Deploying Access Lists in Linux Chapter 6

Questions and Answers

What is the primary purpose of the Effective UserID in Linux?

To enable a non-privileged user to access files that can only be accessed by a privileged user (correct)

To temporarily switch to a non-privileged account

To define which files a process has access to

To specify the access permissions of subjects

What is the main difference between Real UserID and Effective UserID?

Real UserID is the same as the userID of the user who started the process, while Effective UserID can be changed (correct)

Real UserID is for privileged users, while Effective UserID is for non-privileged users

Real UserID is used for discretionary access control, while Effective UserID is used for mandatory access control

Real UserID defines access to files, while Effective UserID defines access to resources

What is the purpose of the Saved UserID in Linux?

To enable a non-privileged user to access files that can only be accessed by a privileged user

To temporarily switch to a non-privileged account (correct)

To define which files a process has access to

To save the userID of the user who started the process

What is the main characteristic of Discretionary Access Control (DAC)?

Access authorization is specified and enforced based on the identity of the user

What is the purpose of access control modes in Linux?

To specify the access permissions of subjects

What is the difference between 'read' and 'write' permissions in Linux?

'Read' allows observing the resource, while 'write' allows observing and altering the resource

What is a key characteristic of Discretionary Access Control (DAC)?

It is discretionary and can be changed by the owner

Which of the following operating systems uses Discretionary Access Control (DAC)?

Both Windows and Linux

What is the limitation of traditional file permissions in Linux?

Each file and directory can have only one user and group owner at a time

What is the primary purpose of Linux Access Control Lists (ACLs)?

To provide additional flexibility in access control

What is a default ACL in Linux?

An access control list that can only be associated with a directory

How many types of ACLs are there in Linux?

Two

What is the name of the subdirectory where the sales department users can add invoices?

invoices

What is the default password for the users sysadmin1, operator1, consultant1, and consultant2?

redhat

What is the name of the executable script created in the /shares/content directory?

hello.sh

Which group has full access to the /shares/content directory, but with an exception for one user?

consultants

What is the purpose of adding appropriate ACL entries to the /shares/content directory and its contents?

To ensure that future files and directories stored in /shares/content get appropriate ACL entries applied

What is the primary purpose of setting a default ACL on a directory?

To ensure files and directories created within the directory inherit certain ACLs

What type of ACL can be added or modified to add multiple entries with the same command?

Other ACL

What permission is included in the list entries to allow directory search permission when editing ACLs on directories?

Execute permission

What is the purpose of the Mask entry in an ACL?

To define the effective rights mask

What is the correct order of steps to create the specified directory structure and add appropriate ACL entries?

Create groups, create users, create directory structure, add ACL entries

What is the restriction placed on Kenny's access to files created by Fred in the reports subdirectory?

Kenny can only read files created by Fred