Table of Contents for
Linux Essentials for Cybersecurity, First Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Linux Essentials for Cybersecurity, First Edition by William Rothwell Published by Pearson IT Certification, 2018
  1. Cover Page
  2. Title Page
  3. Copyright Page
  4. Contents at a Glance
  5. Table of Contents
  6. About the Author
  7. Dedication
  8. Acknowledgments
  9. About the Technical Reviewers
  10. We Want to Hear from You!
  11. Reader Services
  12. Introduction
  13. Part I: Introducing Linux
  14. Chapter 1: Distributions and Key Components
  15. Chapter 2: Working on the Command Line
  16. Chapter 3: Getting Help
  17. Chapter 4: Editing Files
  18. Chapter 5: When Things Go Wrong
  19. Part II: User and Group Accounts
  20. Chapter 6: Managing Group Accounts
  21. Chapter 7: Managing User Accounts
  22. Chapter 8: Develop an Account Security Policy
  23. Part III: File and Data Storage
  24. Chapter 9: File Permissions
  25. Chapter 10: Manage Local Storage: Essentials
  26. Chapter 11: Manage Local Storage: Advanced Features
  27. Chapter 12: Manage Network Storage
  28. Chapter 13: Develop a Storage Security Policy
  29. Part IV: Automation
  30. Chapter 14: Crontab and At
  31. Chapter 15: Scripting
  32. Chapter 16: Common Automation Tasks
  33. Chapter 17: Develop an Automation Security Policy
  34. Part V: Networking
  35. Chapter 18: Networking Basics
  36. Chapter 19: Network Configuration
  37. Chapter 20: Network Service Configuration: Essential Services
  38. Chapter 21: Network Service Configuration: Web Services
  39. Chapter 22: Connecting to Remote Systems
  40. Chapter 23: Develop a Network Security Policy
  41. Part VI: Process and Log Administration
  42. Chapter 24: Process Control
  43. Chapter 25: System Logging
  44. Part VII: Software Management
  45. Chapter 26: Red Hat–Based Software Management
  46. Chapter 27: Debian-Based Software Management
  47. Chapter 28: System Booting
  48. Chapter 29: Develop a Software Management Security Policy
  49. Part VIII: Security Tasks
  50. Chapter 30: Footprinting
  51. Chapter 31: Firewalls
  52. Chapter 32: Intrusion Detection
  53. Chapter 33: Additional Security Tasks
  54. Appendix A: Answers to Review Questions
  55. Appendix B: Resource Guide
  56. Glossary

Appendix A Answers to Review Questions

Chapter 1

1.    A file system is a structure that is used to organize files and directories in an operating system.

2.    C

3.    D

4.    A shell program provides a command-line interface to the Linux operating system.

5.    A virtual machine is an operating system that thinks it is installed natively, but it is actually sharing a system with a host operating system.

Chapter 2

1.    The rm -r command can be used to delete a directory and all its contents.

2. 

3. 

4.    The -l option to the ls command will display a file’s permissions.

5.    The file command will tell you what sort of contents a file contains.

Chapter 3

1.    The / character can be used while viewing a man page in order to search for a term in the document.

2. 

3. 

4.    The help command provides information about built-in shell commands.

5.    The b key will move you to the previous node while viewing an info page.

Chapter 4

1.    The last line or ex mode allows you to enter complex operations while working in the vi editor.

2. 

3. 

4.    The yy command will copy an entire line in the vi editor.

5.    The / command will allow you to search for text forward from the current position while using the vi editor.

Chapter 5

1.    The /etc/issue file is displayed prior to local command-line login attempts.

2.    The /etc/issue.net file is display prior to telnet login attempts.

3.    The /etc/motd file is displayed after a successful login.

4.    A and D

5.    The -c option to the shutdown command is used to cancel a shutdown operation.

Chapter 6

1.    Every user is a member of at least one group(s).

2. 

3. 

4.    Special groups are groups with GID numbers typically under the numeric value of 1000.

5.    If the system is using UPG, the group name of the user account named jake should be jake.

Chapter 7

1.    User passwords and password aging data is stored in the /etc/shadow file.

2. 

3. 

4.    The /etc/default/useradd file contains default values used by the useradd command.

5.    PAM configuration files are stored in the /etc/pam.d directory.

Chapter 8

1.    Fill in the missing option so the user of the bob account can’t change his password: passwd -m 99999 -M 99998 bob

2.    B

3.    The psattc package provides process accounting.

4.    A

5.    D

Chapter 9

1.    The -l option to the ls command will display basic file permissions.

2.    C

3.    C

4.    The umask command is used to specify which default permissions to mask (not include) when creating a new file or directory.

