Test 3 – College Essay
Unlock all answers in this set
Unlock answersquestion
Today, the most common printing system used on Linux computers is the ______.
answer
Common Unix Printing System (CUPS)
question
A set of information that is sent to a printer at the same time is called a ______.
answer
print job
question
The ______ command is used to send a print job to a printer.
answer
lp (line print)
question
Accepting print jobs into a print queue is called ______.
answer
spooling or queuing
question
Sending print jobs from a print queue to a printer is called ______.
answer
printing
question
The ______ command is used to print filename to a specified printer. If the -d option is omitted, it prints to the default printer.
answer
lp -d printername filename
question
The ______ command accepts information from standard input. Thus, you can place this command at the end of the pipe to print information.
answer
lp
question
The ______ command is used to set the default printer and this information is stored in the /etc/cups/lpoptions file.
answer
lpoptions -d printername
question
The ______ command can list print jobs in the queue for a printer.
answer
lpstat
question
The ______ is the printing system used on older Linux systems.
answer
LPD (line printer daemon)
question
Most daemons record system information and error messages to files stored on the filesystem. These files are referred to as ______ files.
answer
log
question
Log files are typically stored in the ______ directory.
answer
/var/log
question
T/F. Do not remove log files because the permissions and ownership will be removed also.
answer
True
question
The ______ command backs up and clears the log files.
answer
logrotate
question
T/F. Users should be able to access resources they are allowed to access and not access resources they do not have permission to access. Network operating systems have user management utilities to accomplish this task.
answer
True
question
______ is used to verify a user's identity. It is usually done by comparing the username and password to a system database.
answer
Authentication
question
T/F. A good password is a mixture of letters, numbers, and symbols and has no logical meaning.The password should combine upper and lowercase letters since most passwords are case sensitive. Passwords should include numbers or punctuation and special characters to prevent dictionary attacks.
answer
True
question
T/F. Many people do not keep their passwords secret. People write down their passwords.
answer
True
question
T/F. The system administrator should force the users to change passwords for security.
answer
True
question
The ______ file contains the user account information.
answer
/etc/passwd
question
The ______ file contains the encrypted password and expiration information.
answer
/etc/shadow
question
The ______ command is used to add new user accounts.
answer
useradd
question
The ______ file contains parameters that set the default location for: e-mail, password expiration information, minimum password length and the range of UIDs and GIDs available for use. It also determines whether home directories will be automatically made during user creation as well as the password hash algorithm used to store passwords within /etc/shadow.
answer
/etc/login.defs
question
The ______ directory contains files that are copied to all new users' home directories when a home directory is created. It is usually /etc/skel directory and contains mostly environment files.
answer
skeleton
question
The ______ command sets a user's password. If no arguments are included, it sets the current user's password.
answer
passwd
question
T/F. All user accounts must have the password set before they can log in to the computer system.
answer
True
question
T/F. The root user can change any user's password.
answer
True
question
The ______ command modifies the user account information.
answer
usermod
question
The ______ command modifies the password expiration information.
answer
chage
question
______ an account makes an account temporarily unusable and alters the password information in the /etc/shadow file.
answer
Locking
question
The ______ command changes a valid shell to an invalid shell.
answer
chsh
question
The ______ command removes user accounts.
answer
userdel
question
T/F. When a user account is deleted, any files that were previously owned by the user become owned by a number that represents the UID of the deleted user. Any future user account that is given the same UID then becomes the owner of those files.
answer
True
question
T/F. Graphical utilities exist to create, modify, and delete user and group accounts.
answer
True
question
This statement creates a user named mona and assigns her a UID of 1007. This command overrides the default parameters in the /etc/login.defs and /etc/default/useradd files.
answer
useradd -u 1007 mona
question
1. The process of sending print jobs from the print queue to the printer is called? a. spooling b. queuing c. redirecting d. printing
