1 $Which command is used to display the current ruleset of the iptables firewall?$

A.

iptables -L

B.

iptables -S

C.

iptables -F

D.

iptables -P

2 $In the context of firewalld, which concept allows grouping network interfaces and defining trust levels for them?$

A.

Chains

B.

Zones

C.

Tables

D.

Sockets

3 $Which tool is primarily used for capturing and analyzing network packets in real-time via the command line?$

A.

netstat

B.

tcpdump

C.

nmap

D.

top

4 $When hardening a Linux system, which file is primarily edited to configure SSH daemon settings?$

A.

/etc/ssh/ssh_config

B.

/etc/ssh/sshd_config

C.

/root/.ssh/config

D.

/etc/sysconfig/sshd

5 $Which directive in the SSH configuration file should be set to no to prevent the root user from logging in remotely?$

A.

PermitRootLogin

B.

AllowRoot

C.

RootLogin

D.

SuperUserAccess

6 $What is the purpose of a Certificate Signing Request (CSR)?$

A.

It is the final signed certificate issued by the CA.

B.

It is a request sent to a CA containing the public key and identity information.

C.

It is a private key generated by the CA.

D.

It is a protocol used to encrypt web traffic.

7 $Which file stores the encrypted (hashed) user passwords in a modern Linux system?$

A.

/etc/passwd

B.

/etc/shadow

C.

/etc/security

D.

/etc/auth

8 $Which Pluggable Authentication Module (PAM) control flag ensures that if the module fails, the entire authentication process fails immediately?$

A.

required

B.

requisite

C.

sufficient

D.

optional

9 $In SELinux, which mode logs policy violations but does not block the action?$

A.

Enforcing

B.

Permissive

C.

Disabled

D.

Targeted

10 $Which command is used to display the current status and mode of SELinux?$

A.

sestatus

B.

getsebool

C.

semanage

D.

ls -Z

11 $AppArmor relies on what type of identifiers to apply security profiles?$

A.

Inode numbers

B.

File paths

C.

SELinux contexts

D.

User IDs

12 $Which string, known as the shebang, must be at the very first line of a bash script?$

A.

//bin/bash

B.

#bin/bash

C.

#!/bin/bash

D.

$!/bin/bash

13 $How do you define a variable named PORT with the value 8080 in a bash script?$

A.

PORT = 8080

B.

PORT: 8080

C.

set PORT 8080

D.

PORT=8080

14 $Which special variable in a shell script represents the exit status of the last executed command?$

A.

$$

B.

$#

C.

$?

D.

$!

15 $In a bash script, which operator is used to check if a specific file exists?$

A.

-d

B.

-f

C.

-e

D.

-x

16 $Which logical operator represents 'OR' in a bash if statement using double brackets [[ ... ]] ?$

A.

&&

B.

||

C.

-or

D.

!!

17 $To make a script named backup.sh executable by the user, which command is used?$

A.

chmod +x backup.sh

B.

chown +x backup.sh

C.

chmod +w backup.sh

D.

chmod 700 backup.sh

18 $Which iptables default chain handles packets destined for the local system?$

A.

FORWARD

B.

OUTPUT

C.

INPUT

D.

PREROUTING

19 $What is the function of the firewall-cmd --permanent flag?$

A.

It applies the rule only for the current session.

B.

It saves the rule to the configuration file so it persists after a reboot.

C.

It locks the firewall so no other changes can be made.

D.

It grants permanent root access to the firewall.

20 $Which command displays all open ports and the processes owning them?$

A.

netstat -tulnp

B.

ps -aux

C.

ifconfig -a

D.

ping -a

21 $What is the primary purpose of 'port knocking' in network security?$

A.

To test if a port is open.

B.

To dynamically open a firewall port by attempting connections to a specific sequence of closed ports.

C.

To flood a port with traffic to cause a denial of service.

D.

To map the network topology.

22 $Which directory typically contains the trusted Certificate Authority (CA) certificates on a Linux system?$

A.

/etc/ssl/certs

B.

/var/www/html

C.

/tmp/certs

D.

/home/user/certs

23 $Which OpenSSL command is used to generate a new RSA private key?$

A.

openssl genrsa -out key.pem 2048

B.

openssl req -new -key key.pem

C.

openssl x509 -in key.pem

D.

openssl rsa -in key.pem

24 $What is the Principle of Least Privilege?$

A.

Users should always log in as root.

B.

Users and processes should only have the bare minimum permissions necessary to perform their function.

C.

All files should be readable by everyone but writable only by the owner.

D.

Security is handled by the network firewall only.

25 $Which command is used to edit the /etc/sudoers file safely?$

A.

nano /etc/sudoers

B.

vi /etc/sudoers

C.

visudo

D.

edit /etc/sudoers

26 $What does the SELinux command restorecon -Rv /var/www/html do?$

A.

It backs up the directory.

B.

