IS3440 CHAP 11 MANAGEING SECURITY ALERTS AND UPDATES Flashcards Preview

IS3440 LINUX SECURITY > IS3440 CHAP 11 MANAGEING SECURITY ALERTS AND UPDATES > Flashcards

Flashcards in IS3440 CHAP 11 MANAGEING SECURITY ALERTS AND UPDATES Deck (58):
1

___ is a company that creates anti-malware systems for Linux and other operating systems.

AVG

2

___ in the context of the kernel, this is an incorporated feature from a later kernel.

Backport

3

___ is a clone of UNIX, similar to Linux, released under different licenses.

(BSD) Berkeley Standard Distribution

4

___ is a Web-based bug-tracking and management tool commonly used on open source projects from Red Hat to the GNOME desktop environment.

Bugzilla

5

___ is a cross-platform antivirus software toolkit developed for and used on Linux, BSD, and derivatives of UNIX.

(Clam AV) Clam AntiVirus

6

___ is an open source project for network-based installations of Linux distributions.

Cobbler project

7

___ is a list of operating-system security issues maintained by the MITRE corporation and sponsored by the National Cyber Security Division of the US Department of Homeland Security.

(CVE) Common Vulnerabilities and Exposures list

8

___ is an open source project to create packages over and above those available for Red Hat Enterprise Linux; may include functional back ports from later versions of Fedora Linux.

(EPEL) Extra Packages for Enterprise Linux

9

___ is the Linux operating system developed by the Fedora Project and sponsored by Red Hat.

Fedora Linux

10

___ is a company that creates anti-malware systems for Linux and other operating systems.

Kaspersky

11

___ is a network-based installation system first created for Red Hat distributions.

Kickstart

12

___ is a release of the Ubuntu distribution that includes the KDE desktop environment as the default GUI.

Kubuntu

13

___ is a system management tool available from Canonical for managing and updating clients associated with the Ubuntu distribution.

Landscape

14

___ developed by Canonical, this is a platform for bug tracking, open source software development, and more.

Launchpad

15

___ is the system of package updates on the Linux operating system.

Linux patch management

16

___ is a reference to the Ubuntu repositories of supported open source software.

Main repository

17

___ is a Linux distribution based in France and Brazil.

Mandriva

18

___ is a reference to the Ubuntu repositories of unsupported software released under restricted license.

Multiverse repository

19

___ is a portal and server to search for revoked digital certificates.

(OCSP) Online Certificate Status Protocol

20

___ is a popular FTP server with a basic configuration file similar to the Apache Web server; supports multiple virtual FTP servers.

(ProFTPd) Pro File Transfer Protocol daemon

21

___ is a leader of the open source movement. Author of The Cathedral and the Bazaar. Also a cofounder of the open source initiative.

Raymond, Eric

22

___ is a Linux distribution built from the source code released by another distribution. For example, because CentOS uses Red Hat source code, CentOS Linux is a ___ of Red Hat Enterprise Linux.

Rebuild

23

___ this is a Linux distribution developed in China.

Red Flag Linux

24

___ is the company behind the leading Linux distribution in the marketplace.

Red Hat

25

___ is a group of systems management services to manage packages, administer scripts, and more. These services may be applied to subscribed clients and servers on a network.

(RHN) Red Hat Network

26

___ is a proxy server dedicated to caching downloaded packages from the Red Hat Network.

Red Hat Network Proxy Server

27

___ is a version of the Red Hat Network designed for local use on an enterprise network; includes an embedded Oracle database.

Red Hat Satellite Server

28

___ are announcements of security issues from the Red Hat Security Team.

(RHSAs) Red Hat security advisories

29

___ is a reference to the Ubuntu repositories of software released under restricted licenses.

Restricted repository

30

___ is a specialized type of malware that enables a black-hat hacker to take root administrative access of a Linux system.

