What is the standard MTU for Ethernet interfaces?
1500
1300
500
300
Which of the following files would you edit to rewrite the headers of outgoing email messages so that the messages appear to originate from a completely different domain?
virtusertable
genericstable
aliases
sendmail.cf
What two programs can be destructive if run against a mounted volume?
badblocks and lsof
fsck and lsof
mkraid and badblocks
fsck and badblocks
You wish to mount a Samba share named docs on a system named http://filesrv.company.com. The username to access the share is davis and the password is access1
. Which of the following commands will allow you to do this? (Choose two.)
smbmount //filesrv.company.com/docs /mnt/smb -o username=davis,password=access1
smbclient -U davis%access1 //filesrv.company.com/docs
smbclient //filesrv.company.com/docs -U davis%access1
smbmount /mnt/smb //filesrv.company.com/docs -o username=davis,password=access1
You have a directory named /mnt/nfs on your system that you use for NFS mounts. Write in the command that mounts an NFS volume named /home/james located on a system named bentley.
You suspect that several routers on a particular WAN connection are too slow. Which of the following commands allows you to make traceroute wait 20 seconds for a response to a packet?
traceroute -w 20 router23.company.com
traceroute -c 20 router23.company.com
traceroute -i 20 router23.company.com
traceroute -t 20 router23.company.com
Your DNS server is named dns.company.com. Which of the following commands allows you to query another server named dns.isp.com for the A record information of the host www.company.com? (Choose two.)
dig -t A www.company.com @dns.isp.com
dig @dns.isp.com www.company.com
host dns.isp.com www.company.com
You wish to add a second IP address to your third Ethernet card. Which of the following commands does this?
ifconfig eth3:2 202.168.85.3 netmask 255.255.255.0
ifconfig eth0:3 202.168.85.3 netmask 255.255.255.0
ifconfig eth1 -a 2 202.168.85.3 netmask 255.255.255.0
ifconfig eth2:1 202.168.85.3 netmask 255.255.255.0
The route command hangs when used without any arguments. This systexgm is on a Gigabit Ethernet network. Which of the following explanations are plausible? (Choose two.)
The route command requires the -g argument when querying a Gigabit Ethernet network.
Name resolution has failed on the network.
A kernel panic has caused the NIC to be kicked off the network.
The default gateway is no longer available.
Which of the following commands helps you begin the process of testing an SMTP server named smtp.newcompany.com to see whether it is an open relay?
telnet smtp.newcompany.com
nc telnet smtp.newcompany.com
telnet smtp.newcompany.com 25
ssh smtp.newcompany.com 25
You have been asked to run a manual integrity scan on a system using Tripwire. Which of the following commands would accomplish this?
tripwire --verify
tripwire -s /dev/hda
tripwire --check
scan -now /dev/hda
Which of the following organizations issue reports concerning the latest verified vulnerabilities and attacks? (Choose two.)
ISO
CERT
Bugtraq
IDS
Which of the following should be run each time you log out from a Kerberos session?
kdestroy
klogout
kinit -l
user
, where user
is the username of the person logging out
kadmin logout
user
, where user
is the username of the person logging out.
What two services are vital to the proper functioning of a Kerberos implementation?
A fully functioning Network Time Protocol (NTP) server
A fully functioning LDAP server
A fully functioning Domain Name System (DNS) server
A fully functioning Samba server
Which of the following commands creates a Kerberos database that you can then populate with principals?
kdb5_util initialize -s
kdb5_util create -s
kdb5_create initialize -s
kdb5_create -s
You wish to conduct a ping scan of systems on your network. Which of the following commands does this?
nmap -ping 192.168.2.1-254
nmap -P 192.168.2.1-254
nmap -sP 192.168.2.2-254
nmap -Ps 192.168.2.1-254
What term describes a situation in which an intrusion detection system (IDS) identifies legitimate traffic as an attack?
An event anomaly
An event horizon
A false signature
A false positive
What is the result of the following entry in the hosts.deny file of your Linux system?
ALL: .company.com: DENY
No incoming or outgoing connections will be possible to the company.com domain.
Users on the Linux system will not be able to access resources on the company.comdomain.
All hosts from the company.com domain will be prohibited from using all services on the Linux system.
All hosts from the company.com domain will be prohibited from using services protected by TCP wrappers.
Consider the following entry in hosts.deny:
ALL:ALL
Imagine also the following entry in hosts.allow:
ALL: .mycompany.com
What is the result of this combination?
All attempted connections to resources protected by TCP wrappers will fail, because the hosts.deny file takes precedence.
Only members of the mycompany.com domain will be able to connect to resources protected by TCP wrappers.
Because the entries coxgnflict, all people will be allowed to access all resources on the server.
TCP wrappers will fail due to the conflict, and no one will be allowed to access the protected resources.