It restores the default security contexts for files in the directory recursively.

C.

It disables SELinux for that directory.

D.

It changes the file ownership to the root user.

27 $In a bash script, how do you capture the output of a command into a variable?$

A.

VAR=$(command)

B.

VAR={command}

C.

VAR="command"

D.

VAR=command

28 $Which loop structure is best suited for iterating over a list of files?$

A.

while loop

B.

until loop

C.

for loop

D.

if loop

29 $What is the purpose of the fail2ban service?$

A.

To ban users who fail to change their passwords.

B.

To monitor log files for malicious attempts and ban IP addresses that show malicious signs.

C.

To prevent the server from failing during high load.

D.

To encrypt network traffic.

30 $Which operator directs standard output to a file, overwriting the file if it exists?$

A.

>>

B.

<

C.

>

D.

|

31 $In iptables, what is the difference between -A and -I ?$

A.

-A adds to the beginning, -I inserts at the end.

B.

-A appends to the end, -I inserts at a specific position (default top).

C.

-A applies to all chains, -I applies to input only.

D.

They are identical commands.

32 $To change the password aging policies for a user, such as maximum days between changes, which command is used?$

A.

passwd

B.

usermod

C.

chage

D.

groupmod

33 $Which syntax correctly ends a case statement in bash?$

A.

endcase

B.

esac

C.

done

D.

fi

34 $Which specific file permissions represent 'Read and Write for Owner, Read-only for Group and Others'?$

A.

777

B.

644

C.

755

D.

600

35 $When monitoring network traffic, what is 'Promiscuous Mode'?$

A.

A mode where the NIC sends packets to all destinations.

B.

A mode where the NIC accepts all traffic that reaches it, not just traffic addressed to its MAC address.

C.

A mode where the firewall is disabled.

D.

A mode used for high-speed data transfer.

36 $Which of the following calculates in a bash script?$

A.

$(( 5 * 5 ))

B.

{ 5 * 5 }

C.

eval( 5 * 5 )

D.

calc 5 * 5

37 $What is the purpose of the chcon command?$

A.

To change the console output.

B.

To change the SELinux security context of a file.

C.

To check connection status.

D.

To change file content.

38 $Which bash positional parameter holds the first argument passed to a script?$

A.

$0

B.

$1

C.

$#

D.

$@

39 $In a bash script, what does the command read input_val do?$

A.

It reads the file named input_val .

B.

It pauses the script and waits for user input, storing it in the variable input_val .

C.

It outputs the value of input_val .

D.

It creates a read-only variable.

40 $Which type of firewall inspects the state of active connections to determine whether a packet should be allowed?$

A.

Stateless Firewall

B.

Stateful Firewall

C.

Packet Filter

D.

Proxy Firewall

41 $If you want to allow SSH traffic through ufw (Uncomplicated Firewall), which command would you use?$

A.

ufw allow ssh

B.

ufw open ssh

C.

ufw permit ssh

D.

ufw start ssh

42 $Which command allows you to view the detailed content of a certificate file named cert.pem ?$

A.

cat cert.pem

B.

openssl x509 -in cert.pem -text -noout

C.

openssl genrsa -in cert.pem

D.

ls -l cert.pem

43 $What is the result of the bash command echo "Hello" | wc -c ?$

A.

It prints "Hello".

B.

It counts the number of lines in "Hello".

C.

It counts the characters in the string "Hello" (including the newline).

D.

It writes "Hello" to a file named wc .

44 $In the context of SSH keys, where should the public key be placed on the remote server to allow passwordless login?$

A.

~/.ssh/id_rsa

B.

~/.ssh/authorized_keys

C.

~/.ssh/known_hosts

D.

/etc/ssh/keys

45 $Which command creates a new user and creates their home directory automatically?$

A.

useradd -m newuser

B.

useradd newuser

C.

adduser -h newuser

D.

newuser create

46 $What is the function of the sudo command?$

A.

To switch to the root user permanently.

B.

To execute a command with the privileges of another user, typically root (superuser).

C.

To suspend the current user.

D.

To start the system in safe mode.

47 $Which conditional operator in bash checks if integer A is greater than integer B?$

A.

-gt

B.

-lt

C.

>

D.

-ge

48 $What does the command set -e do within a bash script?$

A.

It enables debugging mode.

B.

It causes the script to exit immediately if any command exits with a non-zero status.

C.

It exports all variables.

D.

It sets the environment variables.

49 $Which file handles the mapping of services to port numbers (e.g., http = 80)?$

A.

/etc/hosts

B.

/etc/services

C.

/etc/resolv.conf

D.

/etc/protocols

50 $Which command allows you to view the audit.log specifically for SELinux denial messages easily?$

A.

cat /var/log/messages

B.

ausearch -m avc

C.

tail -f /var/log/syslog

D.

dmesg

Unit 5 - Practice Quiz

Send Feedback

Thank You!