Published on March 7, 2014
Get Success in Passing Your Certification Exam at first attempt! ExamReal.com, All Rights Reserved.
ECCouncil.212-77.v20110601.56q Vendor : ECCouncil Exam Name : Linux Security Exam Code : 212-77 For Full Set of Questions Please Visit : http://www.ExamReal.com/212-77.html
ECCouncil 212-77 Exam | ExamReal.com Exam A QUESTION 1 Which of the following is true of Linux passwords? They are changed with the password utility. They must be changed once a month. They may consist only of lowercase letters and numbers. They may be changed by the user who owns an account or by root. om A. B. C. D. Correct Answer: A om R vi /etc/shadow sudo -c "vi /etc/shadow" su -c "vi /etc/shadow" visu vi /etc/passwd m A. B. C. D. ea l.c QUESTION 2 Assume that you have just logged on as a regular user. Which of the following commands allows you to edit the file with user passwords associated with the Shadow Password Suite? xa l.c Correct Answer: B w .E ea QUESTION 3 Under the bash shell which is the most appropriate place to set environment variables that apply to all users? l.c m .E Correct Answer: A ea xa w om R /etc/skel rc.sysinit /etc/profile /etc/bashrc rc.local w A. B. C. D. E. R w .E xa Correct Answer: D m w Disable a service in the appropriate /etc/xinetd.d configuration file. Use a firewall to drop all requests to unneeded services. Block service requests with the appropriate commands in /etc/hosts.deny. Uninstall unneeded network services. w A. B. C. D. w QUESTION 4 Which of the following measures is the most effective way to prevent attacks through various network services? A. B. C. D. w w QUESTION 5 Which of the following statements applies to the IP address 192.168.0.1? It is reserved. It cannot be assigned to a host that accesses the Internet. It is designated for multicast transmission. It can be freely assigned to a host on a private network Correct Answer: A QUESTION 6 Which of the following are ways to disable dynamic routing? Contact Us : firstname.lastname@example.org Get Success in Passing Your Certification Exam at first attempt
ECCouncil 212-77 Exam | ExamReal.com A. B. C. D. The linuxconf Gated Daemon screen The linuxconf Routed Daemon screen echo "0" > /proc/sys/net/ipv4/dynamic_routing Editing /etc/sysconfig/network-scripts Correct Answer: B dhcpcd pump dhcpd dhclient ea l.c A. B. C. D. om QUESTION 7 Which of the following is not a Linux DHCP client? Correct Answer: A m om R QUESTION 8 How should you engage users in helping to secure your computer's passwords? om xa w Correct Answer: A l.c m w R w .E ea xa l.c A. Educate them about the importance of security, the means of choosing good passwords, and the ways crackers can obtain passwords. B. Instruct your users to e-mail copies of their passwords to themselves on other systems so that they're readily available in case of an emergency. C. Enforce password change rules but don't tell users how crackers obtain passwords since you could be educating a future cracker. D. Give some of your users copies of the encrypted database file as backup in case a cracker breaks in and corrupts the original. .E ea QUESTION 9 Which of the following are risks of SUID and SGID programs? (Choose two) w .E xa w m w R w A. Bugs in the programs may cause more damage than they would in ordinary programs. B. The program files are large and thus may cause a disk to run out of space. C. Because the programs require password entry, running them over an insecure network link runs the risk of password interception. D. Users may be able to abuse a program's features, thus doing more damage than would otherwise be possible. Correct Answer: BD A. B. C. D. man syslog 3 man 3 syslog man syslog -3 man -3 syslog w w QUESTION 10 You are told by a co-worker that information pertaining to the syslog command can be found in man page 3. How would you view this information? Correct Answer: B QUESTION 11 Which statement describes the cron daemon? Contact Us : email@example.com Get Success in Passing Your Certification Exam at first attempt
