|
In order to send a print job to a printer using CUPS, what command must be used? |
lp |
|
On Linux, the root user always has a UID of what number? |
0 |
|
What priority used by the System Log Daemon indicates a very serious system condition that would normally be broadcast to all users? |
panic |
|
What option can be added to the userdel command to remove the home directory of the target user? |
-r dash lowercase r |
|
What option can be used in the journald configuration file to specify a file size limit to the event log? |
SystemMaxUse |
|
Adding the -t option to what command below will provide a list of all printers on the system and their status? |
lpstat |
|
What is the default print job priority for all print jobs created by the lp command? |
50 |
|
he System Log Daemon uses what TCP and UDP port to accept incoming requests from another System Log Daemon on a remote system? |
514 |
|
What System Log Daemon priority indicates an error that should be rectified immediately, such as a corrupt system database? |
alert |
|
The CUPS Web administration tool can be accessed via web browser by accessing what TCP port below? |
631 |
|
What log file contains information and error messages regarding network access generated by daemons such as ssd and xinetd? |
secure |
|
Where is the skeleton directory located on most Linux systems? |
/etc/skel dash etc dash skel |
|
Select the option that can be used with the lpstat command to display a list of printers that are enabled: |
-p dash p |
|
What option should be used in conjunction with the lp command in order to specify the destination printer name? |
-d dash d |
|
A user account can be locked with the usermod command using what option? |
-L dash L |
|
The System Log Daemon uses what TCP and UDP port to accept incoming requests from another System Log Daemon on a remote system? |
514 |
|
What configuration file contains parameters that set the default location for e-mail, password expiration information, minimum password length, and the range of UIDs and GIDs available for use? |
login.defs |
|
In order to create user accounts on a Linux system, what command should be utilized? |
useradd |
|
A system that uses an /etc/passwd file only can be converted to use /etc/shadow for security by using what command? |
pwconv |
|
Which command should be used to restrict access to printers? |
lpadmin |
|
To change the primary group temporarily to another group that is listed in the output of the groups and id commands, you can use which command below? |
newgrp |
|
Describe how the /etc/passwd and /etc/shadow files are used in the authentication process. Why are two files used instead of one? How can you convert a system to use the /etc/shadow file to store passwords? |
The system database that contains user account information typically consists of two files: /etc/passwd and /etc/shadow. Every user typically has a line that describes the user account in /etc/passwd and a line that contains the encrypted password and expiration information in /etc/shadow. Older Linux systems stored the encrypted password in the /etc/passwd file and did not use an /etc/shadow file at all. This is considered poor security today because processes often require access to the user information in /etc/passwd. Storing the encrypted password in a separate file that cannot be accessed by processes prevents a process from obtaining all user account information. By default, Fedora 13 configures passwords using an /etc/shadow file. However, you can use the pwunconv command to revert to using an /etc/passwd file only. Also, you can use the pwconv command to configure the system again using an /etc/shadow file for password storage. |
|
How do you delete a user account? When you delete a user account, what gets deleted and what does not? What happens to the user’s files? |
To delete a user account, you can use the userdel command and specify the user name as an argument. This removes entries from the /etc/passwd and /etc/shadow files corresponding to the user account. Furthermore, you can specify the -r option to the userdel command to remove the home directory for the user and all of its contents. When a user account is deleted, any files that were previously owned by the user become owned by a number that represents the UID of the deleted user. Any future user account that is given the same UID then becomes the owner of those files. |
|
In order to prevent unauthorized access, how can the shadow file be configured to enforce a password policy? What happens to accounts with expired passwords? |
To ensure that passwords are changed, you can can set them to expire at certain intervals. Three fields of the /etc/shadow file indicate information about password expiration: min represents the number of days a user must wait before he changes his password after receiving a new one, max represents the number of days a user can use the same password without changing it, and warn represents the number of days before a password would expire that a user is warned to change his password. When a password has expired, the user is still allowed to log in to the system for a certain period of time, after which point the user is disabled from logging in. The number of days after a password expires that a user account is disabled is represented by the disable1 field in /etc/shadow. In addition, you can choose to disable a user from logging in at a certain date, such as the end of an employment contract. The disable2 field in /etc/shadow represents the number of days since January 1, 1970 that a user account will be disabled. |
Share This
Flashcard
