CEH_ Official Certified Ethical Hacker Review Guide_ Exam 312-50 - Kimberly Graves [83]
Know the steps to create a Linux operating system. Locate and download the binary files, and compile the Linux source files; then, install the compiled OS.
Know how to harden a Linux system. Use a known good distribution, change the default passwords, disable the root login, use IP tables, use an HIDS, apply the latest fixes, and monitor log files to harden a Linux system.
Understand how LKMs are used. LKMs add functionality to a Linux system, but they should be used only from a known good source.
Know about GCC compilation. GCC compilers are used to create executable applications from C or C++ source code.
Review Questions
1. What does LKM stand for?
A. Linux Kernel Module
B. Linux Kernel Mode
C. Linked Kernel Module
D. Last Kernel Mode
2. What GCC command is used to compile a C++ file called source into an executable file called game?
A. g++ source.c -o game
B. gcc source.c -o game
C. gcc make source.cpp -o game
D. g++ source.cpp -o game
3. What is the command to deny all users access from the network?
A. Cat "A11:A11">> /etc/hosts.deny
B. Set "A11:A11">> /etc/hosts.deny
C. IP deny "A11:A11"
D. Cat A11:A11 deny
4. Of the following, which are common commercial Linux distributions?
A. SUSE, Knark, and Red Hat
B. SUSE, Adore, Debian, and Mandrake
C. SUSE, Debian, and Red Hat
D. SUSE, Adore, and Red Hat
5. What is a Linux live CD?
A. A Linux operating system that runs from CD
B. A Linux operating system installed from a CD onto a hard drive
C. A Linux tool that runs applications from a CD
D. A Linux application that makes CDs
6. What type of attack can be disguised as an LKM?
A. DoS
B. Trojan
C. Spam virus
D. Rootkit
7. Which of the following is a reason to use Linux?
A. Linux has no security holes.
B. Linux is always up to date on security patches.
C. No rootkits can infect a Linux system.
D. Linux is flexible and can be modified.
8. Which of the following is not a way to harden Linux?
A. Physically secure the system.
B. Maintain a current patch level.
C. Change the default passwords.
D. Install all available services.
9. What type of file is used to create a Linux live CD?
A. ISO
B. CD
C. LIN
D. CDFS
10. Why is it important to use a known good distribution of Linux?
A. Source files can become corrupt if not downloaded properly.
B. Only certain distributions can be patched.
C. Source files can be modified, and a Trojan or backdoor may be included in the source binaries of some less-known or free distributions of Linux.
D. Only some versions of Linux are available to the public.
Answers to Review Questions
1. A. LKM stands for Linux Kernel Module.
2. D. g++ source. cpp -o game is the GCC command to create an executable called game from the source file source.
3. A. Cat 'All: A11 " /etc/hosts. deny is the command to deny all users access from the network on a Linux system.
4. C. SUSE, Debian, and Red Hat are all commercial versions of Linux.
5. A. A Linux live CD is a fully functioning operating system that runs from a CD.
6. D. A rootkit can be disguised as an LKM.
7. D. Linux is flexible and can be modified because the source code is openly available.
8. D. Linux should not have unused services running, because each additional service may have potential vulnerabilities.
9. A. An ISO file is used to create a Linux live CD.
10. C. Known good distributions have been reviewed by the Linux community to verify that a Trojan or backdoor does not exist in the source code.
Evading IDSs,
Honeypots, and
Firewalls
CEH EXAM OBJECTIVES COVERED IN THIS CHAPTER:
✓ List the Types of Intrusion Detection Systems and Evasion Techniques
✓ List the Firewall Types and Honeypot Evasion Techniques
Intrusion Detection Systems (IDS), firewalls, and honeypots are all security measures used to ensure a hacker is not able to gain access to a network or target system. An IDS and a firewall are both essentially packet filtering devices and are used to monitor traffic based upon a predefined set of rules. A honeypot