What does the ~/.ssh/authorized_keys file contain?
The private keys of users who wish to access your system
The host keys of SSH servers that have connected to your system
The public keys of users who wish to access your system
The certificate of each SSH server that has connected to your system
You wish to use an SSH client to connect to a remote system with public key authentication. What command would you issue to create a key pair that uses Version 2 of the RSA algorithm?
ssh-keygen -a rsa
ssh-keygen -rsa
ssh-keygen -s rsa
ssh-keygen -t rsa
What file would you edit to change the facility or priority that SSH uses to log events?
/etc/ssh/sshd_config
/var/ssh/ssh.config
~/.ssh/ssh.config
/usr/lib/sshd/ssh_config
What entry in the SSH configuration file would you add to temporarily disable non-root logins to an SSH server during maintenance?
Users_Deny
DisableUsers
DenyUsers
Users:Deny
You have enabled X11 forwarding in the SSH configuration file. You wish to tunnel X11 traffic inside of SSH to access a system named blake.romantics.org. Which of the following commands allows you to tunnel X11 sessions to a remote system so that they are encrypted?
ssh -t blake.romantics.org
ssh -x 1.blake.romantics.org
ssh -r blake.romantics.org
ssh -f blake.romantics.org
What command would you issue to remove an identity from ssh-agent?
ssh-remove
ssh-add -r
ssh-del
ssh-add -d
You wish to authenticate via public keys with a remote user. You and the remote user have just created key pairs. What must you do next?
Exchange private keys and place the remote user's private key into the ~/.ssh/identity file.
Each user must use the ssh-add and ssh-agent applications to place each other's public key into memory.
Exchange public keys and then place the remote user's public key into the ~/.ssh/identity file.
Each user must use the ssh-add and ssh-agent applications to place each other's private key into memory.
Each time you authenticate using public keys in SSH, you are asked for the password of your private key. What can you do to keep your private key secure but avoid having to constantly enter the password each time you use SSH?
Use the ssh-keygen -P command to store the password in a restricted text file.
Use ssh-agent and ssh-add commands to store the private key in memory.
Use ssh-askpass and ssh-keyscan to store the private key password in memory.
Use the ssh-copy-id command to store the private key in memory.
You are configuring a server that allows anonymous FTP access. Write in the entry that would go in the ftpaccess file that forbids anonymous users from uploading files.
You wish to forbid the root account from logging in to your FTP server. What steps would you take?
Edit the ftpusers file and add the root account name.
Edit the ftpaccess file and add the root account name.
Edit the ftpgroups file and add the root account name.
Edit the /etc/passwd file and place an asterisk in front of the ftp account.
What are the names of the classes of users recognized by the WU-FTPD daemon?
anonymous, limited
, and standard
privileged, anonymous
, and real
restricted, privileged
, and standard
real, anonymous
, and guest
You've decided to create a chroot environment for your FTP server. Accordingly, you copied the ls, rm, cp, and gzip commands to the /chroot/ftp/bin directory that you created. You have verified that they are executable. After starting the FTP server, you notice that you cannot use these commands during the FTP session. Which of the following steps will most likely get these commands to work?
Make all of the applications SUID root.
List all files you wish to have executable permissions in the ftpaccess file, then make sure that each file is placed into the /chroot/ftp/bin directory.
Use the ldd command to discover the libraries the applications require, and copy the libraries to the /chroot/ftp/bin directory.
Create a bash script that precedes each of the commands you wish to make executable, and place the script in the /chroot/ftp/bin directory.
You wish to enable Network Address Translation (NAT) on a Linux system. What table in iptables would you specify to masquerade a connection?
What command do you have to execute to make sure changes to the /etc/syctl.conf file are recognized?
sysctl, without any arguments
sysctl -c /etc/sysctl.conf
sysctl /etc/sysctl.conf
sysctl -p /etc/sysctl.conf
Which of the following commands can help a Linux system withstand a SYN flood?
echo 1 > /proc/sys/net/ipv4/tcp_abort_on_overflow
echo 1 > /proc/sys/net/ipv4/tcp_nosyn
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 1 > /proc/sys/net/ipv4/tcp_nores
How can you enable IP forwarding in a Linux system? (Choose two.)
Users have called complaining that they can no longer access resources necessary to do their jobs. You have determined that entries automatically added to the /etc/hosts.deny file by an application are responsible. You have removed these entries manually. Which of the following applications is capable of updating the /etc/hosts.deny file?
TCP wrappers
iptables
ipchains
Portsentry
Which of the following commands would you use to update an LDIF file?
moddif
ldapadd
ldifmod
slapd
You are adding individuals to an LDIF file. What does ou=
indicate?