answer
d. printing
question
2. You can clear a log file simply by redirecting nothing in to it. True or False?
answer
True
question
3. When a printer is disabled, ________. a. the print queue does not accept jobs and sends a message to the user noting that the printer is unavailable b. the print queue does accept jobs into the print queue and holds them there until the printer is enabled again c. the printer appears as off-line when a lp request is sent d. the print queue redirects all print jobs sent to it to /dev/null
answer
b. the print queue does accept jobs into the print queue and holds them there until the printer is enabled again
question
4. What is the name used to describe a user providing a user name and password to log in to a system? a. validation b. authorization c. login d. authentication
answer
b. authorization
question
5. Which command can you use to lock a user account? a. lock username b. secure username c. usermod -L username d. useradd -L username
answer
c. usermod -L username
question
6. Which command can be used to alter the primary group associated with a given user temporarily? a. usermod b. chggrp c. gpasswd d. newgrp
answer
d. newgrp
question
7. Which command can be used to send a print job to the default printer named Printer1? (Choose all that apply.) a. lp -d Printer1 file b. lp Printer1 file c. lp file d. lp -m Printer1 file
answer
a. lp -d Printer1 file c. lp file
question
8. What is the name of the file that contains a listing of all users on the system and their home directories? a. /etc/passwd b. /etc/users c. /etc/shadow d. /etc/password
answer
a. /etc/passwd
question
9. UIDs and GIDs are unique to the system and once used can never be reused. True or False?
answer
False
question
10. What is the name of the utility used to rotate log files? a. syslog b. jetpack c. logrotate d. logbackup
answer
c. logrotate
question
11. You can lock a user account by changing the default login shell to an invalid shell in /etc/passwd. True or False?
answer
True
question
12. When a printer is rejecting requests,____________. a. the print queue does not accept jobs and sends a message to the user noting that the printer is unavailable b. the print queue does accept jobs into the print queue and holds them there until the printer is accepting requests again c. the printer appears as off-line when a lp request is sent d. the print queue redirects all print jobs sent to it to /dev/null
answer
a. the print queue does not accept jobs and sends a message to the user noting that the printer is unavailable
question
13. When referring to the /etc/rsyslog.conf file, __________ specifies information from a certain area of the system, whereas ________ is the level of importance of that information. a. section, priority b. service, precedents c. process, degree d. facility, priority
answer
d. facility, priority
question
14. Most log files on the system are found in which directory? a. /etc/logfiles b. /etc/log c. /var/log d. /dev/log
answer
c. /var/log
question
15. Which file contains default information such as UID and GID ranges and minimum password length to be used at user creation? a. /etc/skel b. /etc/passwd c. /etc/login.defs d. /etc/default/useradd
answer
c. /etc/login.defs
question
16. What is the background process responsible for printing on Fedora Linux? a. lp b. cupsd c. lpd d. lpstat
answer
b. cupsd
question
17. Which command would you use to unlock a user account? a. unlock username b. open username c. usermod -U username d. useradd -U username
answer
c. usermod -U username
question
18. Along with a listing of user accounts, the /etc/passwd file also contains information on account expiry. True or False?
answer
False
question
19. You use lpstat and determine that a user named User1 has placed two large print jobs in the queue for Printer1 that have yet to start printing. They have print job IDs of Printer1-17 and Printer1-21, respectively. Which command would you use to remove these two jobs from the print queue? a. cancel Printer1-17 Printer1-21 b. cancel -u Printer1-17 Printer1-21 c. cancel -a Printer1-17 Printer1-21 d. cancel 17 21
answer
a. cancel Printer1-17 Printer1-21
question
20. Which command is used to delete a user account? a. usermod -d username b. del username c. userdel username d. rm username
answer
c. userdel username
question
______ is a process in which files are reduced in size by stripping out characters.
answer
Compression
question
A ______ is a standard set of instructions used to compress a file.
answer
compression algorithm
question
The ______ utility is one of the oldest compression utilities common to most UNIX and Linux systems. Its compression algorithm, which is called Adaptive Lempel-Ziv coding (LZW), has an average compression ratio of 40 to 50%. To compress a file using the compress utility, you can specify the files to compress as arguments to the ______ command. Each file is renamed with a .Z filename extension to indicate that it is compressed.
answer
compress,compress
question
After compression, the ______ command is used to display the contents of a compressed file created with the compress command.
answer
zcat
question
The ______ utility uses a Lempel-Ziv compression algorithm (LZ77) that varies slightly from the one used by the compress utility. Typically, this algorithm yields better compression than the one used by compress. The average compression ratio for gzip is 60 to 70%.
answer
GNU zip (gzip)
question
The gzip utility uses the ______ filename extension by default and can control the level of compression via a numeric option (based on time needed to compress the file).
answer
.gz
question
The ______ command is used to compress files using the Burrows-Wheeler Block Sorting Huffman Coding compression algorithm. It can't compress a directory full of files. The compression ratio is 50% to 75% on average.
