1. What is GRUB and why is it important to lock it down? a. GRUB is a bootloader. It is very important to lock this down because of the high access to the kernel and how important aspects can be modified on the fly at any time during the boot up process because it is unprotected by password. 2. Discuss the purpose of granting “sudo” access. Why is it a good idea not to log in as a root user? a. It gives the person access using the sudo access, superuser capability and allows them to run programs with the security privileges of such.
This can cause instability of the kernel or in the hands of a skilled individual compromise the system. 3. If a file is set with the immutable flag, what security controls does this provide for the file? a. Immutable permissions designation prevents a file from being changed, even by someone with root level access. 4. Why do you get a blank window when trying to edit grub with “vi”? a. You need the correct permissions, or the file has been moved so it is loading nothing. 5. How do you know when you log in as root? a.
Terminal prompt goes from [[email protected] ~]$ to [[email protected] username]# 6. What command do you need to use to install vim? a. apt-get install vim 7. What is iptables and how does this help harden the Fedora Linux Server? a. Iptables is like a rule set or chain of rules. You can use it to basically build a firewall. 8. Why is it important to configure and enable iptables on your Fedora Linux Server? a. To help secure a Linux server that is connected to the internet. 9. What is the difference between the commands ‘cat’ and ‘less’? a.
The ‘cat’ command will list everything in a file and it has the capability to merge files. Less will view the contents of a file one page at a time waiting for the user to continue. 10. What is the difference between ‘setfacl’ and ‘getfacl’? How can “setfacl” help achieve security hardening? a. setfacl – set file access control lists. getfacl – get file access control lists. Setfacl is used to set up ACL (Access Control Lists). The usage of ACLs offers mechanisms for setting up per-user-permissions of single filesystem objects and provides fine-grained definitions of access restrictions.