Solution Manual for Linux Essentials for Cybersecurity Lab Manual

Preview (16 of 147 Pages)

100%

Purchase to unlock

Loading page image...

Linux Essentialsfor CybersecurityLab Manual’s Answer KeyWilliam “Bo” Rothwell

Loading page image...

Contents at a GlanceIntroductionxivPart I Introducing LinuxCHAPTER 1Distributions and Key Components2CHAPTER 2Working on the Command Line8CHAPTER 3Getting Help14CHAPTER 4Editing Files18CHAPTER 5When Things Go Wrong22Part II User and Group AccountsCHAPTER 6Managing Group Accounts26CHAPTER 7Managing User Accounts30CHAPTER 8Develop an Account Security Policy34Part III File and Data StorageCHAPTER 9File Permissions36CHAPTER 10Manage Local Storage: Essentials44CHAPTER 11Manage Local Storage: Advanced Features50CHAPTER 12Manage Network Storage56CHAPTER 13Develop a Storage Security Policy62Part IV AutomationCHAPTER 14Crontab and At64CHAPTER 15Scripting68CHAPTER 16Common Automation Tasks72CHAPTER 17Develop an Automation Security Policy76Part V NetworkingCHAPTER 18Networking Basics78CHAPTER 19Network Configuration82

Loading page image...

CHAPTER 20Network Service Configuration: Essential Services88CHAPTER 21Network Service Configuration: Web Services92CHAPTER 22Connecting to Remote Systems96CHAPTER 23Develop a Network Security Policy98Part VI Process and Log AdministrationCHAPTER 24Process Control102CHAPTER 25System Logging106Part VII Software ManagementCHAPTER 26Red Hat-Based Software Management110CHAPTER 27Debian-Based Software Management114CHAPTER 28System Booting118CHAPTER 29Develop a Software Management Security Policy120Part VIII Security TasksCHAPTER 30Footprinting122CHAPTER 31Firewalls126CHAPTER 32Intrusion Detection128CHAPTER 33Additional Security Tasks130

Loading page image...

Table of ContentsIntroductionxivPart I Introducing LinuxChapter 1Distributions and Key Components2Lab 1.1 Installing CentOS3Lab 1.2 Installing Ubuntu4Lab 1.3 Installing Kali6Chapter 2Working on the Command Line8Lab 2.1 Manage Files9Lab 2.2 Using Shell Features10Lab 2.3 Compressing Files12Chapter 3Getting Help14Lab 3.1 Getting Help withman15Lab 3.2 Getting Help withinfo16Chapter 4Editing Files18Lab 4.1 Editing Files with thevimEditor19Chapter 5When Things Go Wrong22Lab 5.1 Troubleshooting Linux Issues23Lab 5.2 Configuring User Notifications24Part II User and Group AccountsChapter 6Managing Group Accounts26Lab 6.1 Managing Group Accounts27Lab 6.2 Managing Group Administrators28Chapter 7Managing User Accounts30Lab 7.1 Managing User Accounts31Lab 7.2 Securing User Accounts32Lab 7.3 Configuringsudo33

Loading page image...

Linux Essentials for Cybersecurity Lab ManualviChapter 8Develop an Account Security Policy34Lab 8.1 Testing the Security of Accounts35Lab 8.2 Developing an Account Security Policy35Part III File and Data StorageChapter 9File Permissions36Lab 9.1 Managing File Permissions37Lab 9.2 Managing Special Permissions39Lab 9.3 Enabling Access Control Lists39Lab 9.4 Managing File Ownership and Attributes40Lab 9.5 Monitoring Security Issues with SELinux41Chapter 10Manage Local Storage: Essentials44Lab 10.1 Creating Partitions and Filesystems45Lab 10.2 Mounting Filesystems at Boot48Lab 10.3 Managing Swap Devices49Chapter 11Manage Local Storage: Advanced Features50Lab 11.1 Managing Encrypted Filesystems51Lab 11.2 Configuring Logical Volumes52Lab 11.3 Administering Disk Quotas54Lab 11.4 Managing Hard and Soft Links55Chapter 12Manage Network Storage56Lab 12.1 Configuring Samba57Lab 12.2 Administering NFS59Lab 12.3 Managing iSCSI59Chapter 13Develop a Storage Security Policy62Lab 13.1 Backing Up a Filesystem63Lab 13.2 Developing a Backup Security Policy63Part IV AutomationChapter 14Crontab and At64Lab 14.1 Managingcrontab65Lab 14.2 ConfiguringatCommands67

Loading page image...

