Deploying Access Lists in Linux Chapter 6

Questions and Answers

What is the primary purpose of the Effective UserID in Linux?

• To enable a non-privileged user to access files that can only be accessed by a privileged user (correct)
• To temporarily switch to a non-privileged account
• To define which files a process has access to
• To specify the access permissions of subjects

What is the main difference between Real UserID and Effective UserID?

• Real UserID is the same as the userID of the user who started the process, while Effective UserID can be changed (correct)
• Real UserID is for privileged users, while Effective UserID is for non-privileged users
• Real UserID is used for discretionary access control, while Effective UserID is used for mandatory access control
• Real UserID defines access to files, while Effective UserID defines access to resources

What is the purpose of the Saved UserID in Linux?

• To enable a non-privileged user to access files that can only be accessed by a privileged user
• To temporarily switch to a non-privileged account (correct)
• To define which files a process has access to
• To save the userID of the user who started the process

What is the main characteristic of Discretionary Access Control (DAC)?

Access authorization is specified and enforced based on the identity of the user (D)

What is the purpose of access control modes in Linux?

To specify the access permissions of subjects (D)

What is the difference between 'read' and 'write' permissions in Linux?

'Read' allows observing the resource, while 'write' allows observing and altering the resource (C)

What is a key characteristic of Discretionary Access Control (DAC)?

It is discretionary and can be changed by the owner (A)

Which of the following operating systems uses Discretionary Access Control (DAC)?

Both Windows and Linux (A)

What is the limitation of traditional file permissions in Linux?

Each file and directory can have only one user and group owner at a time (C)

What is the primary purpose of Linux Access Control Lists (ACLs)?

To provide additional flexibility in access control (C)

What is a default ACL in Linux?

An access control list that can only be associated with a directory (D)

How many types of ACLs are there in Linux?

Two (C)

What is the name of the subdirectory where the sales department users can add invoices?

invoices (B)

What is the default password for the users sysadmin1, operator1, consultant1, and consultant2?

redhat (D)

What is the name of the executable script created in the /shares/content directory?

hello.sh (B)

Which group has full access to the /shares/content directory, but with an exception for one user?

consultants (C)

What is the purpose of adding appropriate ACL entries to the /shares/content directory and its contents?

To ensure that future files and directories stored in /shares/content get appropriate ACL entries applied (B)

What is the primary purpose of setting a default ACL on a directory?

To ensure files and directories created within the directory inherit certain ACLs (C)

What type of ACL can be added or modified to add multiple entries with the same command?

Other ACL (A)

What permission is included in the list entries to allow directory search permission when editing ACLs on directories?

Execute permission (D)

What is the purpose of the Mask entry in an ACL?

To define the effective rights mask (B)

What is the correct order of steps to create the specified directory structure and add appropriate ACL entries?

Create groups, create users, create directory structure, add ACL entries (C)

What is the restriction placed on Kenny's access to files created by Fred in the reports subdirectory?

Kenny can only read files created by Fred (C)