ECCouncil 212-77 Exam | ExamReal.com A. B. C. D. E. Manages scheduling of routine system tasks Manages all incoming connections and spawns off child processes Is responsible for file sharing across a network Keeps track of system messages and errors Manages the printing subsystem Correct Answer: B grpunconv; passunconv grpunconv; pwunconv gconv; passunconv gconv; pwunconv om m Correct Answer: B R xa ea Print the contents of MyFile in alphabetical order and display the contents of MyFile in sorted order. Print the contents of MyFile in alphabetical order and display the contents of MyFile. It would not work because it contains too many pipes. Print the contents of MyFile in alphabetical order. m w Correct Answer: A .E ea xa w QUESTION 14 You inadvertently change the permission block on /usr/bin/passwd command to -r-xr-xr-x. What would be the effect of this change? om R w .E A. B. C. D. l.c QUESTION 13 What would the following command do? cat MyFile | sort | tee | lpr l.c A. B. C. D. ea l.c om QUESTION 12 You're using a communications protocol that cannot handle encrypted passwords. You need to disable the Shadow Password Suite. Which of the following pairs of commands restores the original clear-text passwords that you had encrypted into the /etc/shadow and /etc/gshadow files? Correct Answer: B m w .E xa w w R w A. No changes in how the command runs would occur. B. Users could no longer change their passwords because they do not have write permissions to /etc/ passwd. C. Users' passwords would not expire. D. Shadow passwords would quit working. w w QUESTION 15 One of your colleagues is showing you the output from a protocol analyzer, which can detect the types of messages that are being transmitted over a network. The protocol analyzer shows a large number of ping commands being sent to your Web server. Others on the Internet are having trouble accessing your Web server. What kind of problem are you having? A. Someone is using your Web site to test their connectivity to the Internet. B. Someone is using a DoS attack on your Web site. C. There is no problem; this is normal traffic from DNS servers and Internet routers checking connectivity to your Web site. D. There is insufficient capacity on the Internet connection to your Web site. Correct Answer: B QUESTION 16 Contact Us : firstname.lastname@example.org Get Success in Passing Your Certification Exam at first attempt
ECCouncil 212-77 Exam | ExamReal.com When you look through the /var/log directory you see a new file, httpd.crit. Assume that it is a legitimate file, created for legitimate reasons. Which of the following statements is the best possible description of this file? A. B. C. D. It contains error messages related to access to your Apache Web server. It includes critical notices related to access through your router. It contains critical information related to your Web access. It includes critical messages about the actions taken by your Apache Web server. om Correct Answer: B om R tar cvf /tmp/kernel-patch-2.4.4-66.i386.tgz tar xzf /tmp/kernel-patch-2.4.4-66.i386.tgz tar czf /tmp/kernel-patch-2.4.4-66.i386.tgz tar xvf /tmp/kernel-patch-2.4.4-66.i386.tgz m A. B. C. D. ea l.c QUESTION 17 When you downloaded a kernel patch from the Internet, the name you clicked on was kernel-patch-2.4.466.i386.tar.gz. The file that was downloaded is kernel-patch-2.4.4-66.i386.tgz. Which of the following commands will unarchive this patch from the /tmp directory? xa l.c Correct Answer: C l.c m .E Correct Answer: C ea xa w om nice -n -10 anticrime renice -10 1539 renice 10 1539 nice -n 10 anticrime w A. B. C. D. R w .E ea QUESTION 18 Your supervisor tells you that she wants a crime database program, /opt/bin/anticrime run at the highest priority. From the ps aux | grep anticrime command, you find that anticrime is currently being run by user jb (your supervisor), with a PID of 1539. Which of the following commands gives the currently running anticrime program a higher priority on your system? R w .E xa Correct Answer: C m w Prints the directory Print status of LPT1 Shows what processes are running Produces system statistics w A. B. C. D. w QUESTION 19 What does the command "ps" do? A. B. C. D. chuser root root login root su w w QUESTION 20 A user is logged into the Linux workstation, what is the best way to login to root from a shell prompt? Correct Answer: D QUESTION 21 You want to know how long each user's session was the last time they logged on. Which of the following Contact Us : email@example.com Get Success in Passing Your Certification Exam at first attempt
