Ch17 Host Security Exam
-
Which super server has replaced
inetd?ninetdxinetdinetinetdver2
-
What is the main feature of a super server?
- Run as a foreground process and initiate TCP connections to other hosts
- Run as a background process and initiate TCP connections to other hosts
- Run as a master process and listen for incoming TCP connections and then start the required process
- Run as a master process and service incoming TCP connections
-
For configuring
xinetd, the files _____ are used/etc/xinetd.confor separate files for each service in the/etc/xinetd.ddirectory/etc/xinet.confor separate files for each service in the/etc/xinetd.ddirectory/etc/xinet.confor separate files for each service in the/etc/xinetd.ddirectory/etc/xinetd.confor separate files for each service in the/etc/net/xinetd.ddirectory
-
Which file is used to verify the services specified in the
xinetdconfiguration?/etc/xinet.d/services/etc/services/etc/xinetd/services/etc/net/services
-
The
xinetddaemon will automatically reload the configuration file if it is modified.True or False?
- True
- False
-
Which of the following is not a criteria for defining access control using
xinetd?- System Utilization
- Time of Day
- Network Traffic
- Host Addresses
-
What does the following snippet in the
xinetdconfiguration file indicate? service telnet { disable = yes...- The telnet service will be enabled when
xinetdstarts - The telnet service is enabled
- The telnet service is disabled and will be enabled when
xinetdrestarts - The telnet service is disabled
- The telnet service will be enabled when
-
The
inetdandxinetddaemons can run simultaneously on a system.
True or False?- True
- False
-
What method is used to apply TCP Wrappers to a network service?
- Add the
/usr/lib/libwrap.alibrary to the/etc/xinet.ddirectory - Add entries of the service to the
/etc/tcpwrap.conffile - Compile using the
/usr/lib/libwrap.alibrary - Add the
/usr/lib/libwrap.afile to the service’s directory
- Add the
-
The two files used by TCP Wrappers to control access are _____:
/etc/hosts.allowand/etc/hosts.deny/etc/hosts_tcp.allowand/etc/hosts_tcp.deny/xinet.d/hosts.allowand/xinet.d/hosts.deny/etc/xinet.d/hosts.allowand/etc/xinet.d/hosts.deny
-
What does,
sshd: ALL, specified in thehosts.denyfile indicate?- Prevent all connections other than SSH
- Allow SSH connection from all hosts
- Prevent SSH connection from all hosts
- Prevent SSH connections from all hosts on this subnetQuestion ID 3327
-
Which of the following is not a keyword used to specify the host in the
hosts.allowandhosts.denyfiles?- KNOWN
- UNKNOWN
- PARANOID
- EXTERN
-
What happens to the service request received by TCP Wrappers if the
hosts.allowandhosts.denyfiles do not permit connection?- Drop the packet and log a message
- Ignore the packet and continue with the next request
- Recheck the files for connection 2 more times
- Forward the request to the requested service and log a warning
-
A host does not have an entry in either
hosts.alloworhosts.deny. How does TCP Wrappers handle a request originating from this host?- Request forwarded to the service
- Request turned down and error logged
- Request dropped and service intimated
- Request dropped
-
It is possible to specify the address of a subnet in the
hosts.allowandhosts.denyfiles.True or False?
- True
- False
-
You are using a server with two NICs,
eth0and eth1. You want to configure TCP Wrappers for using the telnet service oneth1only in the hosts.allow file, this can be done by specifying ________[email protected]: 192.168.0.0/24telnetd[192.168.0.254]: 192.168.0.0/24telnetd(192.168.0.254): 192.168.0.0/24telnetd:192.168.0.254: 192.168.0.0/24
-
Which command is used to verify if a program is compiled with TCP Wrappers?
lddgccmakenm
-
You had initially added some hosts in the
hosts.denyfile to prevent access to FTP. You remove those hosts now because you need to grant them FTP access. How do you restart TCP Wrappers?tcp_wrappers restartftpd restart- Restart of any service is not required
/etc/networking restart
-
The
/etc/nologinfile is used to prevent all users from logging on to the system.True or False?
- True
- False
-
Which of the following scenarios do not require the use of the
/etc/nologinfile?- Installing an Oracle Patch
- Adding a new disk
- Monitoring the system’s disk usage
- Installing a Linux patch
-
Which file is referred to by the
logincommand when any user tries to login to the system?/etc/message/etc/nologin/etc/banner/etc/login
-
What is the PID of the
initprocess?- 111
- 1
- 0
- 11
-
Which file specifies the processes to be started during boot time?
/etc/initproc/etc/inittab/etc/proc/inittab/etc/init.d/inittab
-
You are currently running the server at run level 3, you need to allow users access to X server applications for several days. Which run level should you switch to?
- Run level 1
- Run level 4
- Run level 6
- Run level 5
-
What is the result of running the
init 6command?- Restart the system in single user mode
- Shutdown the system
- Restart the system
- Open the
/etc/inittabfile for editing
-
How is the default run level defined in the
/etc/inittabfile?id:3: defaultinit:initdefault:3runlevel:3:initdefault:id:3:initdefault:
-
What does the
/etc/init.ddirectory contain?- Scripts for network services
- Scripts for initialization
- Scripts for the different run levels
- Scripts for the default run level
-
Which of the following is not a valid option for the scripts in the
/etc/init.ddirectory?- query
- start
- stop
- restart
-
All systemd services require a systemd.socket.
True or False?
- True
- False
-
Which of the following commands will display systemd.socket unit configuration files?
systemctl list-unit-files | type=socketsystemctl list-unit-files --type=socketsystemctl list-unit-files = >socket listsystemctl list-sockets --all
Subscribe
0 Comments
Newest