What is GRUB and why is it important to lock it down? GRUB is a bootloader. A bootloader is a program that allows the user or administrator to choose which operating system or kernel to load when the computer starts. It is very important to lock this down because of the high access to the kernel and how important aspects can be modified on the fly at anytime during the bootup process because it is unprotected by password. 2. Discuss the purpose of granting “sudo” access. Why is it a good idea not to log in as a root user? It gives the person access using the sudo access, superuser capability and allows them to run programs with the ecurity privileges of such. Root user has priviledges to do anything on the computer, and has access to kernel. This can cause unstability of the kernel, or even in the wrong hands compromise the system.
3. If a file is set with the immutable flag, what security controls does this provide for the file? Immutable permissions designation prevents a file from being changed, even by someone with root level access. 38443_LB02_Pass1. indd 35 28/02/13 4:46 PM 36 Lab #2 | Configure Basic Security Controls on a CentOS Linux Server 4. Is it possible for anyone to edit GRUB with “vi”? No.
Only those with the password can modify GRUB. 5. What visual clues in the prompt tell you that you are logged in as a root user? When logged in as the root user there is a # where there is usually a $ for normal users. 6. What is iptables and how does this help harden the CentOS Linux Server? Iptables are the tables provided by the Linux kernel firewall and the chains and the chains and rules it stores. 7. Why is it important to configure and enable iptables on your CentOS Linux Server? It filters network traffic, and determines how the packets are handled securing the server. 38443_LB02_Pass1. ndd 36 28/02/13 4:46 PM Assessment Worksheet 8. What is the difference between “setfacl” and “getfacl”? How can “setfacl” help achieve security 37 hardening? getfacl – get file access control lists. It displays the file name, owner, the group and the Access control list. setfacl – set file access control lists. This sets ACLs of files and directories. This can help security hardening, by restricting access to files and directories that are critical to the operation of the kernel.