answer
bzip2
question
The filename extension given to a compressed file using bzip2 is ______.
answer
bz2
question
The ______ is a process whereby files and directories are copied and stored at an alternative location.
answer
system backup
question
______ are the backup copies of files and directories.
answer
Archives
question
The ______ utility is one of the oldest and most widely used backup utilities. It can create an archive in a file on a filesystem or directly on a device. It accepts options to determine the location of the archive and the action to perform on the archive.
answer
tape archive (tar)
question
Filenames that end with the .tar.gz or .tgz extensions are commonly called _____ because they represent compressed tar archives.
answer
tarballs
question
The ______ utility is another common backup utility that uses options similar to the tar utility. It has some added features including long filenames and the ability to back up device files. It uses absolute pathnames by default when archiving.
answer
copy in/out (cpio)
question
The ______ utility can be used to back up files and directories to a device or to a file on the filesystem. It only works with files on ext2 and ext3 filesystems.
answer
dump/restore
question
A ______ backup archives all of the data on the filesystem.
answer
full
question
An ___incremental___ backup backs up only data that has changed since the last backup of any type.
answer
incremental
question
The ______ command extracts the archives created with dump.
answer
restore
question
______ must be compiled on the local architecture before it can be used.
answer
Source code
question
T/F. Because most source code comes in tarball format, you must uncompress and extract the files. This creates a subdirectory under the current directory containing the source code.
answer
True
question
The ___package manager___ provides a standard format for distributing programs as well as a central database to store information about software packages installed on the system. It is used to install, query and remove packages.
answer
package manager
question
1. Most source code is available on the Internet in tarball format. True or False?
answer
True
question
2. Which dump level indicates a full backup? a. 0 b. 9 c. 1 d. f
answer
a. 0
question
3. Which filename extension indicates a tarball? a. .tar.gz b. .cpio c. .dump d. .tar
answer
a. .tar.gz d. .tar
question
4. Files that have been compressed using the compress utility typically have the ______ extension. a. .tar.gz b. .gz c. .Z d. .bz2
answer
c. .Z
question
5. The bzip2 and gzip utilities use similar compression algorithms. True or False?
answer
False
question
6. When compiling source code into a binary program, which command does the compiling using the GNU C Compiler? a. tar b. ./configure c. make d. make install
answer
c. make
question
7. The -9 option to the gzip utility results in a higher compression ratio. True or False?
answer
True
question
8. You have created a full backup and four incremental backups. In which order must you restore these backups? a. 0, 1, 2, 3, 4 b. 0, 4, 3, 2, 1 c. 4, 3, 2, 1, 0 d. 1, 2, 3, 4, 0
answer
a. 0, 1, 2, 3, 4
question
12. When compiling source code into a binary program, which command copies compiled binary files to the correct location on the filesystem? a. tar b. ./configure c. make d. make install
answer
d. make install
question
13. To install a new program from RPM software repositories on the Internet, you can use the yum update programname command. True or False?
answer
False
question
14. Which file contains full and incremental backup information for use with the dump/restore utility? a. /etc/dumps b. /etc/dumpdates c. /etc/dumpfile d. /etc/dump.conf
answer
b. /etc/dumpdates
question
16. What is the most common method for obtaining Linux software? a. CD-ROM b. floppy disk c. Internet download d. e-mail
answer
c. Internet download
question
19. When compiling source code into a binary program, which command performs a system check and creates the Makefile? a. tar b. ./configure c. make d. make install
answer
a. tar
question
A ______ a device used to expand network capabilities, accepts a digital signal, cleans it, regenerates it and sends it down the line. It increases the length of the network by eliminating the effect of attenuation. It is suitable to bus topology networks only. It operates at the Physical layer of the OSI model without concern for type of data being transmitted, packet address or protocol used.
answer
Repeater
question
A ______ a device used to expand network capabilities, is a multiport repeater containing one port that connects to a network's backbone and multiple ports that connect to a group of workstations. It operates at the Physical layer of the OSI model. It typically supports a star topology on an Ethernet network.
answer
Hub
question
A ______, a device used to expand network capabilities, has a single input and single output port. It can interpret the data that it retransmits. It works at the Data Link layer of the OSI model. It analyzes incoming frames and makes decisions about how to direct them to their destinations.
answer
bridge
question
A ______ a device used to expand network capabilities, subdivides a network into smaller logical pieces. It can open and close electrical circuits, complete or break an electrical path, and select paths or circuits. It works at the Data Link layer of the OSI model. It can interpret MAC address information.