The online utilization value for the LDIF file
The object URL of the user in the LDAP scheme
The organizational unit the user belongs to
The owner UML, which describes users as computer-based objects
Which of the following applications is responsible for maintaining binding information for an NIS server?
yppoll
yppush
ypbind
ypmatch
You are having problems with your NIS server and suspect a problem with the portmapper. You can see that the portmapper daemon has a process ID, but you are not sure that the daemon is working properly. Which of the following applications can help you determine more information about how the portmapper daemon is functioning?
rpcinfo
pmreport
yppoll
netgroup
You wish to have your DHCP server provide a default gateway and DNS server to each client. The IP address of the default gateway is 192.168.2.1. The IP address of the DNS server is 10.45.45.3. Write in the option
entries you would make in a subnet
section of your DHCP configuration file.
Which of the following do you specify when configuring a dhcrelay? (Choose two.)
The IP address of the DHCP server
The MAC address of the DHCP server
The interfaces that dhcrelay will listen on
The MAC addresses of all local network interface cards
Which of the following applications help a news server avoid filling up a hard disk and overtaxing the CPU?
control.ctl
sysctl
expire.ctl
innwatch
Davis (username davis) wishes to create a new newsgroup named scuba. The password for the newsgroup is regulator1
. Write in the command that he would issue to create the group.
What three parts is a Procmail recipe comprised of?
Beginning, condition, action
Header, instructions, condition
Stipulation, condition, action
Header, descriptor, options
What is the name of the file used to store a user's private key?
/etc/ssh/users/identity
~/.ssh/authorized_keys
~/.ssh/identity
~/.ssh/.shosts
What command would you issue to enter interactive mode in Sendmail and test changes you have made to the virtusertable and genericstable files?
procmail -t
sendmail -bt
sendmail -rv
mail -s test
Which of the following steps allows you to deny Sendmail access to users from the haxors1.com DNS domain?
Enter the following in the sendmail.cf file: TDISCARD haxors1.com
.
Enter the following into the /etc/mail/access file: haxors1.comDISCARD
.
Enter the following into the /etc/mail/generic file: FROM: haxors1.com REJECT
.
Enter the following into the /etc/mail/virtusertable file: haxors1.com REJECT
.
Which of the following commands captures all traffic except SSH packets between the hosts named lewis and clark?
tcpdump host lewis and clark and not -p ssh
tcpdump host lewis and clark and not '(port ssh)'
tcpdump host lewis and clark and not -p 22
tcpdump host lewis and clark not '(ssh)'
You are editing the main Apache configuration file. You wish to control how many servers are started at one time. Which of the following values would you change?
StartServers
MaxRequests
MaxServers
StartProcess
You are using .htaccess files to enable password protection for a web site directory. You are confident that the .htaccess file you are using is valid. However, the file does not seem to be recognized by the server. Which of the following changes will most likely enable the use of .htaccess files?
Change the Override None
directive to Override All
.
Change the HtAccess None
directive to HtAccessAll
.
Change the AllowOverride AuthConfig
directive to AllowOverride HtAccess
.
Change the AllowOverride None
directive to AllowOverride AuthConfig
.
You have been asked to increase the size of the cache directory for Squid from 1 GB to 3 GB. Which of the following would be the correct entry in squid.conf?
cache_dir /usr/local/squid/cache/ 3000000 160 800
cache_dir /usr/local/squid/cache/ 160 800 3GB
cache_dir /usr/local/squid/cache/ 3000 160 800
cache_dir /usr/local/squid/cache/ 3GB 160 800
Why is a DHCP server relay agent necessary in a routed network?
All routers are configured to drop UDP port 1964, which is used by DHCP.
DHCP servers rely on broadcasts to configure clients on the network.
DHCP clients have not yet configured their default gateways.
All routers are configured to drop TCP port 1964, which is used by DHCP.
While reviewing a slapd.conf file, you notice the following entry:
database ldbm
What is the meaning of this entry?
It identifies the database manager that slapd consults when authenticating users.
It specifies the type of encryption used during LDAP sessions.
It provides the community name (cn
) for the LDAP database.
It gives the organizational unit (ou
) name for the LDAP database.
What entries would you make in the /etc/hosts.allow and /etc/hosts.deny files so that TCP wrappers automatically denies all services except FTP?
Put ALL:ALL
in /etc/hosts.allow, and put ALL:ALL, EXCEPT FTP
in /etc/hosts.deny.
Put ALL:ALL
in /etc/hosts.deny, and put in.ftpd: ALL:ALLOW
in /etc/hosts.allow.
Put ALL:ALL EXCEPT FTP
in /etc/hosts.allow, and put nothing in /etc/hosts.deny.
Put nothing in /etc/hosts.allow, and put ALL: EXCEPT svc: in.ftpd
in /etc/hosts.deny.