ECCouncil 212-77 Exam | ExamReal.com log files contains this information? A. B. C. D. /var/log/utmp /var/log/usrlog /var/log/wtmp /var/log/lastlog om Correct Answer: D Linux's standard NFS file sharing support The Linux smbclient program An FTP server running on the Windows system The Linux smbmount program om Correct Answer: B R A. B. C. D. ea l.c QUESTION 22 You want to allow Linux users running StarOffice to directly edit files stored on a Windows 2000 SMB/CIFS file server. Which of the following would you use to enable this? ea xa R m w Correct Answer: A om 640 022 210 027 w .E A. B. C. D. l.c m QUESTION 23 Which of the following umask values will result in files with rw-r----- permissions? l.c R ea .E w You did not assign a valid password to Mary's account. You did not set the appropriate permissions to her home directory. You did not create her home directory. You cannot create a new user account by manually editing the /etc/passwd file. m w A. B. C. D. xa w QUESTION 24 You add the following line to the /etc/passwd file mary::122:50:Mary Jones:/home/mary:/bin/bash a and use the passwd command to change her password. You also create her home directory. However, when Mary tries to log in, the login fails. What is the problem? w .E xa w Correct Answer: C QUESTION 25 Which of the following types of information is returned by typing ifconfig eth0? (Choose two) The names of programs that are using eth0 The IP address assigned to eth0 The hardware address of eth0 The hostname associated with eth0 Correct Answer: BD w w A. B. C. D. QUESTION 26 Which of the following commands gives you the current routing table without requiring network activity to access a DNS server? A. netstat -r B. netstat Contact Us : firstname.lastname@example.org Get Success in Passing Your Certification Exam at first attempt
ECCouncil 212-77 Exam | ExamReal.com C. route D. route -n Correct Answer: A QUESTION 27 An irreparably corrupt ext2 filesystem requires running: om fdisk mkfs newfs fsck ea l.c A. B. C. D. Correct Answer: D om l.c m You can log information to a separate computer that you can't log locally. Logging information in this way minimizes network use. The logging system can analyze the logs using Tripwire. Logs stored on a separate computer are less likely to be compromised by a cracker. xa A. B. C. D. R QUESTION 28 Which of the following is an advantage of designating one well-protected computer to record log files for several other computers? w .E ea Correct Answer: C om l.c .E Correct Answer: D ea xa w m news.* /var/log/newslog news.!* /var/log/newslog news.*;news.!=info /var/log/newslog *news /var/log/newslog w A. B. C. D. R QUESTION 29 Which of the following lines would log all messages from news to the file /var/log/newslog? w .E xa Correct Answer: A m w CONFIG_FIREWALL CONFIG_IP_FIREWALL CONFIG_SYN_COOKIES CONFIG_IP_FORWARD w A. B. C. D. R w QUESTION 30 Which of the following configuration options for kernel enable you to effectively make your computer a router? A. B. C. D. /etc/services/ /etc/hosts /etc/resolv.conf /etc/network/interfaces w w QUESTION 31 Which file contains the name servers to be used by the local machine for hostname resolution? Correct Answer: B Contact Us : email@example.com Get Success in Passing Your Certification Exam at first attempt
ECCouncil 212-77 Exam | ExamReal.com QUESTION 32 Which of the following practices is the most useful physical security requirement for a Linux server? A. B. C. D. Keep the Linux server in a locked room. Never leave the Linux computer unattended while it is running. Maintain a password-protected screensaver on the Linux server. Keep passwords stored in a locked file cabinet. om Correct Answer: D search the-nashes.net 10.254.90.135 deedee.the-nashes.net deedee 10.254.90.135/ip nameserver 10.254.90.131 om Correct Answer: B R A. B. C. D. ea l.c QUESTION 33 Which of the following is a correct entry in the /etc/hosts file? xa R m w Correct Answer: A l.c ea .E R w /etc/shadow /etc/.passwd /etc/passwd /.secure/.htaccess m w A. B. C. D. xa w QUESTION 35 What is the name of the file that contains encrypted hashes of passwords on a Linux system? Correct Answer: C w om ea Keep a copy of each user's password in a locked filing cabinet in the same room as the Linux server. Record the inode number of every file in a binder in the same room as the Linux server. Record the hardware configuration details in a binder in the same room as the Linux server. Keep a copy of key configuration files on a different partition on the same computer. w .E A. B. C. D. l.c m QUESTION 34 You're planning the setup of a Linux computer as a server on your organization's network. Which of the following is consistent with best practices for documentation? w w A. B. C. D. w .E xa QUESTION 36 As the developers in your company work on the newest security software, Antiterror, different versions of the beta are being released weekly. The current version, antiterror-7, is located in the /opt/bin/antiterror-7 directory. Later versions will be released in parallel directories; for