Operating Systems Security Quiz and Answer

go back to home

Operating Systems Security refers to the protection of an operating system (OS) from unauthorized access, use, disruption, modification, or destruction.

It involves implementing various security measures to safeguard both the OS itself and the data it manages. OS security is essential to maintain confidentiality, integrity, and availability of both the system and its data.

The following are quizzes and answers related to Operating Systems Security. They are listed in no particular order.

  1. The package-management system in Linux is used to restrict permissions on files and folders.

    False.

  2. What is the best definition of a bastion?

    A fortified place

  3. A Linux distribution typically does NOT include which of the following?

    Virtual Platform

  4. Which of the following is an open-source license?

    GNU General Public License (GPL)

  5. Which of the following is the development distribution for Red Hat?

    Fedora

  6. Fedora and Ubuntu are examples of ______.

    distributions

  7. You are a computer security consultant who has been hired by a company to break into its network and protected systems to test and assess their security. Which of the following describes your role?

    White-hat hacker

  8. Most Linux distributions have pre-compiled packages, which determine all the dependencies.

    True

  9. The following are true of system hardening EXCEPT:

    A hardened system usually has more packages to update than an unhardened system.

  10. Who developed and released the first Linux operating system?

    Linus Torvalds

  11. Because administrators can configure a system to display graphical user interface (GUI) clients on a remote terminal, malware on one Linux GUI application can spread across a network to other GUI systems.

    False

  12. Which of the following files is NOT a part of the shadow password suite?

    /etc/sudoers

  13. What defines the services to be run in Linux?

    Runlevel

  14. GNOME and KDE are __________.

    graphical desktop environments

  15. The Linux startup process begins automatically after the boot process loads the Linux kernel

    True

  16. The default mandatory access control system used for Red Hat distributions is ______.

    SELinux

  17. What is Canonical?

    the company behind Ubuntu

  18. The iptables program is used to configure ___________.

    a firewall

  19. A discretionary access control for a file is a control mechanism that is set by _______.

    the user owner of the file

  20. Which of the following represents a type of mandatory access control?

    the FTP service is allowed to interact with directories other than user’s home directories.

  21. What displays after running the service --status-all command?

    all services and their status.

  22. Which of the following provides access control at the network level without using a super server?

    TCP Wrapper

  23. The following are factors to consider when selecting a Linux distribution

    package manager support, kernel features and hardware platform.

  24. Linux can operate as a hypervisor in and of itself, so it can also run as a guest operating system inside any other hypervisor.

    True

  25. In Linux, software for network services, graphical user interfaces (GUIs), language compilers, and many other kinds of software typically come in bundles referred to as _______.

    Packages

  26. _____ is the super server that launches applications based on connection attempts

    xinetd

  27. An administrator typically stops and starts services using the init program

    False

  28. You are a systems administrator. You are setting up new servers and workstations for your organization and plan to run Red Hat Enterprise Linux (RHEL) on all of the servers. Of the following, which distribution is the best choice for the workstations and most closely associated with RHEL?

    Fedora

  29. Network service startup scripts are located in which directory in many Linux distributions?

    /etc/init.d/

  30. Where is the LILO configuration file usually located?

    /boot/

  31. Which of the following control flags used in pluggable authentication modules (PAM) approves user access assuming that there are no previous failures?

    sufficient

  32. Cron is a service for running administrative jobs on a regular basis

    True

  33. What user account information can be found in the /etc/passwd file?

    The user's basic information, such as the default login shell

  34. Pluggable authentication modules (PAM) solves administrative permission problems by providing higher-level functions without having the whole program gain administrative access

    False

  35. Which command do you use to apply administrative privileges to another command without logging in as root?

    su -c

  36. What can a black-hat hacker use to decipher hashed passwords?

    A rainbox table

  37. Why is it recommended that you avoid using Network Information Service (NIS)?

    NIS transmits data, including password hashes, over the network without encryption.

  38. A polkit mechanism includes a subject, an object, and an action. Which of the following is the subject?

    An administrative tool

  39. What is a salt?

    A value added to a hash

  40. Which of the following is the best choice for network authentication? LDAP
  41. What is a valid reason for setting up the /home/ directory as a separate filesystem?

    You can upgrade the distribution at a later date with little risk to user files.

  42. Which Linux filesystem format does not include any type of journaling?

    ext2

  43. Linux unified key setup (LUKS) is a specification for ________.

    disk encryption

  44. In Linux, three major services that network files and folders are the Network File System (NFS), Samba, and the File Transfer Protocol (FTP).

    True

  45. The GRUB configuration file is generally located in the ______ directory

    /boot/

  46. If a share on a Microsoft Windows host needs to mount on the Linux filesystem, which network service would typically be used?

    Samba

  47. Which filesystem hierarchy standard (FHS) directory can be mounted separately from the root directory?

    /home/

  48. The /usr/ directory contains programs that are generally accessible to all users. This directory can be secured by mounting it ______.

    as read-only

  49. Which file is used to configure the various mounting options of a filesystem upon boot?

    /etc/fstab

  50. The ls -p command displays file and folder permissions

    False

  51. Which runlevel reboots a system?

    6

  52. Which runlevel shuts down a system?

    0

  53. Users can change mandatory access controls

    False

  54. When a network starts up in Linux, it registers itself with the operating system through a process called binding

    True

  55. Which of the following is NOT true of runlevels?

    Collectively, runlevels are the master process that starts all services

  56. What is a deamon?

    A specialized program that supports system functionality to users or other programs while running in the background

  57. Which of the following is NOT a hashing algorithm?

    LSB

  58. The following are true of system hardening EXCEPT

    A best practice is to start with a complete installation and remove unnecessary packages

  59. What Is Bourne Again Shell (bash)?

    A reference to a filename in the filesystem

  60. Which of the following is closely associated with the init process?

    SysV

  61. Which of the following is NOT an SELinux mode?

    Allow

  62. For which reason would an administrator set up an obscure port?

    Security

  63. A server has the following TCP Wrappers configuration: /etc/hosts.deny ALL : ALL. What is the result of this configuration?

