Day 6: Linux Security Essentials Flashcards by David Mills

(T/F) Windows is loaded on over 80% of all computers.

True

How well did you know this?

Not at all

Perfectly

(T/F) Windows is the OS that most mission-critical systems run on.

False

How well did you know this?

Not at all

Perfectly

(T/F) Most security appliances that are installed in a data center are running Linux

True

How well did you know this?

Not at all

Perfectly

What is the difference between a major breach and a minor breach?

It is not the system that is compromised, but the data it contains.

How well did you know this?

Not at all

Perfectly

What OS do most appliances and security devices run?

Linux

How well did you know this?

Not at all

Perfectly

(T/F) It is important to remember that although Windows has a much larger install base, Linux is usually installed on most important, mission critical systems.

True

How well did you know this?

Not at all

Perfectly

What OS do security analysts, assessment and penetration testers and many security teams using?

Linux

How well did you know this?

Not at all

Perfectly

(T/F) Linux started as a desktop OS, but has moved into the data center as a server.

False

How well did you know this?

Not at all

Perfectly

What are the main linux distributions?

Ubuntu (Debian)
Fedora (Red Hat)
Cygwin for Windows
Mac OS (BSD)

How well did you know this?

Not at all

Perfectly

What distribution is Kali based on?

Debian

How well did you know this?

Not at all

Perfectly

Often just called Linux, what is the proper nominclature?

GNU/Linux

How well did you know this?

Not at all

Perfectly

Who ported Minix (a UNIX teaching tool) to Linux from scratch for the Intel 386 platform?

Linus Torvalds

How well did you know this?

Not at all

Perfectly

What does Ubuntu mean when translated back to it’s African word?

Humanity to others

How well did you know this?

Not at all

Perfectly

Ubuntu is based on what branch of Linux?

Debian

How well did you know this?

Not at all

Perfectly

What linux branch is best known for its package management system?

Debian

How well did you know this?

Not at all

Perfectly

What is the Debian package-management system called?

APT: Advanced Package Tool

How well did you know this?

Not at all

Perfectly

How does APT work?

APT researches the package in question, sees what libraries and other programs that the package might need (these are called dependencies), goes out to the Internet and downloads them, installs them, presents any configuration choices to the user, and Chen checks it work - all done automatically.

How well did you know this?

Not at all

Perfectly

Does Ubuntu come with a default firewall and a graphical control for the firewall ENABLED?

How well did you know this?

Not at all

Perfectly

What Linux is Fedora based on?

RedHat

How well did you know this?

Not at all

Perfectly

With Fedora, is the firewall included and enabled?

Yes

How well did you know this?

Not at all

Perfectly

What is the most profitable Linux version?

RedHat

How well did you know this?

Not at all

Perfectly

With any OS is it critical to continually think about security and look at additional hardening measures?

Yes

How well did you know this?

Not at all

Perfectly

What are the major steps to securing Mac OS?

Turn on firewall to control access to the system.
Turn off unneeded services
Limit service sharing
Set up securing file sharing
Carefully monitor access lists
Use password assistant for stronger authentication

How well did you know this?

Not at all

Perfectly

What is the Linux command to list contents of a directory?

How well did you know this?

Not at all

Perfectly

What is the Linux command to list contents of a directory including long listing and shows attributes?

ls -l

What is the Linux command to list contents of a directory including both hidden and regular files?

ls -al

What is the Linux command to change the working directory?

What is the Linux command to rename a file?

What is the Linux command to change file attributes?

chmod

What is the Linux command to make a new directory?

mkdir

What is the Linux command to remove a directory?

rmdir

What is the Linux command to delete files?

What is the Linux command to copy files?

What is the DOS command to list contents of a directory?

dir /w

What is the DOS command to list contents of a directory including both hidden and regular files?

dir

What is the DOS command to list contents of a directory including both hidden and regular files?

dir /a

What is the DOS command to change the working directory?

What is the DOS command to rename a file?

rename

What is the DOS command to change file attributes?

attrib

What is the DOS command to make a new directory?

What is the DOS command to remove a directory?