example, the next version will be located in the /opt/bin/antiterror-8 directory. Everyone who is testing this software is running the /opt/test/ antiterror command. Which of the following actions would ensure that the testers get the latest version of the software next week? ln /opt/test/antiterror /opt/bin/antiterror-7/antiterror-7 ln antiterror /opt/bin/antiterror-8/antiterror-8 ln /opt/test/antiterror.lnk /opt/bin/antiterror-8/antiterror-8 ln /opt/test/antiterror /opt/bin/antiterror-8/antiterror-8 Correct Answer: C QUESTION 37 On Linux systems, how can root logins be restricted? Contact Us : firstname.lastname@example.org Get Success in Passing Your Certification Exam at first attempt
ECCouncil 212-77 Exam | ExamReal.com A. B. C. D. With the /etc/default/login file With the /etc/default/useradd file With the .profile file With the /etc/securetty file Correct Answer: D om Correct Answer: B ea l.c Use du . Use df . Use du / Use df Use df / R A. B. C. D. E. om QUESTION 38 How can you best see how much free space you have in your current directory? xa ea Set a BIOS password. Remove servers that were installed by default but that are not being used. Set the computer to boot from a CD-ROM before a floppy. Lock the computer case shut. m w Correct Answer: C om R w .E A. B. C. D. l.c m QUESTION 39 Which of the following steps would not substantially improve security over the typical Linux installation to a computer with typical hardware and settings? l.c R m QUESTION 41 Why is a log file analysis tool like Logcheck useful? w .E xa w Correct Answer: B Logcheck compares patterns of activity across several days or weeks and spots anomalies. Logcheck uses information in log files to help identify a cracker. Logcheck translates log file entries from cryptic comments into plain English. Logcheck sifts through large log files and alerts you to the most suspicious entries. Correct Answer: D w w A. B. C. D. ea .E w 002 220 222 022 w A. B. C. D. xa w QUESTION 40 One of your users says that she changed her umask to 664, but now her new files all have a permission block of ---x--x-w-. If she wanted her new files to have a permission block of -rw-rw-r--, what should she have used as a umask? QUESTION 42 You've installed a new application on a test computer. During testing, you've run into a number of problems that you are unable to troubleshoot. Where should you look first for help? A. Before doing anything else, install the application on a production computer and see if you still have the same problems. Contact Us : email@example.com Get Success in Passing Your Certification Exam at first attempt
B. The log files associated with the application. C. The Web site home page for the application. D. Newsgroups where other users discuss the application. Correct Answer: B QUESTION 43 Upon boot, the kernel starts init. What does init start next? om /etc/rc.d/init.d /etc/rc.d/rc.sysinit /etc/rc.d/initdefault /etc/inittab ea l.c A. B. C. D. Correct Answer: B om ea xa l.c m R Correct Answer: E om end CTRL-ALT-DEL stop wait kill w .E A. B. C. D. E. R QUESTION 44 You are working in Linux when a program hits a flaw and stops running. Which command can be used to end the process? l.c xa w m w QUESTION 45 Assume you have forgotten the current superuser password for your Linux computer. On several Linux distributions, which of the following commands allows you to reset the root user password? Correct Answer: B m w .E xa w w R w .E ea A. Run the shutdown -r now command, wait until your computer reboots, then at the LILO Boot: prompt enter the linux single command. When you see the prompt, run the passwd command. B. Restart your computer. When your computer reboots, wait until you see the LILO Boot: prompt. At that prompt, enter the init 1 command. When you see the command-line interface prompt, run the passwd command. C. Restart your computer. When Linux reboots, log in again, then enter the init 1 command. When you see the command-line interface prompt, run the passwd command. D. Restart your computer. When your computer reboots, wait until you see the LILO Boot: prompt. At that prompt, enter the linux single command. When you see the command-line interface prompt, run the passwd command. w w QUESTION 46 A computer is chained firmly to the wall, all of its accounts are secured with good shadowed passwords, and it's configured to boot only from its hard disk, but the system has no BIOS or boot loader password. No users are currently logged into this system. How might a malicious individual without an account on this