IS3440 CHAP 13 TESTING AND REPORTING Flashcards Preview

IS3440 LINUX SECURITY > IS3440 CHAP 13 TESTING AND REPORTING > Flashcards

Flashcards in IS3440 CHAP 13 TESTING AND REPORTING Deck (34):
1

COMMAND ___ is a command on Ubuntu and Debian systems that uses the MD5 checksums to see if changes have been made to files relative to their original status as part of installed packages.

debsums

2

COMMAND ___ is a command to list open files; it lists open files related to networking, in numeric format.

lsof

3

COMMAND ___ is the implementation of the nectar command, which can test and communicate over TCP and UDP connections.

nc

4

COMMAND ___ is a command used to verify network connections by port, routing tables by Internet Protocol (IP) address, and more.

netstat

5

COMMAND ___ is a flexible command that can be used to scan Transmission control Protocol/Internet Protocol (TCP/IP) network communication by protocol and port.

nmap

6

___ is a Linux distribution currently based on Ubuntu with penetration testing tools, released in live CD and live USB format.

BackTrack

7

___ is a protocol of the TCP/IP suite associated with automatic assignment of IP addresses; may also be used for the automatic acquisition of IP addresses from a Dynamic Host Configuration Protocol (DHCP) server on a remote network. Associated with UDP port 68.

(BOOTP) Bootstrap Protocol

8

___ is a password tool designed to identify passwords that are too simple for a secure system.

Hydra

9

___ is a password tool designed to identify passwords that are too simple for a secure system.

John the Ripper

10

___ is a Linux distribution most well known for its live CDs and DVDs.

Knoppix STD

11

___ is a prominent white-hat hacker. The developer of the map command. Known in the open source security community by the single name ___.

Lyon, Gordon
"Fyodor"

12

___ is a vulnerability scanning program with a Web-based interface, based on code that was previously released under open source licenses.

Nessus

13

___ is a utility that can read TCP and UDDP packets, normally associated with the nc command.

netcat

14

___ is a Linux distribution currently based on Fedora with a variety of security testing tools, including many of those listed at http://sectools.org/ .

Network Security Toolkit

15

___ is a password tool designed to identify passwords that are too simple for a secure system.

RainbowCrack

16

___ is an older open source network analyzer. Later versions were released under proprietary licenses as part of SAINT.

(SATAN) Security Administrator Tool for Analyzing Networks

17

___ is a vulnerability scanning program with a Web-based interface, based on code that was previously released as SATAN under open source licenses.

(SAINT) System Administrators Integrated Network Tool

18

___ is an intrusion detection system (IDS) with modes associated with IPTABLES firewall rules; associated rules are updated on a regular basis.

Snort

19

___ is a family of virtual machine software that works with everything from software-based virtualization with programs like VMware Player to bare-metal virtualization with programs like vSphere.

VMware

20

1. Which of the following commands, when used inside and outside of a firewall, can best test the effectiveness of that firewall?

1. iptables
2. telnet
3. nmap
4. lsof

nmap

21

2. Which of the following is NOT a password-cracking tool?

1. nmap
2. John the Ripper
3. Hydra
4. RainbowCrack

nmap

22

3. What is the TELNET command that would connect to an open port 25 and active server on a system with an IP address of 10.12.14.16?

telnet 10.12.14.16 25

23

4. Which of the following commands includes port information for TCP and UDP communication in numeric format?

1. .netstat -aunp
2. .netstat -atnp
3. .netstat -aund
4..netstat -atunp

.netstat -atunp

24

5. Which of the following commands can help you discover the active hosts on the 192.168.0.0/24?

1. nmap -sP 192.168.0.0/24
2. nmap -sH 192.168.0.0/24
3. nmap -sh 192.168.0.0/24
4. nmap -sPO 192.168.0.0/24

nmap -sP 192.168.0.0/24

25

6. Which of the following commands verifies installed files for all of the Debian-style packages installed on a system?

1. rpm -Va
2. dpjg Va
3. debsums
4. dpkg -qa
.

debsums

26

7. You can install AIDE from supported repositories for both Red Hat Enterprise Linux and Ubuntu.
TRUE OR FALSE

TRUE

27

8. Which of the following commands sets a last password change date of April, 2010, for user michael?

1. chage -c 2010-04-01
2. chage -d 2010-04-01
3. chage -e 2010-04-01
4. chage -i 2010-04-01

chage -d 2010-04-01

28

9. What is the full path to the PAM configuration file that regulates logins on a Linux system?

/etc/pam.d/login

29

10. Which of the following virtual machine options is the default open source solution for the latest Red Hat and Ubuntu distributions?

1. KVM
2. Xen
3. Virtualbox, open source edition
4. Hyper-V

KVM

30

11. Which of the following COMMANDS opens a graphical tool that depicts the current CPU and memory load for virtual machines on the target host system?

1. virt -viewer
2. virsh
3. virt-manager
4. virt -top

virt-manager

31

12. Nessus is still released under an open source license.
TRUE OR FALSE

FALSE

32

13. Which of the following modes does not apply to Snort as an intrusion detection system?

1. Sniffer mode
2. Inline mode
3. Password mode
4. Network mode

Password mode

33

14. What is the COMMAND nc that would connect to and get verbose information on an open port 25 and active server on a system with an IP address of 10.12.14.16?

nc -v 10.12.14.16. 25

34

15. Which of the following is NOT an option for bootable Linux systems with security testing tools?

1. BackTrack
2. Knoppix STD
3. Netcat
4. Network Security Toolkit

Netcat