Operating System Security. 0Handouts: Quizzes ProsoftTraining All Rights Reserved. Version 3.07

Transcription

1 0Handouts:

2 Lesson 1 Quiz 1. What is the working definition of authentication? a. The ability for a person or system to prove identity. b. Protection of data on a system or host from unauthorized access. c. The file or directory permissions granted to users. d. Protection of data against active threats such as hijacking. 2. According to the Trusted Computer Systems Evaluation Criteria (TCSEC), what is the highest level of computer security? a. C1, discretionary security protection. b. B2, structured protection. c. B3, security domains. d. A1, verified design. 3. What are the Common Criteria? a. A set of criteria used in the United States for establishing computer security. b. A European security document that outlines security threats and controls. c. An International Organization for Standards document that defines security. d. A standard that unifies various regional, national and international security criteria. 4. Name two requirements for a high security level: a. Virus software is used and auditing is enabled. b. The computer is secured against theft and file permissions are used. c. The operating system is stripped to its minimum functions and other strict protections are used. d. Countermeasures and protections are enabled in the operating system and account policies are implemented. 5. What specific security mechanisms can help ensure that the authenticated sender or receiver is allowed to perform a task or procedure? a. Traffic padding. b. Authentication. c. Access control. d. Digital signatures.

3 6. Name two wide security mechanisms: a. Trusted functionality and security labels. b. Audit trails and data integrity. c. Security recovery and encipherment. d. Authentication and access control. 7. What are the three areas of security management? a. Security service management, security labels and traffic padding mechanisms. b. System security management, security service management and security mechanism management. c. Security mechanism management, audit trails and data integrity mechanisms. d. Trusted functionality, system security management and security mechanism management. 8. You are using Telnet to log on to a system. You fail to authenticate, then see a message informing you that Telnet access is forbidden. Which of the files below has been configured to perform this restriction? a. /etc/nologin. b. /etc/pam.d/telnet. c. /etc/security/telnet. d. /etc/security/access.conf.

4 Lesson 2 Quiz 1. What type of password offers the best security on a Windows 2000 or Linux system? a. A numeric password. b. An alphanumeric password. c. A strong password. d. An alphabetical password. 2. On a secure Linux system, who owns the /etc/passwd file? a. The system administrator. b. Root. c. A privileged user. d. A superuser. 3. What should you do regularly to help secure your user accounts database? a. Set accounts to become disabled after two weeks. b. Disable all accounts that remain inactive for two weeks. c. Regularly scan the accounts database and disable old user accounts. d. Regularly scan the accounts database and delete old user accounts. 4. In Linux, what is the purpose of the GID field in the password file? a. It contains a reference to the user s login name, number and login shell. b. It contains the user s unique identification number and home directory. c. It contains the default program shell interface. d. It contains the user s group identification number. 5. On Linux systems, how is password aging managed? a. With the passwd command. b. With the chage command. c. With the chmod command. d. With the.profile file. 6. On Linux systems, how are root logins restricted? a. With the.profile file. b. With the /etc/default/login file. c. With the /etc/default/useradd file. d. With the /etc/securetty file.

5 7. On Linux systems, what file do you configure to modify sylogd behavior? a. /etc/syslog.conf. b. /etc/syslogd.conf. c. /etc/log.conf. d. /etc/logd.conf.

6 Lesson 3 Quiz 1. What must be implemented in Windows 2000 to establish local file permissions? a. The File Allocation Table (FAT). b. The Windows NT file system (NTFS). c. The owner identifier (UID). d. The group identifier (GID). 2. What does write (w) permission allow the user to do at the file level in Windows 2000? a. Change a file s permissions, delete a file and display file data and attributes. b. Display owner and permissions, change file attributes, create data in and append data to a file. c. Display file data, attributes, owner and permissions; and delete a file. d. Change a file s permissions, run a file if it is executable, and take ownership of a file. 3. What does read (R) permission allow the user to do at the file level in Windows 2000? a. Change a file s permissions, delete a file and display file data and attributes. b. Display file data, attributes, owner and permissions, and take ownership of a file. c. Display file attributes, owner and permissions. Run a file if it is executable. d. Display file data, attributes, owner and permissions. 4. What is the purpose of the standard sets of permissions in Windows 2000? a. To allow the everyone group to assign all permissions. b. To simplify permissions management. c. To lock out all non-system-privileged users. d. To assign read or higher permission to all users. 5. Why is drive partitioning important for Windows 2000 security? a. It ensures that failure in one partition will not crash the entire system. b. Because it allows easy copying and moving of files by the administrator. c. Because it assigns permissions to everyone in all local and global groups. d. Because it gives access to the logon directory to the everyone group.

7 6. What happens when a file is copied to a new directory in the same partition of a Windows 2000 system? a. The new file inherits the target directory s permissions. b. The original file permissions are retained. c. The directory allocation table is updated. d. The original file is deleted after the copy is completed. 7. You want to make a file available to all users. You place it in the public FTP directory, but users still cannot read the file, which is located in the same directory with several other files that users can read. What is the most likely cause of the problem? a. The file has SGID permissions. b. The file is not owned by the FTP server. c. The file is marked with the executable permission. d. The file does not have the read bit set. 8. What would the following chmod command accomplish if issued by a person who belonged to the users group? chmod 2007 filename.txt a. It would make the file named filename.txt completely inaccessible to all but the users group. b. It would give the owner full permissions to the file, but forbid access to the Other and Group members. c. It would make the have the sticky bit, and would be a secret file for use only in an inode. d. It would make the file accessible by all users and would have the SETGID bit set.

8 Lesson 4 Quiz 1. In what kind of attack does a host pretend to be another entity on the host or network? a. A Trojan horse. b. A denial-of-service attack. c. A spoofing or masquerade attack. d. An insider attack. 2. In what kind of attack are certain commands left accessible so that unauthorized access can occur? a. A spoofing or masquerade attack. b. A trapdoor attack. c. A replay attack. d. A denial-of-service attack. 3. Which of the protocols listed below allow unencrypted authentication and data transfer? a. nfs, nis+ and telnet. b. rsh, telnet, and ssh. c. nfs, nis, and telnet. d. SMB, rsh and telnet. 4. What protocol attempts to add strong authentication to requests for NFS processes? a. TCP/IP. b. HTTP/S. c. S/MIME. d. Secure RPC. 5. You have just logged on to a Linux operating system using the Bourne shell (i.e., the bash shell). What command would you use to check the path for this account? a. echo PATH. b. echo $PATH. c. SET PATH. d. SET=PATH

9 Lesson 5 Quiz 1. Where are the configuration settings and controls for Windows 2000 located? a. In the server service. b. In the encryption subsystem. c. In the pam subsystem. d. In the registry. 2. What Linux file allows you to limit processor usage by a particular user or daemon? a. /etc/limits.conf. b. /etc/security/processor.conf. c. /etc/security/limits.conf. d. /etc/processor.conf. 3. What is contained in the SAM subtree of the HKLM subtree in Windows 2000? a. Application configuration information which is independent of the current user. b. Actual user accounts and passwords. c. All security information for the local computer. d. Configuration information for services and devices in the computer. 4. In Windows 2000, what specific control permission allows a user or group to gain access to the security information on a selected key? a. Create Subkey. b. Write Owner. c. Read Control. d. Create Link. 5. Your server resides behind a locked door. When you open the server room door, you notice that the server has been moved and partially dismantled. The keyboard has been removed. You find that the hard drive is missing. To what type of attack have you fallen victim? a. Physical. b. Social engineering. c. Keylogging. d. System bug.