Section 43.1. Questions

43.1. Questions

1. What is the standard MTU for Ethernet interfaces?

   1. 1500

   2. 1300

   3. 500

   4. 300

2. Which of the following files would you edit to rewrite the headers of outgoing email messages so that the messages appear to originate from a completely different domain?

   1. virtusertable

   2. genericstable

   3. aliases

   4. sendmail.cf

3. What two programs can be destructive if run against a mounted volume?

   1. badblocks and lsof

   2. fsck and lsof

   3. mkraid and badblocks

   4. fsck and badblocks

4. You wish to mount a Samba share named docs on a system named filesrv.company.com. The username to access the share is davis and the password is access1. Which of the following commands will allow you to do this? (Choose two.)

   1. smbmount //filesrv.company.com/docs /mnt/smb \ -o username=davis,password=access1

   2. smbclient -U davis%access1 //filesrv.company.com/docs

   3. smbclient //filesrv.company.com/docs -U davis%access1

   4. smbmount /mnt/smb //filesrv.company.com/docs \ -o username=davis,password=access1

5. You have a directory named /mnt/nfs on your system that you use for NFS mounts. Write in the command that mounts an NFS volume named /home/james located on a system named bentley.

6. You suspect that several routers on a particular WAN connection are too slow. Which of the following commands allows you to make traceroute wait 20 seconds for a response to a packet?

   1. traceroute -w 20 router23.company.com

   2. traceroute -c 20 router23.company.com

   3. traceroute -i 20 router23.company.com

   4. traceroute -t 20 router23.company.com

7. Your DNS server is named dns.company.com. Which of the following commands allows you to query another server named dns.isp.com for the A record information of the host www.company.com? (Choose two.)

   1. dig -t A www.company.com @dns.isp.com

   2. host www.company.com dns.isp.com

   3. dig @dns.isp.com www.company.com

   4. host dns.isp.com www.company.com

8. You wish to add a second IP address to your third Ethernet card. Which of the following commands does this?

   1. ifconfig eth3:2 202.168.85.3 netmask 255.255.255.0

   2. ifconfig eth0:3 202.168.85.3 netmask 255.255.255.0

   3. ifconfig eth1 -a 2 202.168.85.3 netmask 255.255.255.0

   4. ifconfig eth2:1 202.168.85.3 netmask 255.255.255.0

9. The route command hangs when used without any arguments. This systexgm is on a Gigabit Ethernet network. Which of the following explanations are plausible? (Choose two.)

   1. The route command requires the -g argument when querying a Gigabit Ethernet network.

   2. Name resolution has failed on the network.

   3. A kernel panic has caused the NIC to be kicked off the network.

   4. The default gateway is no longer available.

10. Which of the following commands helps you begin the process of testing an SMTP server named smtp.newcompany.com to see whether it is an open relay?

    1. telnet smtp.newcompany.com

    2. nc telnet smtp.newcompany.com

    3. telnet smtp.newcompany.com 25

    4. ssh smtp.newcompany.com 25

11. You have been asked to run a manual integrity scan on a system using Tripwire. Which of the following commands would accomplish this?

    1. tripwire --verify

    2. tripwire -s /dev/hda

    3. tripwire --check

    4. scan -now /dev/hda

12. Which of the following organizations issue reports concerning the latest verified vulnerabilities and attacks? (Choose two.)

    1. ISO

    2. CERT

    3. Bugtraq

    4. IDS

13. Which of the following should be run each time you log out from a Kerberos session?

    1. kdestroy

    2. klogout

    3. kinit -l user, where user is the username of the person logging out

    4. kadmin logout user, where user is the username of the person logging out.

14. What two services are vital to the proper functioning of a Kerberos implementation?

    1. A fully functioning Network Time Protocol (NTP) server

    2. A fully functioning LDAP server

    3. A fully functioning Domain Name System (DNS) server

    4. A fully functioning Samba server

15. Which of the following commands creates a Kerberos database that you can then populate with principals?

    1. kdb5_util initialize -s

    2. kdb5_util create -s

    3. kdb5_create initialize -s

    4. kdb5_create -s

16. You wish to conduct a ping scan of systems on your network. Which of the following commands does this?

    1. nmap -ping 192.168.2.1-254

    2. nmap -P 192.168.2.1-254

    3. nmap -sP 192.168.2.2-254

    4. nmap -Ps 192.168.2.1-254

17. What term describes a situation in which an intrusion detection system (IDS) identifies legitimate traffic as an attack?

