Question 1

In Mac OS X,what does library randomization do?&#10;A)It defeats buffer overflows.&#10;B)It is used for encryption.&#10;C)It restricts network access.&#10;D)It increases the ease of code writing.

Accepted Answer

Library randomization, also known as Address Space Layout Randomization (ASLR), helps to prevent buffer overflow attacks by randomly arranging the locations of important system libraries in memory. This makes it more difficult for attackers to predict where specific functions or variables are located in memory and exploit them with malicious code.

Question 2

Which of the following is NOT a UNIX file permission?&#10;A)Read&#10;B)Write&#10;C)Modify&#10;D)Execute

Accepted Answer

The UNIX file permissions are Read, Write, and Execute. Modify is not a UNIX file permission.

Question 3

What is the first step in addressing issues with passwords?&#10;A)The first step in addressing password issues is to create an effective and manageable password policy that both system administrators and users can work with.&#10;B)The first step in addressing password issues is to find a systematic,alpha-numeric combination and then assign passwords,so that both system administrators and users can tell which department is using what system.&#10;C)The first step in addressing password issues is to see how many passwords are required.&#10;D)The first step in addressing password issues is to see how many accounts can use the same password.

Accepted Answer

Creating an effective and manageable password policy is the first step in addressing password issues. This policy should provide guidelines for password creation, expiration, and complexity requirements that both system administrators and users can work with. Without a clear policy, it will be difficult to enforce strong password practices and address any issues that arise.

Question 4

Linux and other operating systems use the _______ command to change the read-write-execute properties of a file or directory.&#10;A)tracert&#10;B)ifconfig&#10;C)chmod&#10;D)chkconfig

Accepted Answer

The chmod command is used in Linux and other operating systems to change the permissions of a file or directory. It allows users to set the read, write, and execute permissions for the owner, group, and others. The tracert and ifconfig commands are used for network troubleshooting and configuration, while chkconfig is used to manage system services.

Question 5

An initial baseline should be performed when?&#10;A)After every update to a system&#10;B)Before patches are installed on a system&#10;C)After administrators have finished patching,securing,and preparing a system&#10;D)Every 90-120 days,as determined by local policy

Accepted Answer

A baseline should be performed after administrators have finished patching, securing, and preparing a system to establish a standard configuration for comparison against future changes or anomalies. It is not necessary to perform a baseline after every update or before patches are installed, and the frequency of baseline assessments should be determined by local policy, but typically around every 90-120 days.

Question 6

Most modern UNIX versions store the passwords associated with a user account in a&#10;A)BitLocker&#10;B)shadow file&#10;C)passwd file&#10;D)Registry

Accepted Answer

Most modern UNIX versions store the passwords associated with a user account in a shadow file, which is a separate file from the passwd file. The shadow file is stored in a more secure location than the passwd file and is only accessible by root or a privileged user. This is done to protect the passwords from being easily accessed or manipulated by unauthorized users.

Question 7

On a UNIX system,if a file has the permission rwx r-- ---,what permission does the group have?&#10;A)Execute,read,write&#10;B)Read&#10;C)Read,write,execute&#10;D)No permissions

Accepted Answer

The group has only read permission, as indicated by the second set of three characters (r--). The first set of three characters (rwx) represents the owner's permissions and the third set of three characters (---) represents the permissions for all other users.

Question 8

Selecting a good password for each user account is critical to protecting information systems.How should you select a good password?&#10;A)Use letters in your first name and letters in your last name.&#10;B)Select a password that is still relatively easy to remember,but still difficult to &#34;guess.&#34;&#10;C)Unfortunately,there is way to keep a password safe,so it really doesn't matter what you use.&#10;D)Create a password that would be hard to remember,and then write it down so you won't forget it.

Accepted Answer

A good password should be relatively easy for the user to remember, but difficult for others to guess. It should include a mix of upper and lower case letters, numbers, and special characters. Avoid using easily guessable information such as birthdates, family names, or common words. Writing down passwords is also discouraged as it increases the risk of them being stolen or compromised.

Question 9

Run levels are used to&#10;A)Determine which users are allowed on a Windows machine&#10;B)Describe the state of initialization and what system services are operating in a Linux system&#10;C)Determine the level of user in Linux systems&#10;D)Are a Windows construct to manage which services are allowed to autostart

Accepted Answer

Run levels are used in Linux systems to describe the state of initialization and which system services are operating. They determine which services or daemons are started when a system boots up. Run levels range from 0 to 6, with each level having a different set of services that are running or stopped.

Question 10

Which of the following is true of the registry permissions area settings in security templates?&#10;A)They control who should be allowed to join or be part of certain groups.&#10;B)They are for services that run on the system.&#10;C)They control who can access the registry and how it can be accessed.&#10;D)They are settings that apply to files and folders,such as permission inheritance.

Accepted Answer

The registry permissions area settings in security templates control who can access the registry and how it can be accessed. They do not control who should be allowed to join or be part of certain groups or apply to files and folders. They may have some impact on services that run on the system, but this is not their primary function.

Question 11

Which UNIX command would you use to change permissions associated with a file or directory?&#10;A)chmod&#10;B)chown&#10;C)chgrp&#10;D)chng

Accepted Answer

The answer of Which UNIX command would you use to...

Question 12

A _________ is a more formal,large software update that may address several or many software problems.&#10;A)Script&#10;B)Log&#10;C)Hotfix&#10;D)Patch

Accepted Answer

The answer of A _________ is a more formal,large software...

Question 13

Which of the following is NOT a general step in securing a networking device?&#10;A)Choosing good passwords&#10;B)Password-protecting the console&#10;C)Maintaining SNMP community strings&#10;D)Turning off unnecessary services

Accepted Answer

The answer of Which of the following is NOT a...

