Question 1:Which of the following can help you detect changes made by a hacker to the system log of a server?

A. Mirroring the system log onto a second server

B. Writing the system log to not only the server, but also on a write-once disk

C. Setting permissions to write protect the directory containing the system log

D. Storing the backup of the system log offsite

Answer 1: B. By using a write-once CD that cannot be overwritten, the logs are much safer. Answers A, C, and D are incorrect, as write protecting the system log does little to prevent a hacker from deleting or modifying logs because the superuser or administrator can override the write protection. Backup and mirroring could overwrite earlier files and might not be current. Storing the backup does not prevent tampering.

Question 2:Which of the following is not one of the three items that security is based on?

A. Confidentiality

B. Availability

C. Authentication

D. Integrity

Answer 2: D. Authentication is not one of the items that is part of the three building blocks of security. Answers A, B, and C are incorrect because they are part of the three basic security items. There are many ways in which security can be achieved, although it’s universally agreed that confidentiality, integrity, and availability (CIA) form the basic building blocks of any good security initiative.

Question 3: Which of the following best describes a phreaker?

A. A hacker who is skilled in manipulating the phone system

B. A hacker who is skilled in social engineering

C. A hacker who is skilled in manipulating the Voice over IP (VoIP)

D. A hacker who is skilled in manipulating cryptographic algorithms

Answer 3: A. A phreaker is a hacker who is skilled in manipulating the phone system. Answers B, C, and D are incorrect, as phreakers don’t specialize in social engineering, VoIP, or cryptography.

Question 4: Which of the following terms best describes malware?

A. Risks

B. Threats

C. Vulnerabilities

D. Exploit

Answer 4: B. A threat is any agent, condition, or circumstance that could potentially cause harm, loss, or damage. Answers A, C, and D are incorrect because risk is the probability or likelihood of the occurrence or realization of a threat. A vulnerability is a weakness in the system design, implementation, software, code, or other mechanism. An exploit refers to a piece of software, tool, or technique that takes advantage of a vulnerability, which leads to privilege escalation, loss of integrity, or denial of service on a computer system.

Question 5: Which of the following best describes the principle of defense in-depth?

A. Two firewalls in parallel to check different types of incoming traffic

B. Making sure that the outside of a computer center building has no signs or marking so that it is not easily found

C. Using a firewall as well as encryption to control and secure incoming network traffic

D. Using two firewalls made by different vendors to consecutively check the incoming network traffic

Answer 5: C. Using a firewall as well as encrypted data is the best example of defense in-depth. Answer A is incorrect because firewalls alone are not an example of defense in-depth. Answer B is incorrect because even though it is a good idea to ensure that a computer center is not marked, it is not an example of defense in-depth. Answer D is incorrect because using firewalls by different vendors is a good example of layered firewall security, and defense in-depth would best be assured if you had both firewall and logical controls.Linux Q&A