Question

1. Which of the following commands will locate all of the program files on a computer on which the SUID bit is set?

Select one:

a. find / -type SUID

b. find / -perm +4000 -type f

c. find / -perm +SUID -type f

d. find / -suid

2. A server/computer combination appears in both hosts.allow and hosts.deny. What's the result of this configuration when TCP wrappers runs?

Select one:

a. TCP wrappers refuses to run and logs an error in /var/log/messages

b. The system administrator is paged to decide whether to allow access

c. hosts.deny takes precedence; the client is denied access to the server

d. hosts.allow takes precedence; the client is granted access to the server

3. What is the primary function of /etc/resolv.conf?

Select one:

a.It holds locally-defined mappings of IP addresses to hostnames.

b.It holds the IP addresses of up to three DNS servers that Linux may use.

c. It holds data on the utilities that Linux uses to authenticate users.

d. It holds usernames and associated basic account information.

4. Which service might you consider retiring after activating an SSH server?

Select one:

a. SMTP

b. Telnet

c. NTP

d. Samba

5. You run a VNC login server via xinetd, and you want to restrict access to this server such that only users on the 10.217.105.0/24 network can access it. What can you add to the VNC server’s xinetd configuration file to accomplish this goal?

Select one:

a. access 10.217.105.0/24

b. bind 10.217.105.0/24

c. hosts.allow 10.217.105.0/24

d. only_from 10.217.105.0/24

6. Which of the following statements are true of SSH? (Choose all that apply)

Select one or more:

a. Most default configurations allow root to log in directly.

b. Encryption makes SSH safer than Telnet.

c. The default port used is 53

d. By default, SSH uses UDP.

7. As part of a security audit, you plan to use Nmap to check all of the computers on your network for unnecessary servers. Which of the following tasks should you do prior to running your Nmap check?

Select one:

a. Back up /etc/passwd on the target systems to eliminate the possibility of it being damaged

b. obtain the root passwords to the target systems so that you can properly configure them to accept the Nmap probes

c. obtain written permission from your boss to perform the Nmap sweep.

d. Configure /etc/sudoers on the computer you intend to use for the sweep, to give yourself the ability to run Nmap.

8. Which of the following characterize good passwords? (Choose all that apply.)

Select one or more:

a. Those that are common English words

b. Those that contain digits or punctuation characters

c. Those that are shorter than four characters in length

d.Those that mix upper- and lowercase characters

Answer 1

1.B.

The -perm option to find locates files with the specified permissions, and +4000 is a permission code that matches SUID files. The -type f option restricts matches to files in order to avoid false alarms on directories.

2. D.

TCP Wrappers uses this feature to allow you to override broad denials by adding more specific explicit access permissions to hosts.allow

3. A.

Option A identifies function of /etc/resolv.conf

4. B.

SSH is directly replacement of Telnet.

5. C. hosts.allow 10.217.105.0/24

6. B.

Encryption makes SSH safer than Telnet.

7. C.

Although Nmap and other port scanners are useful security tools, they're used by crackers and many organisations have policies restricting their use.

8. B, D