What is the DOS command to delete files?

del

What is the DOS command to copy files?

copy

What is the Linux command to view file contents?

cat

What is the Linux command to print the current working directory?

pwd

What is the Linux command to view a page at a time

What is the Linux command to read the help manual?

man

What is the Linux command to find specific files?

find

What is the Linux command to perform string searches?

grep

What is the Linux command to switch user accounts?

What is the Linux command to delegate authority to users?

sudo

What is the Linux character to pipe one command into another one?

How do you create a file as output from commands?

What is the Linux command-line interpreter used to run programs on the computer?

shell

In Linux, what provides the use with an interface to the system?

shell

In linux, what listens to the terminal and translates requests into action by the kernel and programs?

shell

In Linux, what is the vehicle through which applications obtain permissions and interact with the kernel?

shell

In Linux, what is the root file system?

In Linux, what is the top of the directory hierarchy?

What can you use to find the commands for each different Linux distributions?

Unix Rosetta Stone

In Linux, what directory contains files used to talk to system devices?

/dev | /devices

In Linux, what directory contains the primary OS?

/usr

How should you setup the /usr directory for security?

Mount it read-only

In Linux, what directory contains logs, queues, etc.?

/var

In Linux, what directories contain executable programs, some of which are SUID or SGID?

/bin /usr/bin /usr/local /opt

In Linux, what directories contain user home directories?

/home | /export/home

(T/F) There used to be a lot of variance about where different files were located in different Linux flavors, but modern Linux variants use the same general file system layout.

True

In Linux, what is the top of the file system?

In Linux, what directory contains the special device files that programs running on the system use to communicate with the physical hardware devices controlled by the kernel?

/dev

In Linux, where are the most critical components of the OS found - including system binaries, programming library and tools?

/usr

In Linux, what directory has the online documentation?

/usr

In Linux, what directory should be thought of as read-only after the OS is loaded until the system is upgraded or patched?

/usr

In Linux, what directory is the place where the system keeps frequently changing data, such as logs and temporary queues?

/var

In Linux, the standard convention is to put 3rd party software obtained from the Internet into what directory?

/usr/local

SYSV-derived systems such as Solaris and HP-UX often put 3rd-party software into which directory?

/opt

What are the Linux File System Security Goals?

1. Protect OS binaries in /usr 2. Prevent introduction of SUID programs and unauthorized devices 3. Allow other software to be installed 4. Discourage DoS attacks

After a system is compromised, the attacker likely wants to install a rootkit. Typically, the binaries that the attacker replaces are OS programs in which directory?

/usr/bin | /usr/sbin

What is called a set of binaries that gives an attacker a back door into the system and helps them escape detection by the system administrator?

Rootkit

(T/F) The administrator should not attempt to stop people from creating or bringing unauthorized set-UID and set-GID programs on the machine.

Falst

Administrators partition file systems to prevent what types of attacks?

Denial of Service (DoS)

What is the golden rule?

The best way to secure a service is to turn it off, and if it's not needed, uninstall it.

The phase "The best way to secure a service is to turn it off, and if it's not needed, uninstall it" is known as?

The golden rule

(T/F) Although many security mechanisms are built into Linux, there is no such thing as a secure Linux install.

True

Linux Classic init is also known as what style initialization?

System-V

In Linux, what is the original boot time service starter?

init

(T/F) In Linux, init does not follow a linear process.

false

(T/F) In Linux, init is able to detect and handle sudden changes in the system.

False

In Linux, when does init track services?

boot & shutdown

Does init in Linux System-V use runlevels ?

Yes

Using Classic init Linux, when the system is powered on and after the kernel if fully running, what is the first process to start?

init

In Classic init Linux, what is responsible for the setup of the entire user environment?

init

The init process starts as what process id (PID)?

In Classic Linux, what is the parent process to all other processes and adopts all orphaned processes in the user space?

init | PID 1

(T/F) init was created at a time when parallel processing and changes to a running system did not exists, put they are now commonplace.

True

(T/F) init is aware of changes made to the system while it is running.

False

When is the only time that init deals with services?

Startup and Shutdown