5.    Fill in the blank to set the SGID permission set for the /data directory: chmod g+s /data.

Chapter 10

1.    B and C

2.    The umount command is used to unmount a filesystem.

3.    C and D

4.    C

5.    D

6.    The swapoff command removes a swap device from current use.

7.    C

8.    D

9.    Fill in the blank to make an ext4 filesystem: mkfs -t ext4 /dev/sdb1

10.    The -m option to the tune2fs command allows you to change the percentage of the filesystem reserved for the superuser.

Chapter 11

1.    The vgcreate command is used to create volume groups.

2.    C

3.    C

4.    The pvdisplay command displays information about a physical volume.

5.    D

6.    D

7.    D

8.    The resize2fs command is used change the size of an ext4 filesystem.

Chapter 12

1.    The SAMBA-client software package provides SAMBA client utilities.

2.    A and C

3.    D

4.    The [homes] section of the smb.conf file is used to share a SAMBA user’s home directories by default.

5.    C

6.    C

7.    Fill in the missing setting for the following SAMBA printer share:

[hp-101]
       path = /var/spool/SAMBA/
       browseable = yes
       printable = yes
       printer name = hp-101

8.    Starting the SAMBA server results in two server processes starting: smbd and nmbd.

9.    B

10.    The map setting can be used to match Windows account names to local user accounts when placed in the [global] section of the smb.conf file.

11.    The portmap service provides the functionality of RPC.

12.    C and D

13.    D

14.    The async share option results in better performance but has the potential for data loss.

15.    D

16.    A and D

17.    The rpc.mountd process handles the NFS client mount requests.

18.    You can see RPC port information on the system by executing the rpcinfo command.

19.    B and D

20.    The soft mount option attempts to mount the share once and then stops trying.

21.    B

22.    The scsi_id command is used by the udev daemon to map an iSCSI target to a local device file.

Chapter 13

1.    For tools that use numbers to specify full and incremental backups, the number 0 specifies a full backup.

2.    C and D

3.    B and C

4.    The rsync command is used to remotely back up data; by default, it only backs up data that has changed since the last time the command was used.

5.    C

6.    D

7.    The “no rewind” device name for the first tape device on the system is /dev/nst0.

8.    B

9.    The -e option to the rsync command is used to enable data transfer via SSH.

Chapter 14

1.    The -r option to the crontab command will remove all entries in the current user’s crontab.

2.    D

3.    A and D

4.    The /etc/crontab file is used by the system administrator to execute system-critical processes at specific intervals.

5.    The atq command will display the current user’s at jobs.

Chapter 15

1.    The execute permission must be added to a script before it can be run like a program.

2.    D

3.    A and D

4.    The -le operator is used to determine if one integer is less than or equal to another integer.

5.    The read command gathers user input and stores the value that the user types into a variable.

Chapter 16

1.    The logrotate script rotates, compresses, and mails system logs.

2.    C and D

3.    D

4.    The nl command displays files, including line numbers.

5.    In coding terms, a repository is a location where people share programs.

Chapter 17

1.    The permissions for the /var/spool/cron directory should be drwx------.

2.    C

3.    BASH scripts should never have the SUID and SGID permissions set.

4.    C

5.    A

Chapter 18

1.    A protocol is a well-defined standard for network communications between two hosts.

2.    C

3.    D

4.    The /etc/services file contains traditional service-to-port mappings.

5.    The DNS protocol is used to translate hostnames to IP addresses.

Chapter 19

1.    Based on the output of the ifconfig command shown next, 192.168.1.16 is the IPv4 address for the eth0 device.

2.    C

3.    The arp command displays information about the table that contains IP-address-to-MAC-address translation.

4.    C and D

5.    Fill in the blank in the following command to add a gateway for the 192.168.2.0/255.255.255.0 network:

route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.100

6.    The ip command is the replacement command for the ifconfig, arp, and route commands.

7.    D

Chapter 20

1.    B

2.    C

3.    A zone file is used to store IP-address-to-domain-name translation information (also called “records”).

4.    Fill in the blank to create a master DNS server entry in the /etc/named.conf file:

zone "onecoursesource.com" {
type master;
file "named.onecoursesource.com";
};

5.    A and C

6.    D

7.    C

8.    The subnet directive is used to define a network that the DHCP server provides IP information for.

9.    D

10.    B

Chapter 21

1.    The directive used to specify the directory that contains the web files that will be served by the Apache Web Server is the DocumentRoot directive.

