Linux Access Control and Permissions Quiz

Questions and Answers

Which of the following is a way to limit access to sensitive applications?

Running applications in sandboxes (correct)

Filtering access based on IP addresses

Changing Media Access Control addresses

Issuing command line ucf.conf

What does the character '-' generally represent in Linux file permissions?

Read permission for the group

A directory

Read and write permissions for the user

A regular file (correct)

What does the second segment in Linux file permissions represent?

Execute permission for the group

Read and write permissions for the user (correct)

Read permission for the group

Execute permission for the user

What does the third segment in Linux file permissions represent?

Read permission for the group

What does the last segment in Linux file permissions represent?

Read permission for others

What identifiers can be used for network ACLs to filter access?

IP addresses, MAC addresses, and ports

What is a Media Access Control (MAC) address?

A unique identifier for a network interface

Why is changing a network interface's Media Access Control (MAC) address not a good choice for a unique identifier of a device on the network?

Software settings in most operating systems can override it

What is one disadvantage of using Media Access Control (MAC) address filtering as a form of network-oriented ACLs?

Software settings can override it

What is the purpose of running sensitive applications in sandboxes?

To create isolated environments

Which protocol uses port 143 for managing email?

IMAP

How many ports are there in total?

65,535

Which service uses ports 20 and 21 to transfer files?

FTP

What is CSRF?

A type of browser attack

Which port is used by Secure Shell (SSH) to manage remote connections to systems?

22

What type of attacks are client-side attacks?

Attacks targeting the user's computer

What is the purpose of filtering traffic by network port?

To identify the application to which traffic should be routed

What type of code might be sent through the web browser and executed on the local machine?

JavaScript code

What is the purpose of embedding a link in a web page or HTML based email in a CSRF attack?

To execute additional commands on the target's browser

What is the main reason software vendors have begun building defensive measures into their software?

To prevent client-side attacks

Study Notes

Access Limitation and File Permissions

• Access to sensitive applications can be limited through various methods including user authentication, network security protocols, and application sandboxes.
• In Linux file permissions, the character '-' represents a regular file, while other characters indicate different permission types or directory status.
• The second segment in Linux file permissions indicates the group permissions, dictating what users assigned to that group can do with the file.
• The third segment represents the others' permissions, specifying access levels for all users not in the file's owner or group.
• The last segment of Linux file permissions denotes special permissions, such as setuid, setgid, and sticky bit.

Network Security and MAC Addresses

• Network Access Control Lists (ACLs) can filter access using identifiers such as IP addresses, user roles, or specific applications.
• A Media Access Control (MAC) address uniquely identifies a device on a network, distinct from IP addresses which can change.
• Changing a device's MAC address is not a reliable unique identifier because it can be easily spoofed, leading to security vulnerabilities.
• One disadvantage of using MAC address filtering as a network-oriented ACL is its susceptibility to spoofing, where attackers can impersonate authorized devices.

Applications and Protocols

• Running sensitive applications in sandboxes isolates them from the rest of the system, reducing the risk of exploitation and data leaks.
• The Internet Message Access Protocol (IMAP), which manages emails, operates on port 143, allowing users to access their email accounts.
• The total number of ports available for network communication is 65,536.
• File Transfer Protocol (FTP) utilizes ports 20 and 21 for transferring files between systems.

Security Vulnerabilities and Attacks

• Cross-Site Request Forgery (CSRF) is a type of attack that tricks a user into executing unwanted actions on a different site where they are authenticated.
• Secure Shell (SSH) manages remote connections to systems on port 22, providing a secure channel over an unsecured network.
• Client-side attacks compromise the user's browser or machine, exploiting weaknesses in client applications, such as web browsers.
• Traffic filtering by network port helps to manage and control the types of data that can enter or leave a network, enhancing security.

Code Execution and Email Security

• Malicious code such as JavaScript or other scripts can be sent through web browsers and executed locally, posing security risks.
• In a CSRF attack, embedding a link in a web page or HTML-based email deceptively directs a user to perform actions on a target website without their consent.
• Software vendors increasingly build defensive measures into their software to protect against vulnerabilities and prevent exploitation by malicious entities.

Description

Test your knowledge on access control and permissions in Linux-based operating systems. Learn about sandboxes, file types, and command line usage for managing user files.