answer
switch
question
______ are a means by which a switch can logically group a number of ports into a broadcast domain.
answer
Virtual local area networks (VLANS)
question
Just like bridges, switches keep tables of the ______ addresses of all the devices connected to the switch. Switches use these forwarding tables to determine which path to use when sending packets on the network.
answer
MAC
question
T/F. However, unlike a bridge, a switch passes a packet only to its destination segment instead of to all segments other than the one from which the packet originated.
answer
True
question
T/F. As far as a host is concerned, it is not aware that a bridge or a switch exists in the network.
answer
True
question
A ___router___ a device used to expand network capabilities, is a multiport device that can connect dissimilar LANs and WANs running at different transmission speeds and using a variety of protocols. It can translate between different network architectures. It will repackage the data into different frames. It must be designed or configured to recognize a certain protocol before they can forward data transmitted using that protocol. It operates at the Network layer of the OSI model.
answer
router
question
The function of a ______ is to connect dissimilar networks. It interprets network layer information. It determines the best path for data to follow from point A to point B. It reroutes traffic if a primary path is down and another path is available.
answer
router
question
______ is a distance-vector routing protocol that factors in only the number of hops between nodes when determining a path from one point to another. It is limited to interpreting a maximum of 16 hops.
answer
RIP (Routing Information Protocol)
question
______ is a link-state routing protocol where the best path refers to the most efficient route from one node on a network to another. Routers can rapidly compute an alternate path if one of the initial links fails.
answer
OSPF (Open Shortest Path First)
question
______ are reference tables that include network information (IP addresses) and the next router in line for a particular path.
answer
Routing tables
question
State the two ways of populating routing tables.
answer
Static routing Dynamic routing
question
A ______ a device used to expand network capabilities, translates information between protocols or between completely different networks, such as from TCP/IP to SNA. They can change the actual format of the data and actually repackage information so that it can read by another system. It operates at the upper layers of the OSI model.
answer
gateway
question
______ is a gateway that translates e-mail messages from one type of system to another.
answer
E-mail gateway
question
______ is a gateway that establishes and manages communication between a PC and an IBM mainframe computer.
answer
IBM host gateway
question
______ is a gateway that allows and manages access between LANs and the Internet.
answer
Internet gateway
question
______ is a gateway that allows segments of a LAN running different protocols or different network models to communicate with each other.
answer
LAN gateway
question
The octet range of a Class A license is ______.
answer
0-126
question
The number of networks in a Class A license is ______.
answer
126
question
The number of host addresses per network in a Class A license is ______.
answer
16,777,214
question
The octet range of a Class B license is ______.
answer
128-191
question
The number of networks in a Class B license is ______.
answer
16,382
question
The number of host addresses per network in a Class B license is ______.
answer
65,534
question
The octet range of a Class C license is ______.
answer
192-223
question
The number of networks in a Class C license is ______.
answer
2,097,150
question
The number of host addresses per network in a Class C license is ______.
answer
254
question
The ______ command assigns a TCP/IP configuration to a NIC as well as views the configuration of all network interfaces in the computer.
answer
ifconfig
question
The ______ command unconfigures a network adapter and the ______ command configures a network adapter using the /etc/sysconfig/network-scripts/ifcfg-interface file.
answer
ifdown, ifup
question
The ______ command checks the TCP/IP connectivity on a network. The -c option limits the number of packets sent.
answer
ping (Packet Internet Groper)
question
The ______ command is used to view or set a computer's host name.
answer
hostname
question
The ______ command displays the route table.
answer
route
question
The ______ command is used to troubleshoot routing. It displays the routers between the current and the remote computers.
answer
traceroute
question
A ______ uniquely identifies each network service. They ensure that packets are delivered to each service.
answer
port number
question
T/F. Port numbers range from 0 to 65534. The well-known ports are the ports from 0 to 1023. They represent the commonly used services.
answer
True
question
The ______ command is traditionally used to obtain a command-line shell on a remote server. It receives a host name or IP address of the remote computer as an argument. It is the easiest way to perform remote administration.
answer
telnet
question
______ are a set of commands that can be used to execute commands on remote systems, obtains remote shells and copy files between systems.
answer
Remote commands (r commands)
question
The ______ command obtains a shell on a remote system.
answer
rlogin
question
T/F. Trusted access allows one computer to access another computer without providing a password. It typically does not apply to the root user.