    1. An event anomaly

    2. An event horizon

    3. A false signature

    4. A false positive

18. What is the result of the following entry in the hosts.deny file of your Linux system?

     ALL: .company.com: DENY 

    
    

    1. No incoming or outgoing connections will be possible to the company.com domain.

    2. Users on the Linux system will not be able to access resources on the company.comdomain.

    3. All hosts from the company.com domain will be prohibited from using all services on the Linux system.

    4. All hosts from the company.com domain will be prohibited from using services protected by TCP wrappers.

19. Consider the following entry in hosts.deny:

     ALL:ALL 

    
    

    Imagine also the following entry in hosts.allow:

     ALL: .mycompany.com 

    
    

    What is the result of this combination?

    1. All attempted connections to resources protected by TCP wrappers will fail, because the hosts.deny file takes precedence.

    2. Only members of the mycompany.com domain will be able to connect to resources protected by TCP wrappers.

    3. Because the entries coxgnflict, all people will be allowed to access all resources on the server.

    4. TCP wrappers will fail due to the conflict, and no one will be allowed to access the protected resources.

20. What does the ~/.ssh/authorized_keys file contain?

    1. The private keys of users who wish to access your system

    2. The host keys of SSH servers that have connected to your system

    3. The public keys of users who wish to access your system

    4. The certificate of each SSH server that has connected to your system

21. You wish to use an SSH client to connect to a remote system with public key authentication. What command would you issue to create a key pair that uses Version 2 of the RSA algorithm?

    1. ssh-keygen -a rsa

    2. ssh-keygen -rsa

    3. ssh-keygen -s rsa

    4. ssh-keygen -t rsa

22. What file would you edit to change the facility or priority that SSH uses to log events?

    1. /etc/ssh/sshd_config

    2. /var/ssh/ssh.config

    3. ~/.ssh/ssh.config

    4. /usr/lib/sshd/ssh_config

23. What entry in the SSH configuration file would you add to temporarily disable non-root logins to an SSH server during maintenance?

    1. Users_Deny

    2. DisableUsers

    3. DenyUsers

    4. Users:Deny

24. You have enabled X11 forwarding in the SSH configuration file. You wish to tunnel X11 traffic inside of SSH to access a system named blake.romantics.org. Which of the following commands allows you to tunnel X11 sessions to a remote system so that they are encrypted?

    1. ssh -t blake.romantics.org

    2. ssh -x 1.blake.romantics.org

    3. ssh -r blake.romantics.org

    4. ssh -f blake.romantics.org

25. What command would you issue to remove an identity from ssh-agent?

    1. ssh-remove

    2. ssh-add -r

    3. ssh-del

    4. ssh-add -d

26. You wish to authenticate via public keys with a remote user. You and the remote user have just created key pairs. What must you do next?

    1. Exchange private keys and place the remote user's private key into the ~/.ssh/identity file.

    2. Each user must use the ssh-add and ssh-agent applications to place each other's public key into memory.

    3. Exchange public keys and then place the remote user's public key into the ~/.ssh/identity file.

    4. Each user must use the ssh-add and ssh-agent applications to place each other's private key into memory.

27. Each time you authenticate using public keys in SSH, you are asked for the password of your private key. What can you do to keep your private key secure but avoid having to constantly enter the password each time you use SSH?

    1. Use the ssh-keygen -P command to store the password in a restricted text file.

    2. Use ssh-agent and ssh-add commands to store the private key in memory.

    3. Use ssh-askpass and ssh-keyscan to store the private key password in memory.

    4. Use the ssh-copy-id command to store the private key in memory.

28. You are configuring a server that allows anonymous FTP access. Write in the entry that would go in the ftpaccess file that forbids anonymous users from uploading files.

