40 Questions
What is the primary goal of a denial-of-service attack?
To make a network or server unavailable
What is the purpose of the `getcifsacl` command?
To display the ACL of a file system
What is the default timeout period for OpenVPN control packets?
2 seconds
What permission bit allows a user to modify a file?
Write
What is the primary function of the rkhunter
tool?
To detect rootkits and other security threats
What is the purpose of a certificate chain?
To verify the authenticity of a digital certificate
What iptables command changes the source IP address for all IPv4 packets going through the eth0 interface?
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 192.0.2.11
What is the purpose of the ACL prefix 'OWNER' in the output of getcifsacl
?
To specify the owner of a file system
What is the primary function of the NSEC or NSEC3 records in a DNS zone?
To prevent zone enumeration
What is the main purpose of a PTR record in a DNS zone?
To map an IP address to a hostname
What is the primary function of a Certificate Revocation List (CRL)?
To list X.509 certificates that have been revoked
What is the main purpose of a DNSKEY record in DNSSEC?
To sign a DNS zone
What is the primary goal of phishing attacks?
To steal sensitive information from a victim
What is the main purpose of AIDE?
To detect intrusions and system changes
What is the primary goal of social engineering attacks?
To trick victims into divulging sensitive information
What is the primary function of host intrusion detection (HID) systems?
To monitor and detect potential security threats on a single computer or server
What is the primary function of the chkrootkit tool?
To scan a Linux system for rootkits
What happens when the getfattr command is run on a file with no extended attributes set?
No output is produced and it exits with a value of 0
What is the correct command to delete the second key of a LUKS device?
cryptsetup luksDelKey /dev/sda1 2
What is a characteristic of eCryptfs?
It does not support encryption of home directories for regular Linux users
What command is used to disable automatic password expiry for a user?
chage --maxdays -1 username
What is the purpose of OpenSCAP?
To monitor system processes for security compliance
What is the function of the rpm command?
To verify the integrity of RPM packages
What is a characteristic of a LUKS device?
It can have multiple keys
What parameter in OpenSSL specifies the host name for TLS Server Name Indication?
-servername
What type of extension is added to a certificate for the host names example.org and www.example.org?
X 509v3 Subject Alternative Name
What is a buffer overflow?
A software vulnerability
Which tool is used to manage the Linux Audit system?
auditd
What is the difference between a SetUID and SetGID bit?
SetUID allows a file to be executed with the permissions of the file owner, while SetGID allows a file to be executed with the permissions of the group owner
What is a valid AIDE rule?
!/var/run/.*
What command in the Linux Audit system provides searching and filtering of the audit log?
ausearch
What is the purpose of the TLS Server Name Indication extension?
To specify a host name for a TLS connection
What is the primary purpose of a Certificate Revocation List?
To allow a server to provide proof of the revocation status of certificates
What is the command to install and configure a new FreeIPA server?
ipa-server-install
What is the OpenSSL command to generate a certificate signing request (CSR) using an existing private key?
openssl req –new –key private/keypair.pem –out req/csr.pem
What is Cryptography?
The art of sending secret messages
What type of activity does HID monitor for?
Unauthorized access attempts
What is NOT a benefit of using HID?
Provides automatic removal of detected threats
What is the term for the encrypted message?
Ciphertext
What is the purpose of a Certificate Authority?
To issue certificates to servers
Study Notes
OpenSSL Parameters
-
-servername
specifies the host name to use for TLS Server Name Indication.
OpenSSL Configuration
- The line
subjectAltName = DNS: www.example.org, DNS:example.org
adds an X.509v3 Subject Alternative Name extension for the host namesexample.org
andwww.example.org
to a certificate.
Security Threats
- A buffer overflow is a type of software vulnerability.
- Phishing is a type of social engineering attack.
Linux File Permissions
- SetUID allows a file to be executed with the permissions of the file owner.
- SetGID allows a file to be executed with the permissions of the group owner.
- The permission bit
Write
allows a user to delete a file.
Linux Audit System
- The command
auditd
is used to manage the Linux Audit system. - The command
aureport
provides searching and filtering of the audit log.
AIDE
- AIDE is used to detect intrusions and system changes.
- The command
aide
is used to manage system audits.
OpenVPN
- OpenVPN sends a control packet to its peer and expects an acknowledgement in 2 seconds by default.
- The option
--tls-timeout 5
changes the timeout period to 5 seconds.
Certificate Management
- A certificate chain is a sequence of certificates used to verify the authenticity of a digital certificate.
- A Certificate Revocation List (CRL) is a list of X.509 certificates that have been revoked by a particular CA.
DNS and DNSSEC
- The DNS record
PTR
is used to map an IP address to a hostname. - The DNS record
DNSKEY
is used to sign a DNS zone.
Host Intrusion Detection
- HID monitors for unauthorized access attempts.
- HID does not provide automatic removal of detected threats.
Cryptography
- Cryptography is the art of sending secret messages.
- A ciphertext is the encrypted message.
Disk Encryption
- The command
cryptsetup
is used to manage disk encryption. - The command
getfattr
is used to check for extended attributes on a file.
eCryptfs
- eCryptfs is a system that encrypts files and directories.
- eCryptfs does not store the contents of all files in an archive file.
- eCryptfs can be used to encrypt only directories that are the home directory of a regular Linux user.
FreeIPA
- The command
ipa-server-install
installs and configures a new FreeIPA server, including all sub-components, and creates a new FreeIPA domain.
Rootkit Detection
- The command
chkrootkit
is used to detect rootkits on a Linux system. - The command
rkhunter
is used to detect rootkits and other security threats.
This quiz covers various aspects of computer security, including OpenSSL parameters, configuration, and common security threats. It also touches on Linux file permissions.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free