Is3440
Assessment Worksheet
35
LAB #2 – ASSESSMENT WORKSHEET
Configure Basic Security Controls on a CentOS Linux Server
Course Name and Number:
Linux Security IS3440
Student Name:
Instructor Name:
Lab Due Date:
03/28/2013
2
Configure Basic Security Controls on a CentOS Linux Server
Overview
In this lab, you practiced properly securing a Linux server system. You performed the steps to secure the bootloader, enable iptables, and run SELinux to help lock down the Linux OS. You also applied ACLs to directories and files to secure file and data access and then checked those ACLs and permissions on the system.
Lab Assessment Questions & Answers
1. What is GRUB and why is it important to lock it down?
GRUB is a bootloader. A bootloader is a program that allows the user or administrator to choose which operating
system or kernel to load when the computer starts. It is very important to lock this down because of the high access to the kernel and how important aspects can be modified on the fly at anytime during the bootup process because it
is unprotected by password.
2. Discuss the purpose of granting “sudo” access. Why is it a good idea not to log in as a root user?
It gives the person access using the sudo access, superuser capability and allows them to run programs with the
security privileges of such. Root user has priviledges to do anything on the computer, and has access to kernel. This
can cause unstability of the kernel, or even in the wrong hands compromise the system.
3. If a file is set with the immutable flag, what security controls does this provide for the file?
Immutable permissions designation prevents a file from being changed, even by someone with root level access.
38443_LB02_Pass1.indd 35
28/02/13 4:46 PM
36
Lab #2 | Configure Basic Security Controls on a CentOS Linux Server
4. Is it possible for anyone to edit GRUB with “vi”?
No. Only those with the password can modify GRUB.
5. What
35
LAB #2 – ASSESSMENT WORKSHEET
Configure Basic Security Controls on a CentOS Linux Server
Course Name and Number:
Linux Security IS3440
Student Name:
Instructor Name:
Lab Due Date:
03/28/2013
2
Configure Basic Security Controls on a CentOS Linux Server
Overview
In this lab, you practiced properly securing a Linux server system. You performed the steps to secure the bootloader, enable iptables, and run SELinux to help lock down the Linux OS. You also applied ACLs to directories and files to secure file and data access and then checked those ACLs and permissions on the system.
Lab Assessment Questions & Answers
1. What is GRUB and why is it important to lock it down?
GRUB is a bootloader. A bootloader is a program that allows the user or administrator to choose which operating
system or kernel to load when the computer starts. It is very important to lock this down because of the high access to the kernel and how important aspects can be modified on the fly at anytime during the bootup process because it
is unprotected by password.
2. Discuss the purpose of granting “sudo” access. Why is it a good idea not to log in as a root user?
It gives the person access using the sudo access, superuser capability and allows them to run programs with the
security privileges of such. Root user has priviledges to do anything on the computer, and has access to kernel. This
can cause unstability of the kernel, or even in the wrong hands compromise the system.
3. If a file is set with the immutable flag, what security controls does this provide for the file?
Immutable permissions designation prevents a file from being changed, even by someone with root level access.
38443_LB02_Pass1.indd 35
28/02/13 4:46 PM
36
Lab #2 | Configure Basic Security Controls on a CentOS Linux Server
4. Is it possible for anyone to edit GRUB with “vi”?
No. Only those with the password can modify GRUB.
5. What