc/ssh/client D. /etc/ssh/ssh_config E. /etc/ssh/ssh_client
/etc/ssh/ssh_config
Which of the following programs uses the hosts.allow file to perform its main task of checking for access control restrictions to system services?
A. tcpd
B. inetd
C. fingerd
tcpd
Which command is used to set restrictions on the size of a core file that is created for a user when a program crashes? A. core B. edquota C. ulimit D. quota
ulimit
When trying to unmount a device it is reported as being busy. Which of the following commands could be used to determine which process is causing this? A. debug B. lsof C. nessus D. strace E. traceroute
lsof
Which configuration file would be edited to change default options for the OpenSSH server? A. /etc/ssh/sshd_config B. /etc/ssh/ssh C. /etc/ssh/server D. /etc/ssh/ssh_config E. /etc/ssh/ssh_server
/etc/ssh/sshd_config
Which configuration file does sudo read when determining if a user is permitted to run applications with root privileges? A. /etc/security.conf B. /etc/supasswd C. /etc/sudoers D. /etc/sudo.conf
/etc/sudoers
Which of the following commands can be used to associate open TCP ports with the processes that opened the ports? A. ptrace B. strace C. debug D. nessus E. lsof
lsof
Instead of using specific host names or IP addresses, which string can be used in /etc/hosts.allow entries to cover any remote host no matter of its name or address? (Specify the relevant string only without any additional options or arguments.)
ALL
Which of the following resources can be directly limited for a given user using ulimit? (Choose THREE correct answers.)
A. Maximum seconds of CPU time spent.
B. Maximum number of open file descriptors.
C. Maximum number of processes available.
D. Maximum number of concurrent login sessions.
E. Maximum seconds of login duration per session
A. Maximum seconds of CPU time spent.
B. Maximum number of open file descriptors.
C. Maximum number of processes available.
Depending on the host's configuration, which of the following files can be used to turn on and off network services running on a host? (Choose TWO correct answers.) A. /etc/profile B. /etc/services C. /etc/inetd.conf D. /etc/xinetd.conf E. /etc/host.conf
C. /etc/inetd.conf
D. /etc/xinetd.conf
How do shadow passwords improve the password security in comparison to standard passwd passwords?
C. The system’s host key is used to strongly encrypt all shadow passwords.
D. Shadow passwords are always combined with a public key that has to match the user’s private
key.
E. Regular users do not have access to the password hashes of shadow passwords.
Regular users do not have access to the password hashes of shadow passwords
