5.1 Basic Security and Identifying User Types

Question 1

Security

all system-local user account POSIX other than pw readable by all

Answer 1

/etc/pswd

Question 2

Security

all system-local group account POSIC readable by all

Answer 2

/etc/group

Question 3

Security

all system-local user pw hashes and expiration info - unreadable by any - only select processes.

Answer 3

/etc/shadow

Question 4

Security

all system-local priv escalation info/allowance by sudo command

Answer 4

/etc/sudoers

Question 5

Security

list real or effective user and group IDs

Answer 5

id

Question 6

Security

list users who logged in last

Answer 6

last

Question 7

Security

list users who are currently logged in

Answer 7

who

Question 8

Security

similar to who but with additional context

Answer 8

w

Question 9

Security

switch to another user with a login shell or run commands as that user by passing that user’s pw

Answer 9

su

Question 10

Security

switch User or Superuser Do - if entitled, the current user enters their own pw if required to raise priv

Answer 10

sudo

Question 11

Security

change user’s shell

Answer 11

chsh

Question 12

Security

change user’s info on the GECOS field

Answer 12

chfn

Question 13

Security

The UID and GID attributes are stored

Answer 13

/etc/passwd

Question 14

Security

The Groups attribute is stored

Answer 14

/etc/group

Question 15

Security

where is the has user password stored

Answer 15

/etc/shadow

Question 16

Security

cryptography used by default to store p/w locally on inux

Answer 16

one-way hash

Question 17

Security

If an account has a User ID (UID) enumerated under 1000, what type of account is this?

Answer 17

system account

Question 18

Security

How can you get a list of the active logins in your system, and a count of them as well?

Answer 18

Use the w command. Besides a list of all active logins, it will also show information like how
many users are logged in, along the system load and uptime.

Question 19

Security

commands to list current users logged into the system

Answer 19

w

who

Question 20

Security

command to list users that have disconnected.

Answer 20

last

Question 21

Security

What is the difference between the w and the who command

Answer 21

w command lists system utilization while who does not.

Question 22

Security

w command no header option

Answer 22

-h

Question 23

Security

w command short option

Answer 23

-s

Question 24

Security

w command ip address option

Answer 24

-i

Question 25

Security

file that stores a user’s one-way password hash

Answer 25

/etc/shadow

Question 26

Security

file that contains a list of groups a user account is a member of

Answer 26

/etc/group

Question 27

Security

What logic can be used to compile a list of groups a user account is a member of?

Answer 27

/etc/group

Question 28

Security

how to change current user’s login shell to Korn Shell (/usr/bin/ksh) in non-interactive mode?

Answer 28

chsh -s /usr/bin/ksh

Question 29

Security

why is the home directory of the root user not placed within the /home directory

Answer 29

because root account is required to troubleshoot and fix errors and may include file system issues related to /home directory and in such cases root should be fully functional even when /home file system is not available yet.