CCNA Cyber Ops FAQ: Linux- and Mac OS X–Based Analysis

CCNA Cyber Ops FAQ: Linux- and Mac OS X–Based Analysis

Q1. Which process type occurs when a parent process is terminated and the remaining child process is permitted to continue on its own?
A. Zombie process
B. Orphan process
C. Rogue process
D. Parent process

Answer: B. An orphan process results when a parent process is terminated and the remaining child process is permitted to continue on its own.

Q2. A zombie process occurs when which of the following happens?
A. A process holds its associated memory and resources but is released from the entry table.

B. A process continues to run on its own.

C. A process holds on to associated memory but releases resources.

D. A process releases the associated memory and resources but remains in the entry table.

Answer: D. A zombie process occurs when a process releases the associated memory and resources but remains in the entry table.

Q3. What is the best explanation of a fork (system call) in UNIX?
A. When a process is split into multiple processes
B. When a parent process creates a child process
C. When a process is restarted from the last run state
D. When a running process returns to its original value

Answer: B. A fork occurs when a parent process creates a child process.

Q4. Which of the following shows giving permissions to the group owners for read and execute, giving file owner permission for read, write, and execute, and giving all others permissions for execute?
A. -rwx-rx-x
B. -rx-rwx-x
C. -rx-x-rwx
D. -rwx-rwx-x

Answer: A. Answer A represents the file owner being given rwx permissions, the file owner rx permissions, and all others x permissions.

Q5. Which is a correct explanation of daemon permissions?
A. Daemons run at root-level access.

B. Daemons run at super user–level access.

C. Daemons run as the in it process.

D. Daemons run at different privileges, which are provided by their parent process.

Answer: D. Answer D is correct. Best practice is to avoid giving daemons root or super user access because that level of access could be abused. Typically the in it process is used to create daemons.

Q6. Which of the following is not true about symlinks?
A. A symlink will cause a system error ifthe file it points to is removed.

B. Showing the contents of a symlink will display the contents of what it points to.

C. An orphan symlink occurs when the link a symlink points to doesn’t exist.

D. A symlink is a reference to a file or directory.

Answer: A. Symlinks can run even though the data they reference doesn’t exist.

Q7. What is a daemon?
A. A program that manages the system’s motherboard

B. A program that runs other programs

C. A computer program that runs as a background process rather than being under direct control of an interactive user

D. The only program that runs in the background of a UNIX system

Answer: C. Answer C is the best answer in this case. There can be multiple daemon programs, making Answer D incorrect. Although a daemon can be a parent program, that isn’t the best explanation, making answer B incorrect. Answer A is incorrect because daemons are not tasked to just manage a mother board.

Q8. Which priority level of logging will be sent if the priority level is err?
A. err
B. err, warning, notice, info, debug, none
C. err, alert, emerg
D. err, crit, alert, emerg

Answer: D. Answer D represents err and every level above it.

Q9. Which of the following is an example of a facility?
A. marker
B. server
C. system
D. mail

Answer: D. Mail is an example of a facility.

Q10. Which security technology would be best for detecting a pivot attack?
A. Virtual private network (VPN)
B. Host-based antivirus
C. NetFlow solution looking for anomalies within the network
D. Application layer firewalls

Answer: C. NetFlow would be the best security technology for detecting a pivot attack.

Q11. Which of the following statements is not true about a daemon process?
A. A daemon is a process that runs in the background.
B. A daemon’s parent process is typically the in it process.
C. Daemons are controlled by the active user.
D. Not all daemons are automatically started.

Answer: C. Daemons are not controlled by the active user.

Q12. Apache will send diagnostic information and record any errors that it encounters to which of B the following?
A. ErrorLog
B. Dump.txt
C. syslog
D. Accesslog

Answer: A. ErrorLog is the correct file that Apache sends error data to.

Q13. Which of the following explains the file permissions for -rwx-rwx-x?
A. The owner has read, write, and execution permissions; the group has read, write and execution permissions; everybody else has read permission.

B. The owner has read and execution permissions; the group has read, write, and execution permissions; everybody else has write permission.

C. The owner has read, write, and execution permissions; the group has read, write, and execution permissions; everybody else has execution permission.

D. The group has read, write, and execution permissions; the owner has read, write, and execution permissions; everybody else has execution permission.

Answer: C. Remember that rwx stands for read, write, and execution, and the order is owner, group, and everybody else.

Q14. Which is a true statement about a symlink?
A. Deleting the symlink file deletes the file it references.
B. Moving a file referenced by a symlink will cause a system error.
C. Symlinks are the same as pointers.
D. A symlink is also known as a soft link.

Answer: D. Soft link is another name for a symlink.

Q15. Which log type would be used for recording changes in a SQL database?
A. Transaction logs
B. Alert logs
C. Session logs
D. Threat logs

Answer: A. Transaction logs is the best answer. If an error occurred, then an alert log would be generated.

Q16. Which process has a PID of1?
A. Daemon
B. Parent
C. Child
D. Init

Answer: D. Init has a PID of1. Note that init is not a daemon. This will be important for the exam.

Q17. When issuing the command ls -l (filename), what is the correct order of user permissions?
A. group, owner, everybody else
B. everybody else, group, owner
C. owner, everybody else, group
D. owner, group, everybody else

Answer: D. The correct format is owner, group, everybody else.

Q18. Which command can change the file owner?
A. file
B. owner
C. chown
D. chmod

Answer: C. The correct command is chown.

Q19. Which of the following explains Linux daemon permissions?
A. Daemons get permissions from the init process.
B. Daemons get permissions from a parent process.
C. Daemons are always the highest level of permissions.
D. Daemons and the init are the same thing.

Answer: B. Answer B is correct. Answer A is typically how daemons are created; however, sometimes they are not created by the init process. Usually init creates daemons.

Q20. Where is the UNIX log located?
A. /var/log
B. /dev/console
C. /etc/log
D. /config/log

Answer: A. The default location is /var/log.

More Resources

About the author

Scott

Leave a Comment