Module 8 - Linux Overview Flashcards
(209 cards)
1
Q
When was Linux first released
A
Linux was first released in 1991
2
Q
What term describes a bundled package of the Linux kernel and additional tools customized by different organizations?
A
A Linux distribution (distro)
2
Q
Which core Linux component can be freely inspected, modified, recompiled, and redistributed by anyone?
A
The Linux Kernel
2
Q
Which operating system is often preferred in Security Operations Centers (SOCs) due to its flexibility and control?
A
Linux
3
Q
Which type of SOC tool enables analysts to observe every detail of network transactions and is crucial for deep traffic inspection?
A
A Network Packet Capture software
3
Q
Why is the Linux GUI sometimes avoided in favor of the CLI, especially in security environments?
A
The GUI adds complexity and consumes more system resources than CLI
3
Q
Which special Linux user account has full administrative control over the system?
A
The root user/super user
3
Q
What is a popular open source suite of integrated tools for network security analysis?
A
Security Onion
3
Q
Which Linux console interface in Security Onion allows analysts to manage and view network security events?
A
Sguil
3
Q
Which well-known packet capture tool is widely used in SOCs to analyze network traffic?
A
Wireshark
4
Q
Which tools let analysts run and observe malware in isolation to study its behavior without system compromise?
A
A Malware Analysis tool
4
Q
Which security tools monitor traffic in real-time and take action if traffic matches known attack patterns or rules?
A
An IPS (Intrusion Prevention System)
5
Q
Which centralized platform provides real-time analysis of alerts and logs from sources like IDSs and firewalls?
A
SEIM (Security Information and Event Management)
5
Q
Which security component enforces pre-defined rules to control whether traffic can enter or leave a network or device?
A
A firewall
6
Q
Which tool is used to manage and analyze the vast number of log entries generated by network devices and systems?
A
A log manager
7
Q
Which type of software toolset in Linux attempts to identify vulnerabilities by simulating attacks on networks or systems?
A
Penetration testing (PenTesting) tools
7
Q
Which system assigns, tracks, and records response tasks in a SOC, often linking alerts to specific analysts?
A
A ticketing system
8
Q
Which command provides access to user manual documentation for other Linux commands?
A
man
8
Q
Which Linux distribution includes a broad range of penetration testing tools organized into categories?
A
Kali Linux
8
Q
Which type of application allows users to access the CLI from within a Linux GUI environment?
A
A terminal emulator
9
Q
What command lists the contents of the current directory in Linux?
A
ls
10
Q
Which browser-based emulator, created by Fabrice Bellard, allows users to run Linux and test commands like ls without local installation?
A
JSLinux
11
Q
Who created JSLinux?
A
Fabrice Bellard
11
Q
What command would you use to move or rename a file in Linux?
A
mv
12
Which command shows the name of the current working directory in Linux?
pwd
12
Which command is used to change the permissions of a file or directory in Linux?
chmod
12
Which Linux command changes the owner of a file?
chown
13
What command lists all running processes in the system?
ps
13
What command copies data from an input to an output and is often used for disk-related operations?
dd
14
Which command simulates a login as another user, typically the superuser?
su
15
Which command allows a user to execute a command with elevated (superuser) privileges temporarily?
sudo
16
Which command searches for specific strings in files or output and is often used with pipes?
grep
17
Which command displays or configures network interfaces but is now deprecated in favor of ip address?
ifconfig
18
What command is used to manage software packages on Debian-based systems, such as installing or removing them?
apt-get
19
Which command is used to display or configure wireless networking information in Linux?
iwconfig
20
Which command is used to power off, reboot, or put the system to sleep?
shutdown
20
What command changes the password for the current or specified user?
passwd
21
Which command is used to display the content of text files?
cat
21
Which Linux distribution uses apt-get as part of its package management system?
Debian based systems
21
Which Linux command changes the current working directory?
cd
22
Which popular terminal-based text editor is shown in the figure and widely used in Linux for configuration?
nano or GNU nano
23
What keyboard shortcut in nano saves the current file?
Ctrl+O
23
Which nano shortcut opens the search menu for finding text within the file?
Ctrl+W
24
What shortcut displays the help screen in GNU nano with a full list of keyboard commands?
Ctrl+G
25
What type of Linux file is used to adjust settings and control how specific applications or services operate?
A configuration file
26
What type of computer runs software that provides services like file sharing or email to other computers on a network?
A Server
27
Which term describes a program that makes requests to a server for specific resources or services?
A Client or client application
28
What allows a single computer to act as a server for multiple services at the same time?
Ports
29
What is the term used when a server is actively waiting for client connections on a specific port?
Listening
30
Which ports are used by the File Transfer Protocol (FTP)?
FTP port 20 and 21
31
Which port is used by the Secure Shell (SSH) service for encrypted remote access?