29. You wish to forbid the root account from logging in to your FTP server. What steps would you take?

    1. Edit the ftpusers file and add the root account name.

    2. Edit the ftpaccess file and add the root account name.

    3. Edit the ftpgroups file and add the root account name.

    4. Edit the /etc/passwd file and place an asterisk in front of the ftp account.

30. What are the names of the classes of users recognized by the WU-FTPD daemon?

    1. anonymous, limited, and standard

    2. privileged, anonymous, and real

    3. restricted, privileged, and standard

    4. real, anonymous, and guest

31. You've decided to create a chroot environment for your FTP server. Accordingly, you copied the ls, rm, cp, and gzip commands to the /chroot/ftp/bin directory that you created. You have verified that they are executable. After starting the FTP server, you notice that you cannot use these commands during the FTP session. Which of the following steps will most likely get these commands to work?

    1. Make all of the applications SUID root.

    2. List all files you wish to have executable permissions in the ftpaccess file, then make sure that each file is placed into the /chroot/ftp/bin directory.

    3. Use the ldd command to discover the libraries the applications require, and copy the libraries to the /chroot/ftp/bin directory.

    4. Create a bash script that precedes each of the commands you wish to make executable, and place the script in the /chroot/ftp/bin directory.

32. You wish to enable Network Address Translation (NAT) on a Linux system. What table in iptables would you specify to masquerade a connection?

33. What command do you have to execute to make sure changes to the /etc/syctl.conf file are recognized?

    1. sysctl, without any arguments

    2. sysctl -c /etc/sysctl.conf

    3. sysctl /etc/sysctl.conf

    4. sysctl -p /etc/sysctl.conf

34. Which of the following commands can help a Linux system withstand a SYN flood?

    1. echo 1 > /proc/sys/net/ipv4/tcp_abort_on_overflow

    2. echo 1 > /proc/sys/net/ipv4/tcp_nosyn

    3. echo 1 > /proc/sys/net/ipv4/tcp_syncookies

    4. echo 1 > /proc/sys/net/ipv4/tcp_nores

35. How can you enable IP forwarding in a Linux system? (Choose two.)

    1. Issue echo 1 > /proc/sys/net/ipv4/ip_forward.

    2. Edit the /etc/network/options file and enter the following line:

        ip_forward=yes 

       
       

    3. Issue echo 1 > /proc/sys/net/ipv4/ip_enable_fw.

    4. Edit the /etc/sysctl file and enter the following line:

        ip_forward=yes 

       
       

36. Users have called complaining that they can no longer access resources necessary to do their jobs. You have determined that entries automatically added to the /etc/hosts.deny file by an application are responsible. You have removed these entries manually. Which of the following applications is capable of updating the /etc/hosts.deny file?

    1. TCP wrappers

    2. iptables

    3. ipchains

    4. Portsentry

37. Which of the following commands would you use to update an LDIF file?

    1. moddif

    2. ldapadd

    3. ldifmod

    4. slapd

38. You are adding individuals to an LDIF file. What does ou= indicate?

    1. The online utilization value for the LDIF file

    2. The object URL of the user in the LDAP scheme

    3. The organizational unit the user belongs to

    4. The owner UML, which describes users as computer-based objects

39. Which of the following applications is responsible for maintaining binding information for an NIS server?

    1. yppoll

    2. yppush

    3. ypbind

    4. ypmatch

40. You are having problems with your NIS server and suspect a problem with the portmapper. You can see that the portmapper daemon has a process ID, but you are not sure that the daemon is working properly. Which of the following applications can help you determine more information about how the portmapper daemon is functioning?

    1. rpcinfo

    2. pmreport

    3. yppoll

    4. netgroup

41. You wish to have your DHCP server provide a default gateway and DNS server to each client. The IP address of the default gateway is 192.168.2.1. The IP address of the DNS server is 10.45.45.3. Write in the option entries you would make in a subnet section of your DHCP configuration file.

42. Which of the following do you specify when configuring a dhcrelay? (Choose two.)

    1. The IP address of the DHCP server

    2. The MAC address of the DHCP server

    3. The interfaces that dhcrelay will listen on

    4. The MAC addresses of all local network interface cards

43. Which of the following applications help a news server avoid filling up a hard disk and overtaxing the CPU?

    1. control.ctl

    2. sysctl

    3. expire.ctl

    4. innwatch

44. Davis (username davis) wishes to create a new newsgroup named scuba. The password for the newsgroup is regulator1. Write in the command that he would issue to create the group.