2.    C

3.    D

4.    B

5.    The HTTPS protocol is used when a web browser communicates with an Apache Web Server using SSL.

6.    A, B, and D

7.    Fill in the blank for the following command to generate an RSA key file:

opensslgenrsa -des3 -out server.key 1024

8.    A tunneling proxy server acts as a gateway between two networks.

9.    The configuration file for Squid is /etc/squid/squid.conf.

10.    D

Chapter 22

1.    An attribute is a component of an object.

2.    C

3.    B

4.    The permissions of the OpenLDAP database directory should be set to 700. (Provide an octal value.)

5.    The slaptest command can be used to test the OpenLDAP configuration file before starting the server.

6.    D

7.    B

8.    The anonymous_enable directive in the vsftpd.conf file is used to allow anonymous FTP connections.

9.    A, B, and D

10.    The ListenAddress setting in the /etc/ssh/sshd_config file is used to specify which interfaces to accept SSH connections on.

11.    The AllowUsers setting of the /etc/ssh/sshd_config file is used to specify which users can connect to the SSH server.

Chapter 23

1.    The primary configuration file for kernel parameters is the /etc/sysctl.conf file.

2.    A and D

3.    The libwrap library is used to implement TCP wrappers.

4.    C and D

5.    The ntpq command allows you to perform queries on NTP servers.

Chapter 24

1.    The ps command is used to display all process running on the system.

2.    C

3.    The highest CPU priority for a process is specified by the nice value of -20.

4.    C and D

5.    The nohup command can be used to prevent a process from terminating if its parent process stops running.

Chapter 25

1.    The /etc/rsyslog.conf file is the primary configuration file for the rsyslogd daemon.

2.    C

3.    Log entries that are generated by the kernel are typically stored in the /var/log/kern.log file.

4.    D

5.    The logger command can be used to send a log entry to the syslogd daemon.

Chapter 26

1.    The RPM databases that contain metadata about software packages are stored in the /var/lib/rpm directory.

2.    C

3.    The createrepo command will make a repository in the specified directory.

4.    D

5.    The search feature of the yum command will match a glob pattern in package names and summaries.

Chapter 27

1.    The -I option to the dpkg command is used to display information about a package file.

2.    C

3.    The apt-scanpackages command is used to create a source repository for APT.

4.    C and D

5.    The –installed option to the apt list command will only display packages that are currently installed on the system.

Chapter 28

1.    The dracut command is used to create a new initramfs file.

2.    B

3.    The grub2-mkpasswd-pbkdf2 command is used to create a GRUB2 encrypted password.

4.    B and D

5.    The systemctl command is used to change systemd units, such as start and enable a service.

Chapter 29

1.    The -l option to the dpkg command can be used to list all packages on a Debian-based system.

2.    B and D

3.    Common Vulnerabilities and Exposures (or CVE) is a system designed to provide an single location where you can learn about security-related software issues.

4.    C

5.    The xinetd daemon is referred to as the “super daemon” because it will start other daemons (services) as needed and stop them when they are no longer needed.

Chapter 30

1.    B

2.    The -O option to the nmap command attempts to determine the operating system type of a remote system.

3.    A

4.    B

5.    The lsof command lists open files on the local system.

6.    The end point of a network communication is called a socket.

7.    D

8.    The -i option to the tcpdump command limits the display to include packets available only on a specific interface.

Chapter 31

1.    If no iptables rules match, the default chain policy target is used.

2.    A

3.    The -L option to the iptables command will display current firewall rules.

4.    B and D

5.    To view port numbers and IP addresses instead of names, use the -n option.

Chapter 32

1.    The netstat command can be used to display all active network connections on the local system.

2.    C

3.    The tcpdump tool allows you to probe network traffic, searching for any suspicious activity.

4.    C

5.    A passive IDS detects possible intrusions and then notifies administrators.

Chapter 33

1.    The primary configuration file for the fail2ban utility is the /etc/fail2ban/jail.conf file.

2.    B

3.    C

4.    Before you create an OpenVPN CA, you should execute the following command: source vars.

5.    D

6.    To generate the Diffie-Hellman parameters, execute the build-dh script in the /etc/openvpn/easy-rsa directory.