Ch.33 Rothwell Additional Security Tasks Full Test Bank

Linux Essentials for Cybersecurity (Rothwell/Kinsey)

Chapter 33 Additional Security Tasks

1) Which of the following is a service that scans specific log files, searching for IP addresses of systems that attempt to breach a system via repeated connection attempts?

A) BugTraq

B) US-CERT

C) fail2ban

D) CERT

2) Which of the following is the primary configuration file for the fail2ban utility?

A) /etc/fail2ban/jail.conf

B) /etc/openvpn/easy-rsa/keys

C) /etc/fail2ban/action.d/iptables.conf

D) /etc/openvpn/easy-rsa/vars

3) Which of the following key fail2ban configuration settings allows you to create “white lists” of IP addresses to never ban?

A) maxretry

B) ignoreip

C) enabled

D) findtime

4) Which of the following key fail2ban configuration settings specifies the period of time, in seconds, that the maxretry entry uses?

A) bantime

B) enabled

C) ignoreip

D) findtime

5) In order to configure OpenVPN, you must perform five primary steps. Which of the following is the first of these steps?

A) Generate the VPN Server certificate.

B) Configure a Certificate Authority (CA).

C) Generate the VPN Client certificate.

D) Configure the VPN server.

6) The first step in setting up a Certificate Authority (CA) is to create a directory and copy some files from the __________ directory.

A) /usr/share/easy-rsa

B) /etc/openvpn/easy-rsa

C) /etc/openvpn/easy-rsa/vars

D) /etc/openvpn/easy-rsa/keys

7) To create a server certificate, execute the __________ script followed by the name you want to give your server.

A) ./build-dh

B) ./build-key

C) ./build-key-server

D) ./build-ca

8) To create a VPN client certificate, execute the __________ script, providing the name of the client as an argument.

A) ./build-dh

B) ./build-key

C) ./build-key-server

D) ./build-ca

9) After generating the VPN client certificate, which of the following keys need to be copied to the VPN client?

A) vpnclient1.key

B) ca.crt

C) vpnclient1.crt

D) All of the above

10) On a typical Ubuntu system, the sample configuration files included with the OpenVPN software package are located in which of the following directories?

A) /etc/openvpn/easy-rsa/keys

B) /etc/openvpn/easy-rsa/vars

C) /usr/share/doc/openvpn/examples/sample-config-files

D) /usr/share/doc/openvpn/sample-config-files

11) The gpg utility is an acronym for which of the following?

A) GNU Private Guard

B) GNU Privacy Guard

C) GNU Private Gateway

D) GNU Privacy Gateway

12) Which of the following utilities can be used to create public and private encryption keys?

A) gpg

B) pgp

C) gnupg

D) fail2ban

13) Which of the following options for the gpg command is used to specify the name of the public key file?

A) --export

B) --decrypt

C) --encrypt

D) --output

14) A user can encrypt a file using which of the following options with the gpg command?

A) --export

B) --decrypt

C) --encrypt

D) --output

15) After a file has been encrypted, the only way it can be decrypted is with the private key on your system, using which of the following options with the gpg command?

A) --export

B) --decrypt

C) --encrypt

D) --output

16) Which of the following options for the gpg command is used to specify the key that you want to send?

A) --export

B) --decrypt

C) --encrypt

D) --output

17) Which of the following security alert services is an email-based program that is sponsored by Security Focus?

A) US-CERT

B) NCCIC

C) BugTraq

D) CERT

18) Which of the following security alert services is the Nation’s flagship cyber defense, incident response, and operational integration center?

A) US-CERT

B) NCCIC

C) BugTraq

D) CERT

19) Which of the following security alert services is a component of a larger organization at Carnegie Mellon University called the Software Engineering Institute (SEI)?

A) US-CERT

B) NCCIC

C) BugTraq

D) CERT

20) CERT is an acronym for which of the following?

A) Cybersecurity Emergency Response Teams

B) Computer Emergency Response Teams

C) Cybersecurity Emergency Response Transmission

D) Computer Emergency Response Transmission