Question 14

In a UNIX operating system,which run level reboots the machine?&#10;A)0&#10;B)1&#10;C)3&#10;D)6

Accepted Answer

The answer of In a UNIX operating system,which run level...

Question 15

Which of the following is true of BitLocker,in Windows Vista?&#10;A)It's where malicious code is stored when it's discovered.&#10;B)It's a form of data storage for network traffic.&#10;C)It allows encryption of all data on a server.&#10;D)It monitors Internet Explorer traffic.

Accepted Answer

The answer of Which of the following is true of...

Question 16

What is the process of establishing a system's security state called?&#10;A)Hardening&#10;B)Baselining&#10;C)Securing&#10;D)Controlling

Accepted Answer

The answer of What is the process of establishing a...

Question 17

Which UNIX command can be used to show the patches that are installed for a specific software package?&#10;A)pkglist&#10;B)pkgparam&#10;C)pkgqury&#10;D)pkgdump

Accepted Answer

The answer of Which UNIX command can be used to...

Question 18

Which of the following is one of those critical activities that is often neglected as part of a good security baseline?&#10;A)Password selection&#10;B)Hardening the OS&#10;C)Securing the firewall&#10;D)Hardening applications

Accepted Answer

The answer of Which of the following is one of...

Question 19

Which of the following is the command to stop a service in UNIX?&#10;A)Stop&#10;B)Kill&#10;C)End&#10;D)Finish

Accepted Answer

The answer of Which of the following is the command...

Question 20

On a UNIX system,if a file has the permission r-x rw- ---,what permission does the world have?&#10;A)Read and execute&#10;B)Read and write&#10;C)Read,write,execute&#10;D)No permissions

Accepted Answer

The answer of On a UNIX system,if a file has...

Question 21

Most modern UNIX versions store the actual password associated with an user account in a(n)_______________,located in the /etc directory.

Accepted Answer

The answer of Most modern UNIX versions store the actual...

Question 22

Securing access to files and directories in Solaris is vastly different from most UNIX variants.

Accepted Answer

The answer of Securing access to files and directories in...

Question 23

The _______________ of a computer is the basic software that handles things such as input,output,display,memory management,and all the other highly detailed tasks required to support the user environment and associated applications.

Accepted Answer

The answer of The _______________ of a computer is the...

Question 24

Service pack is the term given to a small software update designed to address a specific problem,such as a buffer overflow in an application that exposes the system to attacks.

Accepted Answer

The answer of Service pack is the term given to...

Question 25

Securing an application against local-and internet-based attacks is called _______________.

Accepted Answer

The answer of Securing an application against local-and internet-based attacks...

Question 26

The process of planning,deploying,and testing patches in a controlled manner is called _______________.

Accepted Answer

The answer of The process of planning,deploying,and testing patches in...

Question 27

Adding more services and applications to a system helps to harden it.

Accepted Answer

The answer of Adding more services and applications to a...

Question 28

_______________ is a term usually applied to a formal,large software update,which may address several software problems.

Accepted Answer

The answer of _______________ is a term usually applied to...

Question 29

The process of securing and preparing a system for the production environment is called ________.

Accepted Answer

The answer of The process of securing and preparing a...

Question 30

_______________ is a term usually given to a small software update designed to address a specific problem,such as a buffer overflow in an application that exposes the system to attacks.

Accepted Answer

The answer of _______________ is a term usually given to...

Question 31

Hardening applications is similar to hardening operating systems,in that you remove functions that are not needed,restrict access where you can,and make sure the application is up to date with patches.

Accepted Answer

The answer of Hardening applications is similar to hardening operating...

Question 32

Permissions under Linux are the same as for other UNIX-based operating systems.

Accepted Answer

The answer of Permissions under Linux are the same as...

Question 33

In 2002,Microsoft increased the number of services that were installed and running due to public demand.

Accepted Answer

The answer of In 2002,Microsoft increased the number of services...

Question 34

Hotfixes are usually smaller than patches,and patches are usually smaller than service packs.

Accepted Answer

The answer of Hotfixes are usually smaller than patches,and patches...

Question 35

In Solaris,one can use the __________ command to modify the permissions associated with a file or directory.

Accepted Answer

The answer of In Solaris,one can use the __________ command...

Question 36

To stop a running service,an administrator can identify a service by its unique _______________,and then use the kill command to stop the service.

Accepted Answer

The answer of To stop a running service,an administrator can...

Question 37

When hardening Mac OS X,the same guidelines for all UNIX systems apply.

Accepted Answer

The answer of When hardening Mac OS X,the same guidelines...

Question 38

Windows Defender is new,personal firewall software included in Vista.

Accepted Answer

The answer of Windows Defender is new,personal firewall software included...

Question 39

Mac OS X FileVault encrypts files with 3DES encryption.

Accepted Answer

The answer of Mac OS X FileVault encrypts files with...

Question 40

_______________ are a mechanism for providing interoperation and secure access to a variety of services on different platforms.

Accepted Answer

The answer of _______________ are a mechanism for providing interoperation...

Question 41

List four of the new modifications and capabilities of Windows 2003 Server.

Accepted Answer

The answer of List four of the new modifications and...

Question 42

List three of the new capabilities of Windows Server 2008.

Accepted Answer

The answer of List three of the new capabilities of...

Question 43

What are the general steps to take to secure a network device?

Accepted Answer

The answer of What are the general steps to take...

Question 44

List three of the new security-specific features of Mac OS X 10.5.

Accepted Answer

The answer of List three of the new security-specific features...

Question 45

List three of the security features of Windows Vista.

Accepted Answer

The answer of List three of the security features of...

Deck 14: Baselines