system corrupt it if given a few minutes alone with it? (Choose two) A. The intruder could reboot it, reconfigure it to boot from floppy, boot a DOS floppy, and use DOS's disk utilities to delete the Linux partitions and erase the hard disk. B. The intruder could open the case, remove the hard disk and insert it in another computer, then modify the configuration files and return the hard disk to the original machine. C. The intruder could run a password-cracking program on the system's /etc/passwd file, thus obtaining all the user's passwords for use in further compromising the system at a later date. D. The intruder could utilize a bug in su, passwd, or some other SUID root program to acquire root
privileges and then alter the system's configuration files. Correct Answer: AB QUESTION 47 Which command creates a file system in Linux? CRFS FS FDISK MKFS om A. B. C. D. ea l.c Correct Answer: D QUESTION 48 What command would you type to change the ownership of somefile.txt from ralph to tony? om R chmod somefile.txt tony chown somefile.txt tony chown ralph.tony somefile.txt chown tony somefile.txt m A. B. C. D. xa l.c Correct Answer: D w .E ea QUESTION 49 Which of the following commands configures the laura account to expire on January 1, 2005? l.c m xa w om R chage -E 2005/01/01 laura usermod -e 2005 laura usermod -e 2005-01-01 laura chage -I 2005-01-01 laura w A. B. C. D. Correct Answer: C R w .E xa Correct Answer: B m w hosts.deny takes precedence; the client is denied access to the server. hosts.allow takes precedence; the client is granted access to the server. The system's administrator is paged to decide whether to allow access. TCP Wrappers refuses to run and logs an error in /var/log/messages. w A. B. C. D. w .E ea QUESTION 50 server/computer combination appears in both hosts.allow and hosts.deny. What's the result of this configuration when TCP Wrappers runs? A. B. C. D. w w QUESTION 51 You think that someone has been attempting to hack into your system by attacking your /etc/passwd file. What can you do to increase the security of your system? Change all the passwords in the /etc/passwd file to x. Implement shadow passwords using the spasswd command. Change all the passwords in the /etc/passwd file to *. Implement shadow passwords using the pwconv command. Correct Answer: D QUESTION 52 Which of the following statements applies to the IP address 192.168.0.1?
A. B. C. D. It is reserved. It cannot be assigned to a host that accesses the Internet. It is designated for multicast transmission. It can be freely assigned to a host on a private network Correct Answer: A om R Correct Answer: A l.c Correct Answer: D Correct Answer: D ea R w .E xa With the /etc/default/login file With the /etc/default/useradd file With the .profile file With the /etc/securetty file w w w QUESTION 56 On Linux systems, how can root logins be restricted? m w Correct Answer: A A. B. C. D. l.c m xa dhcpcd pump dhcpd dhclient .E A. B. C. D. w w w QUESTION 55 Which of the following is not a Linux DHCP client? R ea xa CRFS FS FDISK MKFS w .E A. B. C. D. m QUESTION 54 Which command creates a file system in Linux? om CONFIG_FIREWALL CONFIG_IP_FIREWALL CONFIG_SYN_COOKIES CONFIG_IP_FORWARD ea l.c A. B. C. D. om QUESTION 53 Which of the following configuration options for kernel enable you to effectively make your computer a router?
About ExamReal.com As a professional IT exam study guide provider, ExamReal.com provides our candidates with the most accurate and high quality IT exam training material. Cisco EMC LPI Citrix EXIN Nortel CompTIA HP Oracle Check Point Juniper VMware and so on, you can find all kinds of exam questions, study guides, practice tests here. Our aim is to be your assistance on your way to be successful in your IT certifications. We provide our customers with the 100% Pass Guaranteed or Full Refund. We spare no efforts to help you to pass any IT Certification exams at the first try. Do not hesitate to contact us if you need any help on the products, payments or questions about IT exams. You can reach us on: Sales: firstname.lastname@example.org Support: email@example.com Billing: firstname.lastname@example.org We will get in touch with you in 24 hours. You satisfactory is the recognition for us. You could rely upon us anytime you need help. We are at your service. Guarantee & Policy | Privacy & Policy | Terms & Conditions Any charges made through this site will appear as Global Simulators Limited. All trademarks are the property of their respective owners. 2004-2014 ExamReal.com, All Rights Reserved.