Linux Access Control and Permissions Quiz

Choose a study mode

Play Quiz

Study Flashcards

Spaced Repetition

Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following is a way to limit access to sensitive applications?

Running applications in sandboxes (correct)
Filtering access based on IP addresses
Changing Media Access Control addresses
Issuing command line ucf.conf

What does the character '-' generally represent in Linux file permissions?

Read permission for the group
A directory
Read and write permissions for the user
A regular file (correct)

What does the second segment in Linux file permissions represent?

Execute permission for the group
Read and write permissions for the user (correct)
Read permission for the group
Execute permission for the user

What does the third segment in Linux file permissions represent?

Read permission for the group (C) Signup and view all the answers

What does the last segment in Linux file permissions represent?

Read permission for others (D) Signup and view all the answers

What identifiers can be used for network ACLs to filter access?

IP addresses, MAC addresses, and ports (C) Signup and view all the answers

What is a Media Access Control (MAC) address?

A unique identifier for a network interface (C) Signup and view all the answers

Why is changing a network interface's Media Access Control (MAC) address not a good choice for a unique identifier of a device on the network?

Software settings in most operating systems can override it (D) Signup and view all the answers

What is one disadvantage of using Media Access Control (MAC) address filtering as a form of network-oriented ACLs?

Software settings can override it (C) Signup and view all the answers

What is the purpose of running sensitive applications in sandboxes?

To create isolated environments (A) Signup and view all the answers

Which protocol uses port 143 for managing email?

IMAP (C) Signup and view all the answers

How many ports are there in total?

65,535 (D) Signup and view all the answers

Which service uses ports 20 and 21 to transfer files?

FTP (D) Signup and view all the answers

What is CSRF?

A type of browser attack (B) Signup and view all the answers

Which port is used by Secure Shell (SSH) to manage remote connections to systems?

22 (C) Signup and view all the answers

What type of attacks are client-side attacks?

Attacks targeting the user's computer (D) Signup and view all the answers

What is the purpose of filtering traffic by network port?

To identify the application to which traffic should be routed (B) Signup and view all the answers

What type of code might be sent through the web browser and executed on the local machine?

JavaScript code (D) Signup and view all the answers

What is the purpose of embedding a link in a web page or HTML based email in a CSRF attack?

To execute additional commands on the target's browser (A) Signup and view all the answers

What is the main reason software vendors have begun building defensive measures into their software?

To prevent client-side attacks (D) Signup and view all the answers

Flashcards are hidden until you start studying

Study Notes

Access Limitation and File Permissions

Access to sensitive applications can be limited through various methods including user authentication, network security protocols, and application sandboxes.
In Linux file permissions, the character '-' represents a regular file, while other characters indicate different permission types or directory status.
The second segment in Linux file permissions indicates the group permissions, dictating what users assigned to that group can do with the file.
The third segment represents the others' permissions, specifying access levels for all users not in the file's owner or group.
The last segment of Linux file permissions denotes special permissions, such as setuid, setgid, and sticky bit.

Network Security and MAC Addresses

Network Access Control Lists (ACLs) can filter access using identifiers such as IP addresses, user roles, or specific applications.
A Media Access Control (MAC) address uniquely identifies a device on a network, distinct from IP addresses which can change.
Changing a device's MAC address is not a reliable unique identifier because it can be easily spoofed, leading to security vulnerabilities.
One disadvantage of using MAC address filtering as a network-oriented ACL is its susceptibility to spoofing, where attackers can impersonate authorized devices.

Applications and Protocols

Running sensitive applications in sandboxes isolates them from the rest of the system, reducing the risk of exploitation and data leaks.
The Internet Message Access Protocol (IMAP), which manages emails, operates on port 143, allowing users to access their email accounts.
The total number of ports available for network communication is 65,536.
File Transfer Protocol (FTP) utilizes ports 20 and 21 for transferring files between systems.

Security Vulnerabilities and Attacks

Cross-Site Request Forgery (CSRF) is a type of attack that tricks a user into executing unwanted actions on a different site where they are authenticated.
Secure Shell (SSH) manages remote connections to systems on port 22, providing a secure channel over an unsecured network.
Client-side attacks compromise the user's browser or machine, exploiting weaknesses in client applications, such as web browsers.
Traffic filtering by network port helps to manage and control the types of data that can enter or leave a network, enhancing security.

Code Execution and Email Security

Malicious code such as JavaScript or other scripts can be sent through web browsers and executed locally, posing security risks.
In a CSRF attack, embedding a link in a web page or HTML-based email deceptively directs a user to perform actions on a target website without their consent.
Software vendors increasingly build defensive measures into their software to protect against vulnerabilities and prevent exploitation by malicious entities.