3X0-104 Dumps

3X0-104 Braindumps 3X0-104 Real Questions 3X0-104 Practice Test

3X0-104 Actual Questions


killexams.com


Sair


3X0-104


Linux Security, Privacy and Ethics (Level 1)


https://killexams.com/pass4sure/exam-detail/3X0-104


QUESTION: 113

Mary, a senior system administrator, is reviewing the work of a junior system administrator assigned to setup an anonymous FTP Server. Mary notices the line below in the /etc/passwd file. Which of the following represents the security risk imposed by this line?

ftp:*:700:700:Anonymous FTP:/home/ftp:/bin/bash


  1. The anonymous FTP user is not presented with a password prompt.

  2. The FTP Server is now vulnerable to a buffer overflow attack.

  3. The space in the fifth field will cause an error and drop the user to a root shell.

  4. An anonymous FTP user is given a shell from which he can execute uploaded programs.


Answer: D


QUESTION: 114

Which of the following is a characteristic of an effective security policy?


  1. It states who is responsible for creating/updating new policy guidelines.

  2. It states exactly what is being protected and why.

  3. It states that the items at risk must be insured.

  4. It states those behaviors that are seen as appropriate by the company.


Answer: B


QUESTION: 115

The system administrator has discovered that his Server has been compromised. At a minimum, the intruder has obtained a username, password, and the root password. Which of the following will guarantee that the intruder has been removed from the system?


  1. Reformat all partitions and reinstall the system.

  2. Kill all existing processes and reboot.

  3. Change the root password and place a lock on the account to which the intruder has obtained access.


  4. Force all users to change their passwords.


Answer: A


QUESTION: 116

A large server has many services running, including FTP, NFS, and NIS. It is hard for the administrator to find security holes in the services' configuration files, and this leads to possible security risks. Which of the following tools could the administrator use to check these services for security holes?


  1. NTOP

  2. LogCheck

  3. SAINT

  4. Tripwire


Answer: C


QUESTION: 117

Tom is a system administrator for Linux ServerA. Tom is running a Perl script that will initiate a connection request from ServerA to ServerB without completing the network connection. This is done multiple times until ServerB can no longer communicate on the network. What kind of attack has Tom initiated?


  1. Spam blast

  2. TCP bomb

  3. Denial of Service

  4. Internet Worm


Answer: C


QUESTION: 118

Katheryn wants to maximize security on her system by replacing ftpd with a program that logs requests, denies unauthorized users, and runs the original ftpd daemon. What should Kathryn use?


  1. TCP wrappers

  2. A VPN

  3. Tripwire

  4. Packet filters


Answer: A


QUESTION: 119

An administrator finds a program on a network server that modifies several system service records when a certain user logs in and out. The program masks the intruder's actions. This is most likely an example of what type of a

.


  1. Trojan horse

  2. Worm

  3. Back door

  4. Logic bomb


Answer: D


QUESTION: 120

Before Linuxsite sets up its Network, it develops its Network Policy. Which of the following is NOT a reason why Linuxsite should have a Network Policy set up?


  1. It will inform the users of the appropriate use of the system.

  2. It will provideLinuxsite with liability protection if illegal activities are performed on their site without their knowledge.

  3. It will block unauthorized users from accessing the network.

  4. It will provideLinuxsite with a standard way to deal with problems concerning the Network.


Answer: C


QUESTION: 121


An administrator would like to make the Sysmon statusfile available on the Web so she can check Sysmon's status from anywhere. Which of the following Sysmon configuration file entries will put the statusfile in HTML form?


  1. config statusfile html

  2. config html /home/httpd/html/sysmon.html

  3. config statusfile sysmon.html

  4. config statusfile html /home/httpd/html/sysmon.html


Answer: D


QUESTION: 122

Patrick, the system administrator, is concerned about the security of Sendmail and decides to install smap. Which of the following best describes smap?


  1. The Sendmail daemon passes the request to smap, which parses the data against a table of malicious programs and IP addresses known for originating such programs.

  2. smap changes the permissions on all incoming data, which ensures that no attached program has root privileges.

  3. smap does not run as root or have access to anything outside the mail queue, so an attacker will not be able to gain access outside the mail queue.

  4. smap encrypts the data passing between machines by using a specified encryption algorithm and passing public and private encryption keys to verify the host.


Answer: C