SSH port 22
32
Which port is used by the Telnet service for remote login?
Telnet port 23
33
Which service uses port 25 ?
SMTP port 25 -{to send email}
33
Which service uses port 53?
DNS port 53 -{to resolve hostnames into IP addresses}
34
Which two ports are used by DHCP to assign IP addresses dynamically?
DHCP ports 67 and 68
35
Which port is used by the Trivial File Transfer Protocol (TFTP)?
TFTP port 69
36
Which port does HTTP use to serve web pages to browsers?
HTTP port 80
37
Which service uses port 110?
POP3 port 110 -{to retrieve email from a server}
38
Which port is used by the Network Time Protocol (NTP) to synchronize clocks?
NTP port 123
38
Which port does IMAP use to allow clients to read email while keeping it on the server?
IMAP port 143
39
Which ports are used by SNMP to monitor and manage network devices?
SNMP port 161 and 162
40
Which port is used by HTTPS for encrypted web traffic?
HTTPS port 443
41
Give one example of a lightweight Linux web server.
Nginx
42
Give an example of a Linux-based intrusion detection system?
Snort
42
Which configuration format is commonly used in Linux services for assigning values?
option = value
42
What character is used in many configuration files to denote a comment?
A hash (#)
43
What term describes the process of securing a device and protecting administrative access?
Device Hardening
44
What type of file stores records of important system events such as kernel, service, and application activity?
Log files
44
What do we call A background process that runs without user interaction?
A daemon
44
Which daemon manages remote access and single sign-on authentication services?
SSSD (System Security Services Daemon)
45
Which Linux log file stores generic system activity and non-critical informational messages?
/var/log/messages
46
What is the Debian-based equivalent of /var/log/messages? -{non critical system activity messages}
/var/log/syslog
47
Which log file in Debian and Ubuntu stores all authentication-related events?
/var/log/auth.log
47
Which log file is used on RedHat and CentOS to store authentication-related events?
/var/log/secure
48
Which log file tracks sudo logins, SSH logins, and errors from the SSSD daemon on RedHat-based systems?
/var/log/secure
49
Which Linux log file stores messages and events generated during the computer startup process?
/var/log/boot.log
49
Which file contains the Linux kernel’s ring buffer messages, especially for hardware device and driver info?
/var/log/dmesg
50
Which log file contains kernel-generated log messages?
/var/log/kern.log
51
Which Linux log file records events related to automated scheduled tasks?
/var/log/cron
51
Which file stores logs for MySQL server operations?
/var/log/mysqld.log or /var/log/mysql.log
51
Which Linux file system was once the default and is still preferred for flash storage due to its lack of journaling?
ext2 (Second Extended File System)
51
Where are MySQL logs located on RedHat, CentOS, and Fedora systems?
/var/log/mysqld.log
51
Where are MySQL logs located on Debian and Ubuntu systems?
/var/log/mysql.log
51
Which file system builds on ext2 and adds journaling to reduce the risk of corruption during crashes?
ext3 (Third Extended File System)
52
How does a journaling file system like ext3 reduce file system corruption?
By logging changes before they are made
52
What is the maximum file size supported by ext3 file systems?
32 TB
52
Which file system is specifically designed for optical disc media like CDs?
CDFS (Compact Disk File System)
52
What is the key feature introduced in ext3 that helps protect data during power loss or crashes?
Journaling
52
Which modern Linux file system evolved from ext3 by incorporating performance and size improvements?
ext4 (Fourth Extended File System)
52
Which file system allows seamless access to remote files as if they were stored locally?
NFS (Network File System)
52
Which Linux mechanism is used when the system runs out of RAM and must temporarily store inactive memory contents?
Swap File System
52
Which file system replaced HFS+ and is optimized for flash and solid-state drives?
APFS (Apple File System)
52
Which Apple file system used in macOS can be mounted in Linux with read-write support?
HFS+ (Hierarchical File System Plus)
53
What key feature is emphasized in Apple’s APFS file system?
Strong encryption
53
Which process in Linux assigns a directory to a partition to make its file system accessible?
Mounting
53
Which structure located in the first sector of a partitioned drive defines how the file system is organized and initiates OS loading?
MBR (Master Boot Record)
53
What Linux command displays a list of currently mounted file systems when used with no options?
mount
53
In -rwxrw-r--, what do the first 3 characters (rwx) represent?
The file user owner permissions
53
What is the term for the directory used to access a file system after mounting it?
Mount Point
54
In Linux file permission notation, what does the second group of three characters (e.g., rw-) represent?
Group owner permissions
54
Which Linux command shows detailed file information, including permissions, ownership, and size?
ls -l
54
What does the third group of three characters in a permission string (e.g., r--) represent?
Permissions for all other users
54
What does a dash (-) at the beginning of a permissions string indicate about the file type?