answer
True
question
______ was designed to encrypt information passing between computers across a network. It offers a secure replacement for the r commands.
answer
Secure Shell (SSH)
question
______ encrypts blocks of data in three stages using a 168-bit key length.
answer
Triple Data Encryption Standard (3DES)
question
______ is an improvement on 3DES encryption and is available in 128-bit, 192-bit and 256-bit key lengths.
answer
Advanced Encryption Standard (AES)
question
______ is an encryption algorithm that is much faster than 3DES and can use keys up to 448 bits in length.
answer
Blowfish
question
______ is a general-purpose encryption similar to 3DES and is commonly available using a 128-bit key length.
answer
Carlisle Adams Stafford Tavares (CAST)
question
______ is a fast encryption algorithm that operates on streams of data instead of blocks of data and uses variable-length keys up to 2048 bits in length.
answer
ARCfour
question
T/F. Virtual Network Computing (VNC) is another graphical option for administering a Linux system remotely.
answer
True
question
T/F. After you install a VNC server daemon on a computer, other computers that run a VNC client can connect to the VNC server daemon across the network to obtain a desktop environment.
answer
True
question
The ______ command is used to configure a password for the VNC connection. Other computers can connect to the VNC server using the ______ command.
answer
vncpasswd, vncviewer
question
1. A subnet mask is used to differentiate the host portion from the network portion in a TCP/IP address. True or False?
answer
True
question
2. Which networking service allows you to share files to other computers on the network? a. NIS b. NFS c. POP3 d. BIND
answer
b. NFS
question
3. Standalone daemons are started on demand using the Internet Super Daemon (xinetd). True or False?
answer
True
question
6. Which two commands can be used to modify the route table on a Linux computer? (Choose two answers.) a. route b. ipconfig c. ip d. traceroute
answer
a. route c. ip
question
8. What are two means available to resolve a host name to the appropriate TCP/IP address? (Choose two answers.) a. DHCP b. DNS c. /etc/hosts d. /etc/resolve.conf
answer
b. DNS c. /etc/hosts
question
9. SSH encrypts all traffic that passes across the network, whereas telnet and rlogin do not. True or False?
answer
True
question
10. What devices are used to transfer information from one network to another? a. routers b. LANs c. DNS servers d. DHCP servers
answer
a. routers
question
11. Which of the following are graphical remote administration technologies? (Choose all that apply.) a. telnet b. X Windows c. rlogin d. VNC
answer
b. X Windows d. VNC
question
12. The daemons associated with network services listen for network traffic associated with a particular _____. a. station b. port c. TCP/IP address d. allocation number
answer
b. port
question
13. The TCP/IP address of 127.0.0.1 is also referred to as the _____. a. local address b. lookup address c. local host d. loopback address
answer
d. loopback address
question
15. Which command would be used to activate the NIC aliased as eth0? a. ifup b. ifup eth0 c. ipup eth0 d. ifdown eth0
answer
b. ifup eth0
question
16. Which of the following port numbers is associated with telnet? a. 20 b. 137 c. 49 d. 23
answer
d. 23
question
19. Which of the following are stand-alone daemons? (Choose all that apply.) a. Apache (httpd) b. Washington University FTP (in.ftpd) c. telnet (in.telnetd) d. DNS (named)
answer
a. Apache (httpd) d. DNS (named)
question
20. Which of the following utilities can be used to check TCP/IP configuration and test network connectivity? (Choose all that apply.) a. ifconfig b. ipconfig c. ping d. netstat -i
answer
a. ifconfig c. ping d. netstat -i
question
The ______ is used by an OS to obtain time information from the BIOS system clock or from network servers.
answer
Network Time Protocol (NTP)
question
T/F. NTP uses the UDP port 123.
answer
True
question
______ coordinates common configuration files across several computers.
answer
Network Information Service (NIS)
question
______ is the most common Web server used today. It originally started out as a http daemon.
answer
Apache
question
The ______ command is used at the BASH shell to obtain a Web page.
answer
curl
question
The ______ command can be used to test NetBIOS name resolution in Linux.
answer
nmblookup
question
The ______ allows UNIX, Linux and Macintosh OS X computers to share files transparently.
answer
Network File System (NFS)
question
______ is the protocol most commonly used to transfer files on public networks.
answer
FTP
question
T/F. E-mail servers typically accept e-mail and route it over the Internet using Simple Mail Transfer Protocol (SMTP) or Enhanced Simple Mail Transfer Protocol (ESMTP) on TCP port 25.