ContentsviiChapter 15Scripting68Lab 15.1 Script Project #169Lab 15.2 Script Project #270Chapter 16Common Automation Tasks72Lab 16.1 Script Project #373Lab 16.2 Script Project #474Chapter 17Develop an Automation Security Policy76Lab 17.1 Securingcrontabandat77Lab 17.2 Creating an Automation Security Policy77Part V NetworkingChapter 18Networking Basics78Lab 18.1 Exploring Networking Components79Chapter 19Network Configuration82Lab 19.1 Understanding Network Configuration on CentOS83Lab 19.2 Understanding Network Configuration on Ubuntu85Chapter 20Network Service Configuration: Essential Services88Lab 20.1 Configuring a BIND Server89Lab 20.2 Configuring a Postfix Server90Chapter 21Network Service Configuration: Web Services92Lab 21.1 Configuring and Administering an Apache Server93Lab 21.2 Configuring a Proxy Server94Chapter 22Connecting to Remote Systems96Lab 22.1 Configuring an FTP Server97Lab 22.2 Administering an SSH Server97Chapter 23Develop a Network Security Policy98Lab 23.1 Administering Kernel Security Parameters99Lab 23.2 Securing a System with TCP Wrappers99Lab 23.3 Configuring Network Time Protocol100Lab 23.4 Creating a Networking Security Policy100

Loading page image...

viiiLinux Essentials for Cybersecurity Lab ManualPart VI Process and Log AdministrationChapter 24Process Control102Lab 24.1 Managing System Processes103Lab 24.2 Displaying System Information104Chapter 25System Logging106Lab 25.1 Managing Log Files107Lab 25.2 Configuring Log Rotation107Part VII Software ManagementChapter 26Red Hat-Based Software Management110Lab 26.1 Managing Software Packages withrpm111Lab 26.2 Managing Software Packages withyum112Chapter 27Debian-Based Software Management114Lab 27.1 Managing Software Packages withdpkg115Lab 27.2 Managing Software Packages withapt115Chapter 28System Booting118Lab 28.1 Configuring GRUB Security119Lab 28.2 Managing the Startup Process119Chapter 29Develop a Software Management Security Policy120Lab 29.1 Exploring Common Vulnerabilities and Exposure Reports121Lab 29.2 Managing and Securing Legacy Services121Part VIII Security TasksChapter 30Footprinting122Lab 30.1 Using Probing Tools123Lab 30.2 Scanning the Network124Chapter 31Firewalls126Lab 31.1 Creating a Firewall to Protect a System127Chapter 32Intrusion Detection128Lab 32.1 Creating an Intrusion Detection Security Plan129Chapter 33Additional Security Tasks130Lab 33.1 Configuringfail2ban131Lab 33.2 Encrypting Files withgpg131

Loading page image...

About the AuthorAt the impressionable age of 14,William “Bo” Rothwellcrossed paths with a TRS-80 Micro Computer System(affectionately known as a “Trash 80”). Soon after the adults responsible for Bo made the mistake of leaving himalone with the TRS-80, he immediately dismantled it and held his first computer class, showing his friends whatmade this “computer thing” work.Since that experience, Bo’s passion for understanding how computers work and sharing this knowledge withothers has resulted in a rewarding career in IT training. His experience includes Linux, Unix, and programminglanguages such as Perl, Python, Tcl, and BASH. He is the founder and president of One Course Source, an ITtraining organization.

Loading page image...

DedicationFor the last three books, I have thanked my wife and daughter for their patience and myparents for all that they have done throughout my life. My gratitude continues, as always.—William “Bo” RothwellMay 2018AcknowledgmentsThanks to everyone who has put in a direct effort toward making this book a success: You have my thanks, asalways.—William “Bo” RothwellMay 2018

Loading page image...