Root kit

31

___ is a variant of UNIX originally developed by the former Sun Microsystems.

Solaris

32

___ is an open source systems management server based on the source code of the Red Hat Network Satellite Server.

Spacewalk

33

___ is a program for filtering unwanted email.

SpamAssassin

34

___ is a Linux distribution originally developed in Germany, now owned by Novell.

SUSE

35

___ is a Linux distribution originally developed in Japan

Turbolinux

36

___ are alerts based on security issues that affect different releases of the Ubuntu distribution.

(USNs) Ubuntu security notices

37

___ is a reference tot he Ubuntu repositories of unsupported software released under open source licenses.

Universe repository

38

___ is a system for sharing views of graphical desktop environments over a network.

(VNC) Virtual network computing

39

___ is a popular FTP server that is no longer supported and is reported to have security flaws.

(WU-FTPD) Washington University File Transfer Protocol daemon

40

___ is a self-replicating malware program; different from a Trojan horse, which is not self-replicating.

Worm

41

___ is an alternative desktop environment to GNOME and KDE; it is the default desktop environment on the Xubuntu variant of Ubuntu Linux.

Xfce desktop environment

42

___ is a release of the Ubuntu distribution that includes the Xfce desktop environment as the default GUI.

Xubuntu

43

___ is a systems management server released by Novell. ___Linux Management can be used to administer patches and more on both SUSE Linux Enterprise Server and Red Hat Enterprise Linux systems.

ZENworks

44

1. For at least how long does Red Hat provide security updates for its Enterprise Linux distributions?

1. Two years
2. Five years
3. Seven years
4. Ten years

Seven years

45

2. For Ubuntu's LTS releases, Canonical will provide security updates for its server distribution releases for at least five years.
TRUE OR FALSE

TRUE

46

3. Why would you read a security alert and not just download and install a security update to a key system such as the Linux kernel? (Select two)

1. The update may affect interactions between the operating system and local hardware
2. The update does not affect any systems that you use personally
3. The update may not be bootable.
4. The update relates to Xen, which is a special kernel not used on the local system.

The update may affect interactions between the operating system and local hardware

The update may not be bootable.

The update relates to Xen, which is a special kernel not used on the local system.

47

4. Which command is commonly used to install and update packages from the command line on Red Hat systems.

yum

48

5. Even though Apache 2.4 is currently not production software, which of the following is a new feature of that version of Apache that may enhance security?

1. Password protection for Web sites
2. Access to secure certificates
3. The ability to host multiple secure Web sites
4. Access to OCSP servers.

Access to OCSP servers.

49

6. Which of the following FTP servers is NOT maintained but may still be readily available on the repositories for a distribution?

1. WU-FTPD
2. Pure-FTPd
3. vsFTP
4. ProFTPd

WU-FTPD

50

7. Which of the following types of malware is NOT found on Linux?

1. Rootkits
2. Microsoft viruses
3. Trojan horses
4. None of the above

None

51

8. Which of the following includes a system for tracking bugs in software?

1. ZENworks
2. Red Hat Network
3. Landscape
4. Launchpad

Launchpad

52

9. Before creating a bug report, which of the following actions should you take?

1. Copy all log files to the report
2. Research any FAQs
3. Reinstall the software
4. Reboot the system

Research any FAQs

53

10. What is the full path to the YUM configuration file on a Red Hat Enterprise Linux 5 systems?

/etc/yum.conf

54

11. which of the following files contain the addresses of remote repositories?

1. /etc/apt/sources.list
2. /etc/apt/apt.conf
3. /etc/apt.conf
4./etc/apt/apt.conf.d/10periodic

/etc/apt/sources.list

55

12. The multiverse repository includes packed that are NOT supported and do NOT include open source software?
TRUE or FALSE

TRUE

56

13. Which of the following files in the /etc/apt/apt.conf.d/ directory determine whether unattended upgrades are run?

1. apt.conf
2. 10periodic
3. 50unattend-upgrades
4. 99update-notifier

10periodic

57

14. Which of the following configuration files is associated with unattended upgrades on Red Hat Enterprise Linux systems?

1. /etc/yum.conf
2. /etc/yum/yum-daily.yum
3. /etc/yum/yum-updatesd.conf
4. /etc/yum.repos.d/yum-updatesd.conf

/etc/yum/yum-updatesd.conf

58

15. Which of the following system management services is open source?

1. Red Hat Network
2. Landscape
3. Spacewalk
4. All the above

Red Hat Network
Landscape
Spacewalk

All the above