answer
True
question
T/F. Additionally, client computers can retrieve e-mail from e-mail servers using a variety of protocols, such as Post Office Protocol (POP) or Internet Message Access Protocol (IMAP). Client computers can also send e-mail to e-mail servers using SMTP/ESMTP for later relay on the Internet.
answer
True
question
______ is one of the oldest and most complex e-mail daemons.
answer
Sendmail
question
1. NFS can be used to share files natively with computers running the Microsoft Windows operating system. True or False?
answer
False
question
4. NIS clients use NIS records to access their configuration information. True or False?
answer
False
question
14. Stratum 1 NTP servers do not obtain time information from other NTP servers. True or False?
answer
True
question
17. Postfix is an email server daemon that is easier to configure compared to the Sendmail email daemon. True or False?
answer
True
question
______ a Linux system involves examining log files and running performance utilities periodically to identify problems and their causes. It is the activity on which Linux administrators spend the most time.
answer
Monitoring
question
______ maintenance involves taking the necessary steps to minimize the chance of future problems or their impact. Performing regular system backups and identifying potential problem areas are examples of this type of maintenance. All maintenance tasks should be documented for future reference.
answer
Proactive
question
______ maintenance involves correcting problems when they arise during monitoring. When a problem is solved, it needs to be documented and the system adjusted to reduce the likelihood that the same problem will occur in the future.
answer
Reactive
question
The ______ command displays the hardware that is detected by the Linux kernel.
answer
dmesg
question
Most system log files are stored in the ______ directory or subdirectories named for the application.
answer
/var/log
question
______ occurs when failing hardware components send large amounts of information to the CPU when it is not in use.
answer
Jabbering
question
To make it easier to identify performance problems, you should run performance utilities on a healthy Linux system on a regular basis during normal business hours and record the results in a system log book. The average results of these performance utilities are known as ______ because they represent normal system activity.
answer
baseline values
question
The ______ utility is used to display CPU statistics and is used to monitor CPU performance.
answer
multiple processor statistics (mpstat)
question
The ______ command measures the flow of information to and from disk devices.
answer
input/output statistics (iostat)
question
By default, the ______ commands are usually scheduled by the cron daemon to run every 10 minutes in Fedora Linux and it displays various system statistics. All performance information is logged into a file in the /var/log/sa directory called sa#, where # represents the day of the month. One month of records is kept at any one time.
answer
system activity reporter (sar)
question
The ______ command displays CPU statistics, memory usage, swap usage and average CPU load.
answer
top
question
The ______ command indicates still more information concerning processes, memory, swap statistics and CPU usage.
answer
vmstat
question
The ______ command prevents the background processes from being killed when parent shell is killed or exited.
answer
nohup
question
The ______ command is used to switch between the root user and a regular user.
answer
su (switch user)
question
The ______ command performs commands as another user if you have the rights to do that listed in /etc/sudoers file.
answer
sudo
question
The ______ command scans the ports on network computers.
answer
nmap (network mapper)
question
A ______ is a program (/usr/sbin/tcpd) that can start a network daemon. It provides extra security.
answer
TCP wrapper
question
______ uses a pair of keys that are uniquely generated on each system: a public key and a private key.
answer
Asymmetric encryption
question
T/F. If you encrypt the data with the private key, you must decrypt with the matching public key or vice versa.
answer
True
question
T/F. The public key is freely distributed to another host and the private key is used only by the system and is never distributed.
answer
True
question
T/F. Private keys can also be used to authenticate a message.
answer
True
question
A ______ is a message that has been encrypted using a private key.
answer
digital signature
question
GPG authentication uses a ______ that involves users digitally signing other users' public keys with their private keys.
answer
trust model
question
______ files contain information or irregularities that can indicate if an intrusion has taken place.
answer
Log
question
Network applications that authenticate users typically do so via ______. It logs information to the /var/log/secure file and this file should be checked for PAM errors and alerts.
