IS3440 vlab 2 assesment wk 1
Assessment Worksheet
Configuring Basic Security Controls on a CentOS Linux Server
IS3440
Course Name and Number: _____________________________________________________
Annisa Fields
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you secured a Linux server system. You secured the bootloader, enabled iptables firewall, and ran SELinux to help lock down the Linux OS. By securing the bootloader, you prevented access to single-user mode and the GRUB Console during the boot of the system. Enabling iptables and applying firewall rules ensured that only the applications you wanted can reach or reach out from your computer. You also applied access control lists (ACLs) to directories and files within the lab to secure the file and data access and then verified those permissions on the system.
Lab Assessment Questions & Answers
1. What is GRUB and why is it important to lock it down?
GRUB is a boot processor that allows a person to boot into other operating systems. It is important to lock down grub otherwise an outside person can boot into single user mode and gain root access.
2. Discuss the purpose of granting sudo access. Why is it a good idea not to log in as a root user?
3.
With sudo command is the same as the run as command in windows. It allows a person to run one command with root access while not being logged into the server as root. If a person logs into root they will have full access to the system and could purposely or accidently run
If
a file is set thekillimmutable commands thatwith would the server.flag, what security controls does this provide for
the file?
If a file is set with an the immutable flag it means that the it’s a file that not even the root user could delete if they tried.
4. Besides immutable, what are some of the other
Configuring Basic Security Controls on a CentOS Linux Server
IS3440
Course Name and Number: _____________________________________________________
Annisa Fields
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
In this lab, you secured a Linux server system. You secured the bootloader, enabled iptables firewall, and ran SELinux to help lock down the Linux OS. By securing the bootloader, you prevented access to single-user mode and the GRUB Console during the boot of the system. Enabling iptables and applying firewall rules ensured that only the applications you wanted can reach or reach out from your computer. You also applied access control lists (ACLs) to directories and files within the lab to secure the file and data access and then verified those permissions on the system.
Lab Assessment Questions & Answers
1. What is GRUB and why is it important to lock it down?
GRUB is a boot processor that allows a person to boot into other operating systems. It is important to lock down grub otherwise an outside person can boot into single user mode and gain root access.
2. Discuss the purpose of granting sudo access. Why is it a good idea not to log in as a root user?
3.
With sudo command is the same as the run as command in windows. It allows a person to run one command with root access while not being logged into the server as root. If a person logs into root they will have full access to the system and could purposely or accidently run
If
a file is set thekillimmutable commands thatwith would the server.flag, what security controls does this provide for
the file?
If a file is set with an the immutable flag it means that the it’s a file that not even the root user could delete if they tried.
4. Besides immutable, what are some of the other