IS3440 CHAP 9 NETWORKED APPLICATION SECURITY Flashcards Preview

IS3440 LINUX SECURITY > IS3440 CHAP 9 NETWORKED APPLICATION SECURITY > Flashcards

Flashcards in IS3440 CHAP 9 NETWORKED APPLICATION SECURITY Deck (38):
1

___ is the open source private branch exchange (PBX) VoIP service.

Asterisk

2

___ is a frequently malicious insertion of non-authoritative DNS data as if it were authoritative. May also be used by black-hat hackers to redirect users to malicious Web sites.

Cache poisoning

3

___is an entity such as VeriSign or GoDaddy that issues digital certificates for use by other parties. Secure Web sites without an official CA return an error message.

(CA) Certificate authority

4

___ is a group of protocols where a serve such as open source sendmail presents a challenge such as a request for a username and password.

(CRAM) Challenge-response authentication mechanism

5

___ is a protocol used for communications between Web proxy servers such as Squid.

(ICP) Inter-Cache Protocol

6

___ is a framework for encryption associated with the Java programming language; may also be used with open source sendmail.

(JCE) Java Cryptography Extension

7

___ is an acronym associated with Web services. The first three letters stand for Linux, Apache, and MySQL. The last letter may stand for Perl, Python, or PHP. It is a system where these services are integrated.

LAMP stack

8

___ is related to servers such as Dovecot that facilitate the delivery of email to user clients.

(MDA) Mail delivery agent

9

___is associated with servers that collect email from networks, such as fetchmail.

(MRA) Mail retrieval agent

10

___ is associated with servers that transmit email, such as sendmail and Postfix.

(MTA) Mail transfer agent

11

___ is associated with client email applications such as Evolution and Thunderbird.

(MUA) Mail user agent

12

___ are used to add functionality to the Apache Web server.

(MPMs) Multi-Processing Modules

13

___ is a dynamic scripting language developed by Larry Wall; frequently used with Apache for Web sites.

Perl

14

___ is a scripting language associated with dynamic Web sites; frequently used with Apache.

(PHP) PHP: Hypertext Preprocessor

15

___ is a multi-paradigm programming language frequently used with Apache for Web sites.

Python

16

___ is a standard packet format for VoIP and video communications.

(RTP) Real-time Transport Protocol

17

___ is a search of a DNS database that is sent to other DNS servers if the information is not available locally.

Recursive query

18

___is an Internet Protocol (IP) network protocol frequently used tin VoIP communications.

(SIP) Session Initiation Protocol

19

___ is a protocol used to authenticate data exchanges between DNS servers.

(TSIG) Transition SIGnature

20

___ is created on the same physical network as another LAN. Because both LANs are separate and distinct, they are virtual.

(VLAN) Virtual LAN

21

___ is when associated with DNS, a database of hostnames and Internet Protocol (IP) addresses for a specific authoritative domain.

Zone files

22

___ is a reference to data exchange between DNS servers with respect to hostnames and Internet Protocol (IP) addresses of a specific domain.

Zone updates

23

___ is related to servers that authenticate user connections to email services. Frequently integrated into MTAs such as sendmail and Postfix.

(MSA) Mail submission agent

24

1. Which of the following services is NOT part of the LAMP stack?

1. Linux
2. Apache
3. MySQL
4. Postfix

Postfix

25

2. Which of the commands sets a password for the MySQL administrative user?

1. mysqladmin -u admin password
"newpassword"
2. mysqladmin -u root password
"newpassword"
3. mysqladmin -u mysql password
"newpassword"
4. mysqladmin -u user root
"newpassword"

mysqladmin -u root password
"newpassword"

26

3. Which of the following commands removes the php5 module in Apache on an Ubuntu system?

1. a2enmod php5
2.a2rmmod php5
3. e2dismod php5
4. a2modprobe php5

e2dismod php5

27

4. What is the command that can create users and passwords for access to a Web directory in Apache?

htpasswd (acceptable: htdigest)

28

5. The server . csr file includes identifying information about your system.
TRUE OR FALSE

TRUE

29

6. Which of the following port numbers is associated with Squid?

1. 80
2. 3128
3. 443
4. 8080

3128

30

7. Which of the following should NOT be included on a public DNS server?

1. Mail server IP addresses
2. DNS server IP addresses
3. Web server IP addresses
4. Squid server IP addresses

Squid server IP addresses

31

8. Which of the following commands reads all changes made to files in the /etc/mail/ directory for open source sendmail?

1. make -C /etc/mail
2. m4 /etc/mail
3. make /etc/mail/sendmail.mc
4. m4 /etc/mail/sendmail.mc

make -C /etc/mail

32

9. Which of the following open source sendmail directives is used to specify email protocols?

1. define
2. DAEMON_OPTIONS
3. FEATURE
4. MAILER

DAEMON_OPTIONS

33

10. Which of the following configuration files is most important for Postfix?

1. main.cf
2. master.cf
3. maps
4. cfsubmit.cf

main.cf

34

11. In Dovecot, if you want to activate both regular and secure POP3 and IMAP services, what options would you add to the PROTOCOLS directive?

imap imaps pop3 pop3s

35

12. Which of the following is NOT a protocol closely associated with Asterisk?

1. IPP
2. SIP
3. RTP
4. UDP.

IPP

36

13. Which of the following directives in the main CUPS configuration file specifies groups of users who are allowed to administer CUPS?

1. Lpadmin
2. Admin
3. System
4. SystemGroup

SystemGroup

37

14. Which of the following NTP RESTRICT options relate to logging?

1. kod
2. notrap
3. nopeer
4. noquery

notrap

38

15. Which of the following directives specify and can limit the information given about an Apache system?

1. banner
2. System
3. ServerTokens
4. server string

ServerTokens