answer
Pluggable Authentication Modules (PAM)
question
1. On which part of the maintenance cycle do Linux administrators spend the most time? a) monitoring b) proactive maintenance c) reactive maintenance d) documentation
answer
a) monitoring
question
2. Which of the following files is likely to be found in the /var/log/sa directory over time? a) 15 b) sa39 c) sa19 d) 00
answer
c) sa19
question
3. The lspci command can be used to isolate problems with X Windows. True or False?
answer
False
question
4. Which of the following commands can be used to display memory statistics? (Choose all that apply.) a) free b) sar c) vmstat d) iostat
answer
a) free b) sar c) vmstat
question
5. Which command indicates the shared libraries required by a certain executable program? a) ldconfig b) ldd c) rpm -V d) slconfig
answer
b) ldd
question
7. What type of netfilter/iptables chain targets traffic that is destined for the local computer? a) INPUT b) ROUTE c) FORWARD d) OUTPUT
answer
a) INPUT
question
8. Which of the following steps is not a common troubleshooting procedure? a) Test the solution. b) Isolate the problem. c) Delegate responsibility. d) Collect information.
answer
c) Delegate responsibility.
question
9. Which of the following Linux Intrusion Detection Systems can be used to detect port scans? (Choose all that apply.) a) ICU b) PortSentry c) tripwire d) Snort
answer
b) PortSentry d) Snort
question
10. Which file contains information regarding the users, computers, and commands used by the sudo command? a) /etc/sudo b) /etc/su.cfg c) /etc/sudo.cfg d) /etc/sudoers
answer
d) /etc/sudoers
question
11. Which command can increase the number of filehandles that programs can open in a shell? a) ldd b) ulimit c) lba32 d) top
answer
b) ulimit
question
12. The private key is used when creating a digital signature. True or False?
answer
True
question
13. Which of the following actions should you first take to secure your Linux computer against network attacks? a) Change permissions on key system files. b) Ensure that only necessary services are running. c) Run a checksum for each file used by network services. d) Configure entries in the /etc/sudoers file.
answer
b) Ensure that only necessary services are running.
question
14. What will the command sar -W 3 50 do? a) Take 3 swap statistics every 50 seconds. b) Take 50 swap statistics every 3 seconds. c) Take 3 CPU statistics every 50 seconds. d) Take 50 CPU statistics every 3 seconds.
answer
b) Take 50 swap statistics every 3 seconds.
question
15. Which of the following commands can be used to scan the available ports on computers within your organization? a) traceroute b) tracert c) nmap d) sudo
answer
d) sudo
question
16. Which of the following are common assistive technologies? (Choose all that apply.) a) Mouse keys b) Orca c) Sticky keys d) On-screen keyboard
answer
a) Mouse keys c) Sticky keys d) On-screen keyboard
question
17. Which of the following Linux Intrusion Detection Systems can be used to detect altered files and directories? (Choose all that apply.) a) AIDE b) SWATCH c) tripwire d) Snort
answer
a) AIDE c) tripwire
question
18. When the fsck command cannot repair a nonroot filesystem, you should immediately restore all data from tape backup. True or False?
answer
False
question
19. When performing a sar -u command, you notice that %idle is consistently 10%. Is this good or bad? a) good, because the processor should be idle more than 5% of the time b) good, because the processor is idle 90% of the time c) bad, because the processor is idle 10% of the time and perhaps a faster CPU is required d) bad, because the processor is idle 10% of the time and perhaps a new hard disk is required
answer
c) bad, because the processor is idle 10% of the time and perhaps a faster CPU is required
question
20. What are best practices for securing a local Linux server? (Choose all that apply.) a) Lock the server in a server closet. b) Ensure that you are logged in as the root user to the server at all times. c) Set a BIOS password on the server. d) Set the default run level to 1 (Single User Mode).
answer
a) Lock the server in a server closet. c) Set a BIOS password on the server.
question
______ uses an invalid return address so the synchronization feature of TCP cannot be completed, thereby disabling the system.
answer
SYN flooding
question
A ______ attack sends a series of fragmented packets containing false assembly instructions. As a result, the device is unable to reassemble the packet. The receiving computer continues to allocate resources to handle the invalid packets until the system resources are exhausted.
answer
teardrop
question
______ is a type of DoS attack in which a host is flooded with ping requests to the point that the server cannot function. It is also known as ICMP flooding.
answer
Ping flooding
question
______ attack occurs when a cracker uses the ping protocol to send a packet that is larger than the standard 64 bytes.
answer
Ping of Death
question
______ is a type of DoS attack in which an SMTP host is sent a large number of huge e-mails, thus overloading the system.
answer
Mail flooding
question
______ a form of mail flooding, is unsolicited e-mail messages that are usually trying to sell a product and are sent in bulk.