About the Technical ReviewerDenise Kinsey, Ph.D., CISSP, CISCO,served as a Unix administrator (HP-UX) in the late 1990s and realizedthe power and flexibility of the operating system. This appreciation led to her home installation of differentflavors of Linux and creation of several academic courses in Linux. With a strong background in cybersecurity,she works to share and implement best practices with her customers and students. Dr. Kinsey is an assistantprofessor at the University of Houston.

Loading page image...

We Want to Hear from You!As the reader of this book,youare our most important critic and commentator. We value your opinion and wantto know what we’re doing right, what we could do better, what areas you’d like to see us publish in, and any otherwords of wisdom you’re willing to pass our way.We welcome your comments. You can email or write to let us know what you did or didn’t like about this book—as well as what we can do to make our books better.Please note that we cannot help you with technical problems related to the topic of this book.When you write, please be sure to include this book’s title and author as well as your name and email address. Wewill carefully review your comments and share them with the author and editors who worked on the book.Email:feedback@pearsonitcertification.comReader ServicesRegister your copy ofLinux Essentials for Cybersecurity Lab Manualat www.pearsonitcertification.com forconvenient access to downloads, updates, and corrections as they become available. To start the registrationprocess, go to www.pearsonitcertification.com/register and log in or create an account*. Enter the product ISBN9780789760555 and click Submit. When the process is complete, you will find any available bonus content underRegistered Products.*Be sure to check the box that you would like to hear from us to receive exclusive discounts on future editions ofthis product.

Loading page image...

Figure CreditsFigure 1-1 Courtesy of CentOS CorporationFigure 9-1 Courtesy of CentOS CorporationFigure 10-1 Courtesy of CentOS CorporationFigure 10-2 Courtesy of CentOS CorporationFigure 11-1 Courtesy of CentOS CorporationFigure 11-2 Courtesy of CentOS Corporation

Loading page image...

IntroductionWhile developingLinux Essentials for Cybersecurity, it became clear that having hands-on experience would bevery useful. Reading new content gets you only so far. To really become a Linux cybersecurity expert, you needpractice. From that idea, this lab guide was born.You will note that there are three different types of labs in this book:■Labs in which you are presented with a short problem that requires only a single operation to complete.■Labs that are more complex but in which we provide you with a guide to perform each step, one at a time.■Scenario labs in which you are asked to solve a problem entirely on your own. These labs are designed to posea greater challenge.No matter the type, these labs are designed to be performed on live systems. While you could just write downthe answers in some cases, I highly encourage you to work on Linux systems to complete all the labs. Not onlywill you get a sense of accomplishment, but the concepts and practices that are explored inLinux Essentials forCybersecurityare more likely to find a permanent home in your brain.Enjoy the journey and remember to always stand on the light side of the cybersecurity force.Who Should Read This Book?It might be easier to answer the question “Who shouldn’t read this book?” Linux distributions are used by a largevariety of individuals, including the following:■Software developers■Database administrators■Website administrators■Security administrators■System administrators■System recovery experts■Big data engineers■Hackers■Government organizations■Mobile users and developers (Android is a Linux distribution.)■Chip vendors (Embedded Linux is found on many chip devices.)■Digital forensic experts■EducatorsThis isn’t even a complete list! Linux is literally everywhere. It is the operating system used on Android phones.A large number of web and email servers run on Linux. Many network devices, such as routers and firewalls,have a version of embedded Linux installed on them.This book is for people who want to better use Linux systems and ensure that the Linux systems they work on areas secure as possible.

Loading page image...

