ch 2

Question 1

/etc/passwd

Answer 1

stores the actual user account and maintains various settings related to accounts.

Question 2

/etc/shadow

Answer 2

stores password information for the accounts. Only available to root user.

Question 3

Why would some user use different shells?

Answer 3

If a user has more experience with another shell they might prefer to use that shell over bash (the most common shell).

Question 4

/etc/profile

Answer 4

to set system-wide environment variables and startup programs for new user shells.

Question 5

/etc/bashrc

Answer 5

to establish system-wide functions and aliases for new user shells.

Question 6

/etc/skel

Answer 6

A sysadmin can store files in this directory and have those files automatically copy to the home directory of any new user.

Question 7

useradd

Answer 7

The command that creates a user

Question 8

usermod

Answer 8

The command that modifies existing users

Question 9

userdel <user></user>

Answer 9

The command that deletes a user

Question 10

useradd -c

Answer 10

set the comment value

Question 11

syntax for useradd command

Answer 11

useradd -options argument (ex- useradd -c “Kai Garcia”)

Question 12

passwd command

Answer 12

sets a password for a user (ex passwd [username])

Question 13

adduser command

Answer 13

Some Linux distributions use the adduser command instead of useradd.
Some systems recognize both. The adduser command prompts administrators for details, including home directory locations and full names. Perhaps most importantly, adduser prompts sysadmins to set a user password. The adduser command can be added to a Linux system.

Question 14

Why are user passwords stored in the /etc/shadow file and not the
/etc/passwd file?

Answer 14

The /etc/passwd file can be read by all processes and therefore isn’t as secure. The /etc/shadow file
can only be read by root.

Question 15

What is the purpose of the /etc/skel directory?

Answer 15

Any files stored in this directory are automatically copied to the home directory of new user accounts. Profile files and other configurations can be easily set using /etc/skel.

Question 16

Why might an administrator change a user’s default shell?

Answer 16

The user may be more comfortable with a different shell than Bash, such as the Zsh or Ksh.

Question 17

/etc/group

Answer 17

shows existing group files and any users that are in groups.

Question 18

groupadd

Answer 18

create a new group

Question 19

groupmod

Answer 19

modify an existing group

Question 20

groupdel

Answer 20

remove an existing group

Question 21

groupmod -n

Answer 21

changes the name of the group

Question 22

how to add a user to a group

Answer 22

usermod -aG (without “a” the user will be removed from all other groups)

Question 23

Suggest at least two ways to display group membership information.

Answer 23

View the /etc/group file, id command, group command

Question 24

What command adds a user to a group?

Answer 24

The usermod command (usually with the -aG options).

Question 25

What is the result if an administrator forgets to add the -a option when adding a user to a group?

Answer 25

The user is added to the specified group but removed from all other groups.

Question 26

Why might a user be a member of multiple groups?

Answer 26

Membership in multiple groups provides access to different resources. For example, a user who is a member of both the sales group and the marketing group can be granted access to both types of resources.

Question 27

su

Answer 27

used for switching back and forth between users (usually root user and another lesser user to accomplish tasks. admin should really only do this)

Question 28

sudo

Answer 28

enables server admin to delegate specific commands to specific users

Question 29

/etc/sudoers

Answer 29

file to do delegation with visudo editor. do not edit file with vim or nano. it is sensitive.

Question 30

wheel group

Answer 30

allows members to use sudo command without having to sign in as the root user.

Question 31

A developer at your organization needs the ability to reboot a test server, but their account’s standard privileges do not permit this. The developer requests the system's root user password in order to use su to reboot the server. Is there a more secure option that aligns with the principle of least privilege?

Answer 31

A better option is sudo, which allows the administrator to delegate only the necessary task (in this case, rebooting the server). The root password combined with su would grant more than just the reboot privilege

Question 32

How are the su root and su - root commands different?

Answer 32

The su root command switches the user identity to that of root within the user profile settings of the original user. The su - root command switches the user identity to that of root with the root user’s own profile settings.

Question 33

You must delegate the shutdown -h privilege to SOMEUSER. What tool is used to modify the /etc/sudoers file, and what line must be added to that file?

Answer 33

The visudo command is run to edit the file. The following line is added to the file: SOMEUSER ALL=(ALL) NOPASSWD: SHUTDOWN_CMDS

Question 34

Whose password must be entered with sudo? Whose password must be entered with su?

Answer 34

The user’s own password must be entered with sudo. The destination user’s password must be entered with su.

Question 35

sudo killall -u [username]

Answer 35

the command to kill or halt all processes for the user

Question 36

List at least three scenarios where you might need records of who logged in to a Linux system.

Answer 36

security incident response, security audit, troubleshooting account access

Question 37

Another administrator asks you to explain the value of editing the /etc/ sudoer’s file with visudo rather than a traditional text editor. What is your response?

Answer 37

The visudo editor confirms the syntax of the /etc/sudoers file. The file is very sensitive, and misconfiguration could prevent administrative access to the system.

Question 38

List at least three reasons a user account might be locked.

Answer 38

An administrator locked the account while the user was on a leave of absence, an incorrect password was entered too many times, and password settings are misconfigured.

Question 39

During a security audit it is discovered that a user does not have a password set. When you check the /etc/passwd file, the password field is properly populated with the x character. What file would actually display whether a password has been set for the user?

Answer 39

/etc/shadow

Question 40

A user places sudo before a command, but the command still fails to run. What might be the cause?

Answer 40

The /etc/sudoers file is not configured for the user or for the command.

Question 41

An administrator asks you how to delegate Linux administrative privileges to a specific user. What group is used for such delegation?

Answer 41

the wheel group