24 Questions
Which of the following commands is used to view the access control list of a file?
getfacl
SELinux establishes a Mandatory Access Control (MAC) model.
True
What type of attack involves intercepting communications between two parties to steal information?
man-in-the-middle attack
The openvpn command option to ensure that ephemeral keys are not written to the swap space is __________________.
--mlock
Match the following scan techniques with nmap:
A. = Xmas Scan B. = Zero Scan C. = FIN Scan D. = IP Scan E. = UDP SYN Scan
Which of the following is NOT a namespace for Linux Extended File Attributes?
default
TCP traffic from 10.142.232.1 destined for port 20 or 21 is accepted.
True
What is the command to add a new user usera to FreeIPA?
ipa user-add usera --first User --last A
What is the purpose of ICMP echo requests in a network monitoring tool?
To monitor remote hosts for availability
Asymmetric keys are used for both encryption and decryption with the same key.
False
What is an example of a behavioral-based HID technique?
Anomaly-based detection
The command to revoke ACL-based write access for groups and named users on a file is setfacl _______________________
.
~m group: * : rx, user:*: rx
Which command is used to set an extended attribute on a file in Linux?
setfattr
The option "httpd-ssl.conf" in an Apache HTTPD configuration file enables OCSP stapling.
False
Match the following database names with their corresponding uses in a Name Service Switch (NSS) configuration file:
A) host = Host database B) shadow = Shadow password database C) service = Service database D) passwd = Password database
An asymmetric key is a key used for _______________________ and decryption that is generated in a pair.
both encryption
Which of the following DNS records is used to map an IP address to a hostname?
PTR
A Certificate Revocation List (CRL) is a list of X.509 certificates that have been issued by a particular CA.
False
What is the purpose of AIDE?
to detect intrusions and system changes
Phishing is a type of _______________________ attack.
social engineering
Match the following terms with their definitions:
Host Intrusion Detection (HID) = A system that monitors and detects potential security threats on a single computer or server Social Engineering = A type of attack that manipulates users into revealing sensitive information
What is the purpose of a DNSKEY record in DNSSEC?
To sign a DNS zone
A Certificate Revocation List (CRL) is a list of public keys that have been compromised.
False
What is the term for detecting and responding to cyber threats in real-time?
intrusion detection
Study Notes
Network Monitoring
- It monitors remote hosts by periodically sending echo requests to them.
Asymmetric Keys
- An asymmetric key is a key used for both encryption and decryption that is generated in a pair.
HID Techniques
- Anomaly-based detection is a behavioral-based HID technique.
File Permissions
- The command
setfacl
is used to set access control lists (ACLs) on files. - The command
setfattr
is used to set extended attributes on files. - The command
getfacl
is used to view the access control list of a file.
DNS
- The PTR record is used to map an IP address to a hostname.
- The DNSKEY record is used to sign a DNS zone in DNSSEC.
Security
- Phishing is a type of social engineering attack.
- Social engineering is a type of attack that aims to deceive individuals into divulging sensitive information.
Access Control
- Mandatory Access Control (MAC) is an access control model established by using SELinux.
VPNs
- The
--mlock
option of theopenvpn
command is used to ensure that ephemeral keys are not written to the swap space.
Linux File Attributes
- Linux Extended File Attributes are organized in namespaces, including
system
,trusted
, anduser
.
Nmap Scan Techniques
- Existing scan techniques with nmap include Xmas Scan and FIN Scan.
User Management
- The
ipa user-add
command is used to add a new user to FreeIPA.
Security Threats
- A man-in-the-middle attack is an attack that intercepts communications between two parties to steal information.
- A Certificate Revocation List (CRL) is a list of X.509 certificates that have been revoked by a particular CA.
- Host intrusion detection (HID) is a system that monitors and detects potential security threats on a single computer or server.
- AIDE is used to detect intrusions and system changes.
Identify the correct description of a network monitoring tool and understand the concept of asymmetric key in cryptography.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free