How This Book Is OrganizedChapter 1, “Distributions and Key Components,”includes labs in which you will install the Linuxdistributions that you will use throughout the rest of this book.Chapter 2, “Working on the Command Line,”covers labs related to the essential commands needed to work inthe Linux environment.Chapter 3, “Getting Help,”provides you with hands-on experience to get additional information on Linuxtopics.Chapter 4, “Editing Files,”incorporates labs in which you practice using thevimeditor.Chapter 5, “When Things Go Wrong,”provides you with experience in how to handle problems that may arisein Linux.Chapter 6, “Managing Group Accounts,”contains labs that focus on group accounts, including how to add,modify, and delete groups.Chapter 7, “Managing User Accounts,”contains labs that focus on user accounts, including how to add,modify, and delete users. This chapter also has a lab for securing user accounts as well as a lab for configuringsudo.Chapter 8, “Develop an Account Security Policy,”provides you with practice creating a user security policyand how to test the security of accounts.Chapter 9, “File Permissions,”focuses on securing files using Linux permissions. These labs also dive intomore advanced topics, such as special permissions,umask, access control lists (ACLs), SELinux, and fileattributes.Chapter 10, “Manage Local Storage: Essentials,”includes labs that are related to the concepts involved withlocal storage devices, such as how to create partitions and filesystems and some additional essential filesystemfeatures.Chapter 11, “Manage Local Storage: Advanced Features,”provides hands-on activities related to advancedfeatures of local storage devices, including how to create encrypted filesystems. You will get practice creating andmanaging logical volumes.Chapter 12, “Manage Network Storage,”provides exercises that are focused on making storage devicesavailable across the network. Filesystem sharing techniques such as Network File System, Samba, and iSCSI areincluded.Chapter 13, “Develop a Storage Security Policy,”provides you with the experience of creating a securitypolicy using the knowledge you acquired in Chapters 9–12. There is also a very important lab that coversperforming filesystem backups.Chapter 14, “Crontab and At,”includes labs for managing thecrontabandatsystems.Chapter 15, “Scripting,”provides you with experience in shell scripting by having you create two shell scripts.Chapter 16, “Common Automation Tasks,”includes labs on creating shell scripts that are commonly used toautomate tasks on Linux systems.xvIntroduction

Loading page image...

xviLinux Essentials for Cybersecurity Lab ManualChapter 17, “Develop an Automation Security Policy,”provides you with the experience to create a securitypolicy using the knowledge you acquired in Chapters 14–16. This chapter also includes a hands-on lab onsecuring thecrontabandatsystems.Chapter 18, “Networking Basics,”provides labs that help you explore network components on Linux.Chapter 19, “Network Configuration,”covers the process of configuring your system to connect to a network,both on Ubuntu and CentOS.Chapter 20, “Network Service Configuration: Essential Services,”includes labs for configuring severalnetwork-based tools, including DNS and email servers.Chapter 21, “Network Service Configuration: Web Services,”provides the experience of configuring severalnetwork-based tools, including the Apache web server and Squid.Chapter 22, “Connecting to Remote Systems,”includes labs on configuring LDAP, FTP, and SSH servers.Chapter 23, “Develop a Network Security Policy,”provides you with the experience to create a security policyusing the knowledge you acquired in Chapters 18–22.Chapter 24, “Process Control,”includes labs on starting, viewing, and controlling processes (programs).Chapter 25, “System Logging,”gives you hands-on experience with viewing system logs as well as how toconfigure a system to create custom log entries.Chapter 26, “Red Hat–Based Software Management,”includes labs on administering software on Red Hat–based systems such as Fedora and CentOS.Chapter 27, “Debian–Based Software Management,”includes labs on administering software on Debian–based systems, such as Ubuntu.Chapter 28, “System Booting,”gives you practice configuring GRUB and managing the boot process.Chapter 29, “Develop a Software Management Security Policy,”provides you with the experience to create asecurity policy using the knowledge you acquired in Chapters 26–28. In addition, you will explore CVE reports.Chapter 30, “Footprinting,”includes labs thatcover the techniques that hackers use to discover informationabout systems.Chapter 31, “Firewalls,”explores labs focused on configuring software that protects your systems fromnetwork-based attacks.Chapter 32, “Intrusion Detection,”provides you with experience using tools and techniques that help youdetermine if someone has successfully compromised the security of your systems.Chapter 33, “Additional Security Tasks,”includes labs that cover a variety of additional Linux securityfeatures, including the fail2ban service, VPNs, and file encryption.

Preview Mode

This document has 147 pages. Sign in to access the full document!

Report

Study Now!

Document Details

Related Documents

DevOps and Its Importance Study Notes

Veeam Certified Engineer VMCE-V12

Modules 1 - 3 Basic Network Connectivity and Commu

Notes CCNA

CCNA 200-301 Portable Command Guide 5th Edition 20

CCNA 200-301 Portable Command Guide 5th Edition 22

CCNA 200-301 Portable Command Guide 5th Edition 36

Foundations of Novell Networking Section 26

Modulo 7 DHCPv4

Build and troubleshooting Integration Challenge

Company

Explore

Study Tools