IS3440 CHAP 3 BASIC SECURITY: FACILITIES THROUGH THE BOOT PROCESS Flashcards
(49 cards)
___ is the main configuration file for GUB version 1, AKA traditional GRUB.
COMMAND /boot/grub.conf
___ is the mount configuration file for Linux filesystems.
COMMAND /etc/fstab
___ is the main configuration file for the Linux Loader (LILO).
COMMAND /etc/lilo.conf
___ is the configuration file that associates Internet services with Transmission Control Protocol/Internet Protocol (TCP/IP) port numbers and protocols.
COMMAND /etc/services
___ is the Linux package with management tools for the (COMMAND) trousers package, associated with the Trusted Computing Software Stack and the TPM chip.
COMMAND tpm-tools
___ is the Linux package associated with the Trusted Computing Software Stack, in support of the TPM chip.
COMMAND/ trousers
___is an interface often embedded in the motherboard. In some cases, it may be configured to allow remote access to the system boot menus.
(BMC) Baseboard management controller
___ is the identification controls based on uniqued characteristics of authorized personnel. It may be used for authentication to access a secure location such as a server room.
Biometric controls
___ is a sequence of programs that may be verified by the TPM. Example of this is Trusted GRUB.
Chain of trust
___ is a self-described “donor-funded nonprofit” created to protect the digital rights of consumers.
(EFF) Electronic Frontier Foundation
___ is the organization behind the GNU project.
(FSF) Free Software Foundation
___ is a newer version of the Grand Unified Bootloader, not yet in use on many Linux distributions.
GRUB 2.0
___ is a one-way function that converts a large amount of data to a single (long) number in an irreversible manner.
Hash function
___ is a Linux security module developed by IBM to check the integrity of executable files before the are loaded during the boot process.
(IMA) Integrity Measurement Architecture
___ is a nonprofit organization that sponsors Linux certification exams.
(LPI) Linux Professional Institute
___ is a cryptographic hash function with a 128-bit value. It is also used to encrypt local Linux passwords in the (COMMAND FILE) /etc/shadow.
(MD5) Message Digest 5
___is a consortium of security professionals and organizations sponsored by the European Union. ISECOM is working through ___ to modify standards for the TPM chip.
(OPEN TC) Open Trusted Computing
___is a feature requested ty the EFF for inclusion in TPM chips that would enable fine-grained control over its use.
Owner override
___ is a feature of a network card and a BIOS/UEFI system that gives a system the ability to boot an operating system from a remote location.
(PXE) Pre-boot eXecution Environment
Colloquially known as a sniffer, a ___ can listen in on messages transmitted on a network. One Linux example is Wireshark.
Protocol analyzer
___ is part of a Trusted Computing concept, known as the roots of trust. The core may reside in the first boot program, the BIOS or UEFI.
(RTM) Root Trust for Measurement
___ is part of a Trusted Computing concept, known as the roots of trust. It reports on the integrity of a software component using SHA-1 keys.
(RTR) Root Trust for Reporting
___ is part of a Trusted Computing concept, known as the roots of trust. It uses an endorsement key created by the TPM to store data implicitly trusted by the operating system.
(RTS) Root Trust for Storage
___ is a set of cryptographic functions created by the US National Security Agency (NSA). Because of a weakness in it, the NIST has sponsored a competition for the development of this algorithm.
(SHA-1) Secure Hash Algorithm 1