45. What three parts is a Procmail recipe comprised of?

    1. Beginning, condition, action

    2. Header, instructions, condition

    3. Stipulation, condition, action

    4. Header, descriptor, options

46. What is the name of the file used to store a user's private key?

    1. /etc/ssh/users/identity

    2. ~/.ssh/authorized_keys

    3. ~/.ssh/identity

    4. ~/.ssh/.shosts

47. What command would you issue to enter interactive mode in Sendmail and test changes you have made to the virtusertable and genericstable files?

    1. procmail -t

    2. sendmail -bt

    3. sendmail -rv

    4. mail -s test

48. Which of the following steps allows you to deny Sendmail access to users from the haxors1.com DNS domain?

    1. Enter the following in the sendmail.cf file: TDISCARD haxors1.com.

    2. Enter the following into the /etc/mail/access file: haxors1.comDISCARD.

    3. Enter the following into the /etc/mail/generic file: FROM: haxors1.com REJECT.

    4. Enter the following into the /etc/mail/virtusertable file: haxors1.com REJECT.

49. Which of the following commands captures all traffic except SSH packets between the hosts named lewis and clark?

    1. tcpdump host lewis and clark and not -p ssh

    2. tcpdump host lewis and clark and not '(port ssh)'

    3. tcpdump host lewis and clark and not -p 22

    4. tcpdump host lewis and clark not '(ssh)'

50. You are editing the main Apache configuration file. You wish to control how many servers are started at one time. Which of the following values would you change?

    1. StartServers

    2. MaxRequests

    3. MaxServers

    4. StartProcess

51. You are using .htaccess files to enable password protection for a web site directory. You are confident that the .htaccess file you are using is valid. However, the file does not seem to be recognized by the server. Which of the following changes will most likely enable the use of .htaccess files?

    1. Change the Override None directive to Override All.

    2. Change the HtAccess None directive to HtAccessAll.

    3. Change the AllowOverride AuthConfig directive to AllowOverride HtAccess.

    4. Change the AllowOverride None directive to AllowOverride AuthConfig.

52. You have been asked to increase the size of the cache directory for Squid from 1 GB to 3 GB. Which of the following would be the correct entry in squid.conf?

    1. cache_dir /usr/local/squid/cache/ 3000000 160 800

    2. cache_dir /usr/local/squid/cache/ 160 800 3GB

    3. cache_dir /usr/local/squid/cache/ 3000 160 800

    4. cache_dir /usr/local/squid/cache/ 3GB 160 800

53. Why is a DHCP server relay agent necessary in a routed network?

    1. All routers are configured to drop UDP port 1964, which is used by DHCP.

    2. DHCP servers rely on broadcasts to configure clients on the network.

    3. DHCP clients have not yet configured their default gateways.

    4. All routers are configured to drop TCP port 1964, which is used by DHCP.

54. While reviewing a slapd.conf file, you notice the following entry:

     database  ldbm 

    
    

    What is the meaning of this entry?

    1. It identifies the database manager that slapd consults when authenticating users.

    2. It specifies the type of encryption used during LDAP sessions.

    3. It provides the community name (cn) for the LDAP database.

    4. It gives the organizational unit (ou) name for the LDAP database.

55. What entries would you make in the /etc/hosts.allow and /etc/hosts.deny files so that TCP wrappers automatically denies all services except FTP?

    1. Put ALL:ALL in /etc/hosts.allow, and put ALL:ALL, EXCEPT FTP in /etc/hosts.deny.

    2. Put ALL:ALL in /etc/hosts.deny, and put in.ftpd: ALL:ALLOW in /etc/hosts.allow.

    3. Put ALL:ALL EXCEPT FTP in /etc/hosts.allow, and put nothing in /etc/hosts.deny.

    4. Put nothing in /etc/hosts.allow, and put ALL: EXCEPT svc: in.ftpd in /etc/hosts.deny.