answer
Spam
question
______ a form of data theft, is a method used to steal data directly from a computer. It is accomplished by installing software that records and transmits every character a user types on a keyboard. It is often unknowingly installed by a user from the Internet.
answer
Key-stroke logging
question
______ a form of data theft, occurs when an individual pretending to be a legitimate business sends fraudulent e-mail messages in hopes of enticing users to reveal sensitive information, such as bank account information, Social Security numbers or credit card numbers.
answer
Phishing
question
______ is a process of ensuring that a person or computer is who or what it says it is before being allowed access to a secured network or secured data.
answer
Authentication
question
T/F. User IDs and passwords are the most common method of authentication. Passwords on the PC can be setup passwords, operating system passwords, and passwords on files, folders and applications.
answer
True
question
T/F. A user ID is a code used to indicate who the user is and only that user knows the password. Each ID can be assigned certain rights and permissions that apply to only that ID.
answer
True
question
______ can hold data about the card holder and then be used to provide access to a single computer or network. The main disadvantage is that a reader device must be installed on each computer or network device where the user must gain access.
answer
Smart cards
question
______ are digital signatures that verify the sender's identity. They are issued only by certification authorities (e.g., VeriSign). They are sometimes used to help create a virtual private network (VPN).
answer
Digital Certificates
question
T/F. Digital certificates can be read by a computer only, thus they cannot be read by humans.
answer
True
question
______ is a process of coding data to prevent unauthorized parties from being able to change or view it. The most secure method uses three keys.
answer
Encryption
question
______ is the unreadable data in data encryption.
answer
Ciphertext
question
______ encryption uses one key (session key or secret key) for both encryption and decryption.
answer
Symmetric
question
______ or public key encryption requires two keys (a public key for encryption and a private key for decryption). The public key is available to anyone. The private key is kept on the user's computer and should be secure. It is the only key that can decrypt the message.
answer
Asymmetric
question
______ protocols make sure that transactions over the Internet are secure. The two most popular protocols are secure sockets layer (SSL) and secure electronic transaction (SET).
answer
Electronic Transaction
question
______ offers a secure medium for credit card transactions using digital signatures. It protects information in the transaction from being stolen or altered. It provides a mechanism for credit card numbers to be transferred directly to the credit issuer for verification and billing without the merchant being able to see the credit card number.
answer
Secure electronic transaction (SET)
question
______ use a public network (usually the Internet) to provide a secure connection between two private networks.
answer
Virtual Private Networks (VPNs)
question
______ is a process by which a packet is encapsulated in a secure protocol before it is sent over a public network. It allows two ends of the VPN to communicate with each other.
answer
Tunneling
question
______ is a Data Link layer tunneling protocol that connects two computers through the Internet. It was developed by Cisco.
answer
Layer 2 Forwarding (L2F)
question
______ is the most common Data Link layer tunneling protocol that secures private packets over any public network. It remains with the packet until it reaches its destination at the gateway to the private network.
answer
Point-to-Point Tunneling Protocol (PPTP)
question
______ is a Data Link layer tunneling protocol that combines PPTP and L2F to allow ISPs to operate virtual private networks.
answer
Layer 2 Tunneling Protocol (L2TP)
question
______ is a standard platform for creating secure networks and electronic tunnels. It verifies and encrypts each packet of data at the Network layer to ensure maximum protection. It uses three keys: a public key, a private key and a session key. It was developed by Internet Engineering Task Force.
answer
Internet Protocol Security (IPsec)
question
The ______ an Application layer tunneling protocol, works with IPsec.
answer
Internet Key Exchange (IKE)
question
______ records individual events to show trends and keeps track of certain counters for system objects. It should be run when everything works well to establish a baseline for comparison.
answer
Performance monitor
question
A ______ defines a point of reference for measuring network performance when problems begin to occur on the network.
answer
baseline
question
T/F. The system administrator should create a baseline over a time period when no problems are evident on the network and repeat baseline periodically, especially after significant changes to the network.
answer
True
question
A ______ is a software program that can be installed on one computer on the network to analyze data on the network.
answer
network monitor
question
A ______ sometimes called a protocol analyzer, is a portable device that can be hand-carried to a network location and set up to monitor and diagnose problems with a network.
answer
network analyzer
question
T/F. Do not keep more data than you can analyze.
answer
True
question
T/F. Stay calm and use a clear head to assess network problems. "The sun is warm. The grass is green."
answer
True