Ch16 Account Security Exam

  1. Which of the following user ID types is not supported by Linux? 

    • Effective
    • Saved 
    • File 
    • Real
  2. The listing of a directory shows certain files with permissions set to rwsr-xr-x. What does this indicate? 

    • This file has no execute permission for the user 
    • SUID bit is set for the file 
    • RUID bit is set for the file 
    • GUID bit is set for the file
  3. Which command is used to unset the SUID bit from a file?

    • chmod 
    • chage 
    • lsmod 
    • touch
  4. The SUID process forks a new process that does not have SUID access.

    True or False?

    • True 
    • False
  5. Which of the following commands is used to find all files that have the SGID bit set? 

    • find / -type f -p -2000 
    • find / -type f -perm -2000 
    • find / -type f -perm -4000 
    • find / -type f -mode -2000
  6. Files with the SUID/SGID bit set can be used to access the resources of the system that are otherwise inaccessible to the user.

    True or False?

    • True 
    • False
  7. Why should the files with SUID/SGID bits set be audited? 

    • To make all such files read-only 
    • To move all these files to a common directory 
    • To unset the SUID/SGID bit of all such files 
    • The system administrator should be aware of such files since they make the system vulnerable
  8. You need to restart the network service and you are not the root user. Which command can you use? 

    • sudo 
    • usermod 
    • chown 
    • chmod
  9. Why is the SUID/SGID bit set for the chage command? 

    • To provide access to all users without any restrictions 
    • To make the effective user id the same as the saved user id 
    • To provide user access to files in the /etc directory that are otherwise accessible to root only 
    • To restrict access to the root user only
  10. Which file is used to configure the sudo command?

    • /etc/sudo.ini
    • /etc/sudoers
    • /etc/suusers 
    • /etc/sudo.conf
  11. Which are the four types of aliases found in the /etc/sudoers file?

    • User_Alias, Hostname_Alias, Runas_Alias, and Cmnd_Alias 
    • User_Alias, Host_Alias, Runas_Alias, and Perm_Alias 
    • User_Alias, Host_Alias, Runas_Alias, and Cmnd_Alias 
    • Root_Alias, Host_Alias, Runas_Alias, and Cmnd_Alias
  12. The /etc/sudoers file should be edited using the ____ editor only. 

    • xsudo
    • vim 
    • visudo 
    • edsudo
  13. Which password is required for authentication to use sudo?

    • User’s Password 
    • No authentication is required 
    • Password of the user who owns the application 
    • Root Password
  14. The sudo command can cache user’s credentials.

    True or False?

    • True 
    • False
  15. Which is the default user that su switches to? 

    • No default user 
    • As specified in /etc/su.conf 
    • Root 
    • As specified in /etc/sudoers
  16. Which file stores the encrypted password? 

    • /etc/passwd 
    • /etc/shadpaswd 
    • /etc/shadow 
    • /etc/password
  17. What type of information is stored in the /etc/passwd file?

    • User Password information 
    • User Password Policy 
    • Links to User Account files 
    • User Account information
  18. Which command is used to activate a newly created user account? 

    • useradd 
    • usermod 
    • passwd 
    • chmod
  19. Which command is used to keep the user’s account in a locked state? 

    • passwd -L 
    • chage -L 
    • usermod -L 
    • useradd -L
  20. Which files define the user’s password aging policy? 

    • /etc/login.defs and /etc/default/user.defs 
    • /etc/login.defs and /etc/useradd 
    • /etc/user.defs and /etc/default/useradd 
    • /etc/login.defs and /etc/default/useradd
  21. What is the default value of the PASS_MAX_DAYS variable, which defines the maximum number of days before the user must change his password? 

    • 99999 
    • 90
    • 9999
  22. Which password is required for authentication to use su?

    • Password of the user who owns the application 
    • No authentication is required 
    • Root Password 
    • User’s Password
  23. Which command can be used that will take immediate effect, to inactivate the password of a user who has quit? 

    • usermod -l 
    • passwd -w 
    • usermod -e 
    • passwd -e
  24. You need to enforce an organization’s policy of mandatory password changes every 90 days. Which command can you use for this? 

    • passwd -M 90 user_name 
    • useradd -M 90 user_name 
    • usermod -M 90 user_name 
    • chage -M 90 user_name
  25. The chage command supports a _____ mode.

    • command 
    • interactive
    • batch 
    • background
  26. Which of the following is not a function of nmap?

    • Finding unreachable routes 
    • Auditing networks 
    • Checking port activity 
    • Scanning the specified subnet
  27. Which of the following is not a state of ports as reported by nmap?

    • Closed 
    • Suspended 
    • Open 
    • Filtered
  28. Which command makes it possible to ping all the hosts on a given subnet?

    • nmap -a 
    • nmap -sP 
    • ping -a 
    • ping -A
  29. Which command can be used to view all open ports, along with the processes using them?

    • nmap 
    • netstat 
    • route 
    • ifconfig
  30. What is the purpose of the lsof command?

    • Listing of all hidden files 
    • Listing of all files in the /etc directory 
    • Listing of all open sockets 
    • Listing of all files opened by active processes
  31. Both the lsof and the netstat command can be used to find the list of processes and the ports they are listening to.

    True or False?

    • True 
    • False
  32. Which command is used to set limits for user processes?

    • uname 
    • ulimit 
    • plimit 
    • slimit
  33. What are the two types of limits that can be set with the ulimit command?

    • static and dynamic 
    • hard and soft 
    • permanent and temporary 
    • low and high
  34. The system administrator can enforce limits on the size of files created by users (in terms of number of blocks) using the ulimit command.

    True or False?

    • True 
    • False
  35. Which file is used to store limits for users so that the limits persist after system reboot?

    • /etc/security/ulimits.conf 
    • /etc/security/limits.conf 
    • /etc/security/limits.cnf 
    • /etc/limits.conf
  36. Which of the following is the correct format for entries in the /etc/security/limits.conf file?

    • <domain> <type> <value>
    • <type> <item> <value>
    • <domain> <type> <item> <value>
    • <parameter> <type> <item> <value>
  37. How can both hard and soft limits be set together in the /etc/security/limits.conf file?

    • By specifying the type as Both 
    • By specifying the type as - 
    • By specifying the type as 
    • By specifying the type as ?
  38. Which of the following items cannot be regulated using ulimit?

    • Max. number of open files 
    • Max. CPU time 
    • Max. number of database sessions 
    • Priority to run user process with
  39. Which is the most useful command for managing password aging policy?

    • userdel 
    • change 
    • chage 
    • useradd
Notify of
Inline Feedbacks
View all comments