Ch29 Develop A Software Management Security Test Bank Docx

Linux Essentials for Cybersecurity (Rothwell/Kinsey)

Chapter 29 Develop a Software Management Security Policy

1) Which of the following is a recommended practice for keeping software packages up to date to help ensure software security?

A) Install any software update that fixes a bug or security vulnerability.

B) Keep a log of all software updates.

C) Perform updates automatically via a crontab job on workstation systems.

D) All of the above

2) A default installation of Kali Linux has almost __________ software packages.

A) 100

B) 1000

C) 3000

D) 5000

3) The text recommends creating how many categories in which to place software when considering whether to remove unnecessary packages?

A) 3

B) 4

C) 5

D) 6

4) You go through the process of determining if a software package should be installed by __________ the package.

A) updating

B) exploring

C) scanning

D) securing

5) Before approving a software package, you should look at the files it provides, particularly the __________ programs (typically located in a /bin or /sbin directory).

A) server

B) shell

C) executable

D) None of the above

6) You should vet software packages on a(n) __________ system where you can safely install packages without any concern of impacting a critical system.

A) active

B) temporary

C) permanent

D) test

7) Many administrators rely on which of the following commands to download and install software programs?

A) dnf

B) apt-get

C) yum

D) All of the above

8) Your security policy should include a process in which the __________ location of software packages is confirmed before installing packages.

A) source

B) destination

C) original

D) final

9) Which of the following is a system designed to provide a single location where you can learn about security-related software issues?

A) SUID

B) MITRE

C) CVE

D) SGID

10) CVE is short for which of the following?

A) Command Vulnerabilities and Exposures

B) Common Vulnerabilities and Exposures

C) Command Vulnerabilities and Environments

D) Common Vulnerabilities and Environments

11) Which of the following is not true regarding the CVE system?

A) When a vulnerability is discovered and reported, it is assigned a unique ID.

B) The system is maintained by the MITRE Corporation.

C) The CVE system provides a search tool for locating specific software.

D) You must pay subscription fees in order to access CVE data.

12) You can download CVEs and use the __________ command to find the ones that are related to the software installed on your system.

A) grep

B) rpm

C) dpkg

D) dnf

13) Which of the following information is provided in a CVE?

A) The date the CVE was created

B) Organization that assigned the CVE a unique ID

C) References to additional information

D) All of the above

14) Many organizations only install and support one or two distributions because of the work involved in __________ each system.

A) updating

B) downloading

C) securing

D) reviewing

15) Your security plan should include a regular review of __________ as well as a review of the distribution’s security alerts.

A) SGIDs

B) CVEs

C) SUIDs

D) xinetd

16) Red Hat uses __________ to inform security personnel of any potential vulnerabilities.

A) RHELs

B) CVEs

C) Data Feeds

D) RHSAs

17) Which of the following is a collection of older services, normally referred to as “legacy services,” that your organization may need to use?

A) xinetd

B) telnet

C) RHSAs

D) CVEs

18) The primary configuration file for the xinetd daemon is the __________ file.

A) /etc/xinetd.d

B) /usr/sbin/in.telnetd

C) /etc/xinetd.conf

D) /etc/xinetd.d/telnet

19) Which of the following settings in the /etc/xinetd.conf file indicates how many concurrent connections are allowed?

A) instances

B) per_source

C) cps

D) includedir

20) Which of the following settings in the /etc/xinetd.d directory indicates the executable file for the service?

A) disable

B) user

C) log_on_failure

D) server