    Denies access to all deamons from all clients

  64. The GNOME uncomplicated firewall (Gufw) configuration tool is available as a GUI-based tool in Ubuntu

    True

  65. Assuming a demilitarized zone (DMZ) is configured, there is no need to set up a separate firewall between the DMZ network and the internal network

    False

  66. _____ are the on/off settings in SELinux that allow or deny access for a service to interact with an object

    Booleans

  67. The well-known TCP/IP port numbers range from 0 to ____

    1023

  68. Which file lists standard ports for many services?

    /etc/services

  69. Regarding SELinux, which of the following files includes lists of critical files and services to be watched for changes?

    Sestatus.conf

  70. What technique can a black-hat hacker use to find any modem connection on your network with security weaknesses?

    War dialing

  71. Which of the following uses Authentication Header (AH) and Encapsulating Security Payload (ESP)?

    IPSec.

  72. A primary domain controller (PDC) is a type of e-mail server

    False

  73. Any Linux system configured with _____ can be set up as a server on a Microsoft network

    Samba

  74. Which ports does Internet Protocol Security (IPSec) use to tunnel information?

    50,51

  75. You are setting up Samba as a standalone server. What should be the value of the security directive?

    User

  76. What does Kerberos require?

    NTP

  77. Network File System (NFS) is frequently used to share the /home/ directory from a central server

    True

  78. Which of the following is an insecure method of remote access?

    Telnet

  79. Which of the following ports is a secure alternative for Post Office Protocol version 3 (POP3)?

    995

  80. From a security perspective, what is the advantage of Samba over Network File System (NFS) when installed with the standard configuration?

    Samba has username and password authentication as part of its built-in functionality.

  81. Which Apache directive specifies an alternative port for Web pages?

    Listen

  82. Common Unix Printing System (CUPS) uses which directive to allow remote access?

    Listen

  83. When considering Asterisk, reliably speedy packet flow is important to keep conversations from becoming jumpy

    True

  84. E-mail services that send mail to client applications are mail user agents (MDUs).

    False

  85. When creating a self-signed certificate, which of the following information is NOT required?

    The root password

  86. Which command do you use to create a self-signed certificate?

    openssl

  87. A __________ is an entity that issues digital certificates

    certificate authority

  88. In the following, what does the ending period represent? www.example.com.

    the root domain

  89. When configuring an authoritative Domain Name Service (DNS) server for a public system, which of the following is a type of attack you should protect against?

    cache poisoning

  90. You want to use certificates on your Web site. What is the primary difference between creating an official certificate through a certificate authority (CA) versus creating a self-signed certificate?

    with an official CA certification, your Web site visitors won’t get an “invalid security certificte” error message.

  91. How can kernel parameters be changed without rebooting the computer system?

    By modifying the value of files in the /proc filesystem

  92. Which of the following actions should you not take when implementing a new kernel?

    Upgrade

  93. Kernels released for different architectures vary because different platforms have different ………

    CPUs

  94. Tuning the kernel parameters, such as the networking functionality, can be accomplished by editing the …….. file.

    /etc/sysctl.conf

  95. A security compliance team finds that a local file server has been mistakenly configured to forward packets and needs to be fixed immediately. How can a Linux system administrator verify that the Linux system is forwarding IPv4 packets?

    verify the kernel by viewing the /proc/sys/net/ipv4/ip_forward file

  96. When compiling a kernel on a Red Hat system, you must be logged in as the root administrative account.

    True

  97. Which of the following is the correct method to apply a new kernel built on a Linux system?

    install it as a new kernel leaving the original kernel in place

  98. After installing a custom kernel, which of the following steps should you take?

    ensure the custom kernel has a separate stanza in the boot loader

  99. Red Hat does not release its source code under open source licenses

    False

  100. To customize a kernel, which command opens a kernel customization editing tool?

    make menuconfig

  101. Which of the following commands can automatically detect dependencies during software installation?

    yum

  102. You can configure Ubuntu to automatically update itself using an apt script and cron

    True

  103. An enterprise running Red Hat Enterprise Linux (RHEL) that wishes to control its own repository locally for package updates may consider using ______.

    Red Hat Satellite Server

  104. ClamAV can be described as:

    an open-source anti-virus solution mainly used on Linux e-mail gateways

  105. Which Linux distribution is known as a rebuild of Red Hat Enterprise Linux?

    CentOS

  106. Which organization maintains the Common Vulnerabilities and Exposure (CVE) list?

    MITRE Corporation

  107. Why is it important to install antivirus software for a Samba file server in a Microsoft Windows environment?

    because shared files on the Samba server can contain viruses that can infect Windows clients

  108. Which term describes a common malware targeted for Linux operating systems that allows a black-hat hacker to take over the computer system with administrative privileges?

    Rootkit

  109. The apt-* commands are a series of commands developed for ______ Linux distribution.

    Debian

  110. The Konqueror Web browser is the open source version of Google's Chrome browser

    False