IS3440 CHAP 10 KERNEL SECURITY RISK MITIGATION

Question 1

___ in the context of computing, is reference to the type of CPU, such as i386 for 32-bit Intel and AMD systems.

Answer 1

Architecture

Question 2

___ is the context of the kernel, is an incorporated feature from a later kernel.

Answer 2

Backport

Question 3

___ is the name of the Ubuntu distribution released in April 2008 with long-term support.

Answer 3

Hardy Heron (8.04)

Question 4

___ is an IBM system that uses IBM Performance Optimization With Enhanced RISC (POWER) CPUs.

Answer 4

iSeries

Question 5

___ is a family of 64-bit CPUs developed by Intel. Red Hat has supported these CPUs through Red Hat Enterprise Linux 5, but will not continue support in later releases.

Answer 5

Itanium

Question 6

___ is the Linux kernel developer responsible for the release of stable kernels.

Answer 6

Kroah-Hartman, Greg

Question 7

___ is a framework for security support within the Linux kernel, associated with mandatory access control. Examples: SELinux and AppArmor.

Answer 7

(LSMs) Linux security modules

Question 8

___ is the name of the Ubuntu distribution released in April 2010 with long-term support.

Answer 8

Lucid Lynx (10.04)

Question 9

___ describes a network packet with modified headers.

Answer 9

Mangled

Question 10

___ is a packet with an impossible source or destination address. Example- a packet from the Internet with a source address of a private Internet Protocol (IP) address network would be one.

Answer 10

Martian packet

Question 11

___ is a Linux package that refers to other packages. Example: linux - image refers to the latest version of the generic kernel built for Ubuntu.

Answer 11

Meta package

Question 12

___ is a reference to a software interface that is similar to the underlying hardware. It may require a special kernel.

Answer 12

Paravirturalized

Question 13

___ is the IBM Reduced Instruction Set Computing (RISC) server and workstation product line designed for UNIX systems; some Red Hat Enterprise Linux releases are built for these.

Answer 13

pSeries

Question 14

___ is a Linux security module for mandatory access control; functionally similar to SELinux and AppArmor.

Answer 14

(SMACK) Simplified mandatory access control kernel

Question 15

___ is a reference to network transmissions with a false source address.

Answer 15

Spoofed

Question 16

___ is a reference to the kernel developed and released by the Linux Kernel Organization.

Answer 16

Stock kernel

Question 17

___ is a Linux security module for mandatory access control; functionally similar to SELinux and AppArmor.

Answer 17

TOMOYO

Question 18

___ is the developer of the first Linux kernel and is the current leader of Linux kernel developers.

Answer 18

Torvalds, Linus

Question 19

___ is a specialized kernel for virtual machine monitors that supports hardware-assisted virtualization on systems with suitably capable CPUs.

Answer 19

Xen kernel

Question 20

1. Which of the following features is no longer associated with a separate kernel on many Linux distributions?
2. Virtual machine hosts
3. Xen
4. SMP
5. Servers

Answer 20

SMP

Question 21

2. When an updated kernel is released with a security update, which of the following numbers in the kernel is changed?
3. Major version
4. Minor version
5. Update version
6. Patch number

Answer 21

Patch number

Question 22

3. Which of the following commands can be used to unpack and uncompress a stock kernel in .tar.bz2 format?
4. tar xzf
5. tar xjf
6. tar xbf
7. tar xuf

Answer 22

tar xzf

Question 23

4. The Web site associated with the Linux Kernel Organization is ___.

Answer 23

http://kernel.org/

Question 24

5. Which of the following actions should you NOT take when implementing a new kernel?
6. Upgrade
7. Install
8. Patch
9. Compile

Answer 24

Upgrade

Question 25

6. which of the following directories contain a file with the configuration of the kernel that is currently running on the local system? 1. /usr/src/redhat/BUILD/kernel-'uname -r'/linux- 'uname -r'/ 2. /usr/src/linux-'uname -r'/configs/ 3. /usr/src/linux-'uname r'/ 4. /boot/

Answer 25

/boot/

Question 26

7. Which of the following commands starts a console-based menu-driven tool for customizing the kernel? 1. make config 2. make menuconfig 3. make xconfig 4. make gconfig

Answer 26

make menuconfig

Question 27

8. Which of the following kernel options is NOT related to mandatory access controls? 1. SELinux 2. TOMOYO 3. Cryptographic API 4. AppArmor

Answer 27

Cryptographic API

Question 28

9. Name the section of the kernel configuration tool related to formats such as ext2 and ext3.

Answer 28

Filesystems

Question 29

10. In what configuration file can you customize the filename of the compiled kernel? 1. make 2. config- 'uname -r' 3. .config 4. Makefile

Answer 29

Makefile

Question 30

11. When a new kernel is compiled and installed, what file should contain different stanzas to two different kernels available during the boot process? (Select two) 1. /boot/grub/menu.lst 2. /etc/bootloader 3. /etc/lilo.conf 4. /usr/src/linux-'uname -r'/.config

Answer 30

/boot/grub/menu.lst /etc/lilo.conf

Question 31

12. If you see the net.ipv4.icmp_echo_ignore_broadcasts = 1 options in the /etc/sysctl.conf file, what file contains that boolean option? 1. /proc/net/ipv4icmp_echo_ignore-braodcasts 2. /proc/sys/sys/net/ipv4/icmp_echo_ignore_broadcasts 3. /proc/net/sys/ipv4/icmp_echo_ignore_broadcasts 4. ?proc/icmp_echo_ignore_braodcasts

Answer 31

/proc/sys/sys/net/ipv4/icmp_echo_ignore_broadcasts

Question 32

13. Which of the following directives in the /etc/sysctl.conf should be set to 0 to deactivate routing on the local system? 1. net.ipv4.ip_forward 2. net.sys.ipv4.ip_route 3. net.ipv4.ip_routing 4. net.sys.ipv4.ip_source

Answer 32

net.ipv4.ip_forward