Indicates that it is a regular file
54
What does the number immediately after the permission string (e.g., 1 in -rwxrw-r-- 1) represent?
The Hard link count
55
Which command is used to create a hard link in Linux?
ln
55
What is the octal representation of the permission string rwxrw-r--?
764
55
In a file listing, what does the fifth field (e.g., 253) represent?
File size in bytes
56
What octal value corresponds to the binary permission 110 ?
6
57
Which command option creates a symbolic (soft) link instead of a hard link?
ln -s
58
How does a hard link differ from a symbolic link when the original file is deleted?
Hard link still works, symbolic link breaks when original file is deleted
59
Which file link type—hard or symbolic—can span across different file systems?
Symbolic
60
Which link type becomes useless (broken) if the original file is removed?
Symbolic links
61
Which type of link directly points to the same inode as the original file?
Hard link
61
Which link type stores the actual path to the original file instead of sharing the inode?
Symbolic link
61
Which windowing system provides the foundational framework for most Linux graphical environments?
X Window System -{akak X, or X11}
62
Which type of Linux software defines visual elements such as borders, icons, and color schemes in a GUI?
Window managers -{Like KDE and Gnome}
62
What is the default GUI used by Ubuntu Linux?
Gnome 3
62
What is the primary goal of Gnome 3 in Ubuntu?
To enhance user friendliness
62
Which graphical feature on the Ubuntu desktop provides access to installed apps through icons?
The app menu
63
What Ubuntu GUI feature appears on the left side and acts as both launcher and app switcher?
Ubuntu dock
63
Where can you find app-specific menus and system notifications in Ubuntu's GUI?
Top bar
63
What powerful search tool in Ubuntu can locate apps, files, and even content within files?
Activities view
64
Which Ubuntu GUI feature allows workspace switching and system search?
Activities
65
Where can users manage networking and connected devices in the Ubuntu GUI?
The Status Menu
65
Which GUI component in Ubuntu lets the user lock, shut down, or change system configurations?
The Status Menu
66
What do we call A program bundled with all its supporting files, used for simplified installation?
A package
66
What Linux tool ensures that all necessary program files are placed in the correct locations during installation?
A package manager
66
Which package manager is standard in Arch Linux?
pacman
66
Which two package tools are used in Debian and Ubuntu-based distributions?
dpkg (Debian package) and apt (advanced packaging tool)
66
Which command retrieves the latest package list from repositories in Debian/Ubuntu systems?
apt-get update
67
Which command updates all installed packages to the latest versions in Debian/Ubuntu?
apt-get upgrade
68
What term refers to operating system updates that fix known security flaws and bugs?
Patches
69
What command installs a package by name in Debian/Ubuntu systems?
apt install
69
What command removes a package by name in Debian/Ubuntu systems?
apt remove
70
What is the pacman command in Arch Linux to install a package by name?
pacman -S
70
Which pacman command removes a package and its dependencies in Arch Linux?
pacman -Rs
71
Which pacman command updates the local package database in Arch Linux?
pacman -Sy
72
What full pacman command upgrades all installed packages in Arch Linux?
pacman Syu
72
How can users check for and install updates through the GUI in Ubuntu?
By searching for Software Updater in the Dash search box
72
Which apt command is responsible for synchronizing the local package database with remote repositories?
apt-get update
72
Which command in pacman is equivalent to apt-get upgrade in Debian-based systems?
pacman -Syu
73
What is the term for a running instance of a computer program in Linux?
A process
73
What Linux kernel mechanism allows a process to create a copy of itself?
Forking
73
Which server software uses forking to handle multiple requests efficiently with fewer resources?
The Apache Web server
73
Which command is used to list processes currently running on a system at a single point in time?
ps
73
Which command displays a live, continuously updating list of running processes?
top
74
Which key should you press to exit the top command?
q
74
What command is used to terminate, restart, or pause a process by sending signals?
kill
74
Which process management command is typically run before using kill, and why?
ps or top to find the PID (Process ID) of the target process
75
How does an attacker typically learn about software vulnerabilities on a Linux host?
By probing open ports and checking the versions of the services running on those ports
75
What is the type of malware that grants unauthorized users elevated privileges or backdoor access?
Rootkits
75
Which type of malware can alter kernel code and modules, affecting core OS functions and hiding their presence?
Rootkits
75
Which Linux tool can be used to scan for known rootkits?
chkrootkit (sudo ./chkrootkit)
75
What part of the system does chkrootkit compare with the output of ps?
The /proc filesystem
76
What technique allows Linux commands to be combined so the output of one becomes the input of another?
piping
76
77
78
78
78
78
79
79
79
79
80
80
80
81
81
81
82
82
82
83
83
83
84
85
86
86
86
87
88
88
89
89
90
90
91
91
91
91
92
92
92
92
93
93
93
94
95
96
96
97
97
97
98
98
