Ch16 Account Security Exam
-
Which of the following user ID types is not supported by Linux?
- Effective
- Saved
- File
- Real
-
The listing of a directory shows certain files with permissions set to
rwsr-xr-x.What does this indicate?- This file has no execute permission for the user
- SUID bit is set for the file
- RUID bit is set for the file
- GUID bit is set for the file
-
Which command is used to unset the SUID bit from a file?
chmodchagelsmodtouch
-
The SUID process forks a new process that does not have SUID access.
True or False?
- True
- False
-
Which of the following commands is used to find all files that have the SGID bit set?
find / -type f -p -2000find / -type f -perm -2000find / -type f -perm -4000find / -type f -mode -2000
-
Files with the SUID/SGID bit set can be used to access the resources of the system that are otherwise inaccessible to the user.
True or False?
- True
- False
-
Why should the files with SUID/SGID bits set be audited?
- To make all such files read-only
- To move all these files to a common directory
- To unset the SUID/SGID bit of all such files
- The system administrator should be aware of such files since they make the system vulnerable
-
You need to restart the network service and you are not the root user. Which command can you use?
sudousermodchownchmod
-
Why is the SUID/SGID bit set for the chage command?
- To provide access to all users without any restrictions
- To make the effective user id the same as the saved user id
- To provide user access to files in the
/etcdirectory that are otherwise accessible to root only - To restrict access to the root user only
-
Which file is used to configure the
sudocommand?/etc/sudo.ini/etc/sudoers/etc/suusers/etc/sudo.conf
-
Which are the four types of aliases found in the
/etc/sudoersfile?User_Alias, Hostname_Alias, Runas_Alias,andCmnd_AliasUser_Alias, Host_Alias, Runas_Alias,andPerm_AliasUser_Alias, Host_Alias, Runas_Alias,andCmnd_AliasRoot_Alias, Host_Alias, Runas_Alias,andCmnd_Alias
-
The
/etc/sudoersfile should be edited using the ____ editor only.xsudovimvisudoedsudo
-
Which password is required for authentication to use
sudo?- User’s Password
- No authentication is required
- Password of the user who owns the application
- Root Password
-
The
sudocommand can cache user’s credentials.True or False?
- True
- False
-
Which is the default user that
suswitches to?- No default user
- As specified in
/etc/su.conf - Root
- As specified in
/etc/sudoers
-
Which file stores the encrypted password?
/etc/passwd/etc/shadpaswd/etc/shadow/etc/password
-
What type of information is stored in the
/etc/passwdfile?- User Password information
- User Password Policy
- Links to User Account files
- User Account information
-
Which command is used to activate a newly created user account?
useraddusermodpasswdchmod
-
Which command is used to keep the user’s account in a locked state?
passwd -Lchage -Lusermod -Luseradd -L
-
Which files define the user’s password aging policy?
/etc/login.defsand/etc/default/user.defs/etc/login.defsand/etc/useradd/etc/user.defsand/etc/default/useradd/etc/login.defsand/etc/default/useradd
-
What is the default value of the
PASS_MAX_DAYSvariable, which defines the maximum number of days before the user must change his password?- 99999
- 90
- 3
- 9999
-
Which password is required for authentication to use
su?- Password of the user who owns the application
- No authentication is required
- Root Password
- User’s Password
-
Which command can be used that will take immediate effect, to inactivate the password of a user who has quit?
usermod -lpasswd -wusermod -epasswd -e
-
You need to enforce an organization’s policy of mandatory password changes every 90 days. Which command can you use for this?
passwd -M 90 user_nameuseradd -M 90 user_nameusermod -M 90 user_namechage -M 90 user_name
-
The
chagecommand supports a _____ mode.- command
- interactive
- batch
- background
-
Which of the following is not a function of
nmap?- Finding unreachable routes
- Auditing networks
- Checking port activity
- Scanning the specified subnet
-
Which of the following is not a state of ports as reported by
nmap?- Closed
- Suspended
- Open
- Filtered
-
Which command makes it possible to
pingall the hosts on a given subnet?nmap -anmap -sPping -aping -A
-
Which command can be used to view all open ports, along with the processes using them?
nmapnetstatrouteifconfig
-
What is the purpose of the
lsofcommand?- Listing of all hidden files
- Listing of all files in the
/etcdirectory - Listing of all open sockets
- Listing of all files opened by active processes
-
Both the
lsofand thenetstatcommand can be used to find the list of processes and the ports they are listening to.True or False?
- True
- False
-
Which command is used to set limits for user processes?
unameulimitplimitslimit
-
What are the two types of limits that can be set with the
ulimitcommand?- static and dynamic
- hard and soft
- permanent and temporary
- low and high
-
The system administrator can enforce limits on the size of files created by users (in terms of number of blocks) using the
ulimitcommand.True or False?
- True
- False
-
Which file is used to store limits for users so that the limits persist after system reboot?
/etc/security/ulimits.conf/etc/security/limits.conf/etc/security/limits.cnf/etc/limits.conf
-
Which of the following is the correct format for entries in the
/etc/security/limits.conffile?-
<domain> <type> <value>
-
<type> <item> <value>
-
<domain> <type> <item> <value> -
<parameter> <type> <item> <value>
-
-
How can both hard and soft limits be set together in the
/etc/security/limits.conffile?- By specifying the type as
Both - By specifying the type as
- - By specifying the type as
* - By specifying the type as
?
- By specifying the type as
-
Which of the following items cannot be regulated using
ulimit?- Max. number of open files
- Max. CPU time
- Max. number of database sessions
- Priority to run user process with
-
Which is the most useful command for managing password aging policy?
userdelchangechageuseradd
Subscribe
0 Comments
Newest