IS3440 CHAP 6 EVERY SERVICE IS A POTENTIAL RISK Flashcards Preview

IS3440 LINUX SECURITY > IS3440 CHAP 6 EVERY SERVICE IS A POTENTIAL RISK > Flashcards

Flashcards in IS3440 CHAP 6 EVERY SERVICE IS A POTENTIAL RISK Deck (31):
1

COMMAND ___ searches the current cache of package information. Normally associated with the Ubuntu and Debian Linux distributions.

(COMMAND) apt - cache

2

COMMAND ___ is normally used to install a package with all dependent packages. Usually associated with the Ubuntu and Debian Linux distributions.

(COMMAND) apt - get

3

COMMAND ___ Manages the scripts that start and stop in different runlevels. Normally associated with the Red Hat and SUSE distributions.

(COMMAND) chkconfig

4

COMMAND ___ is an option frequently available on scripts in the /etx/init.d/ directory. when used, it restarts a service only if it is already running.

(COMMAND) condrestart

5

COMMAND ___ manages the scripts that start and stop in different runlevels. Normally associated with the Ubuntu and Debian Linux distributions.

(COMMAND) update - rc.d

6

COMMAND ___ is short for Yellowdog Updater.Modied. It can install packages with all dependent packages.

(COMMAND) yum

7

___ is a secured host dedicated for a specific purpose. It is configured with a minimal number of services to limit its exposure to attacks.

Bastion server

8

___ is one type of operating-system-level virtualization. When a program or service routes clients to a directory, a chroot jail includes all of the binaries, libraries, configuration files and executables required to run a service that is so contained.

Chroot jail

9

___ is a colloquial description of one type of error message related to the attempted installation of a package with the (COMMAND) rpm or dpkg. The installation is not completed because the package depends on another. This occurs when dependencies descend to another level.

Dependency hell

10

___ is a server that listens for requests on multiple ports on behalf of multiple services. As a single daemon, it saves resources.
(INFO) The term "internet" in this title is normally shown in lowercase, as it refers to an interconnected series of networks, not the Internet, Its configuration file is
/etc/xinetd.conf. That file normally refers to service-specific files in the /etc/xinetd.d/ directory.

Extended internet super server

11

___ is an open source compiler system that supports a variety of programming languages, including C, Java, and Fortran.

(GCC) GNU Compiler Collection

12

___ is a server that listens for requests on multiple ports on behalf of multiple services. As a single daemon, it saves resources. While it is obsolete on most distributions, it is still used by some third-party software.

Internet super server

13

___ is a number associated with the process running on a Linux system. The ___ of currently running processes can be found with the (COMMAND) ps.

(PID) Process Identifier

14

___ is a coloquial description of a (normally compressed) archive of files, managed with the (COMMAND) tar.

Tarball

15

___ is a system designed to replace the (COMMAND) /sbin/init and the System V system of runlevels. Related configuration files can be found in the (DIRECTORY) /etc/event.d/

Upstart

16

___ is a protocol that enables remote logins to a GUI. It is normally associated with Transmission Control Protocol/Internet Protocol (TCP/IP port 177.

(XDMCP) X Display Manager Control Protocol

17

1. What part of a network is best for bastion servers?

1. A DMZ
2. The protected network
3. Virtual hosts in a bridged network
4. A bastionized network

A DMZ

18

2. Which of the following DIRECTORIES contains scripts that control services?

1. /etc/default/
2. /etc/sysconfig/
3. /etc/xinetd.d/
4. /etc/init.d/

/etc/init.d/

19

3. Which of the following COMMANDS lists currently installed packages on a Linux system?

1. rpm -qi
2. rpm -qa
3. rpm -qf
4.rpm -ql

rpm -qa

20

4. Your LAN is on the 192.168.0.0/24 network. Which of the following virtual machine network options gives local virtual machines addresses on that network?

1. Host-only
2. NAT
3. Bridged
4. DHCP

Bridged

21

5. Which of the following options is a development tool that compiles source code?

1. cpmfogire
2. make
3. gcc
4. cpp

make

22

6. Scripts in which of the following DIRECTORIES can be used to deactivate a currently running service?

1. /etc/rc5/
2. /etc/rcS.d/
3. /etc/event.d/
4./etc/init.d/

/etc/init.d/

23

7. Enter the command on Red Hat distributions that includes the default status of services with /etc/init.d/ scripts at each runlevel: ___

chkconfig --list

24

8. Which service script in the /etc/init.d/ DIRECTORY is NOT related to SELinux?

1. auditd
2. dund
3. mctrans
4. restorecond

dund

25

9. Which service scritp in the /etc/init.d/ is NOT related to NFS?

1. netfs
2. nfslock
3. rpcsvcgssd
4. ncsd

ncsd

26

10. Enter the full path to the main configuration file associated with the extended internet super server:
____.

/etc/xinetd.conf

27

11. Which of the following options for scripts in the /etc/init.d/ DIRECTORY does not kick off users who are currently connected to a service?

1. restart
2. reload
3. condreload
4. HUP

reload

28

12. Which of the following DIRECTORIES contain the standard chroot jail location for Red Hat BIND DNS servers?

1. netfs
2. nfslock
3. rpcsvcgssd
4. ncsd

ncsd

29

13. Which of the following is a protocol that supports remote login access to a GUI system?

1. Telnet
2. SSH
3. XDMCP
4. LTSP

XDMCP

30

14. Which of the following clients can connect to a Microsoft Exchange server?

1. Balsa
2. Evolution
3. Kmail
4. Thunderbird

Evolution

31

15. Which of the following COMMANDS starts a console-based Web browser?

1. konqueror
2. opera
3. firefox
4. elinks

elinks