1. (a) What is the Mandatory Access Control? Why is it better than Discretionary Access Control?
Mandatory Access Control (MAC) is under the control of the system administrator, which enforces the security policies that limit what a user or program can do. Discretionary Access Control (DAC) can only archive fine-grain control over which users and processes can access files and how they can be accessed. MAC is more secure and is a better choice.
(b) What are the three states of SELinux? * Enforcing/Active * Permissive/Warn * Disabled
(c) What selection in the left pane of the SELinux Administration window lets you change policy settings for SELinux?
Boolean
(d) What two file are used to configure TCP Wrappers? host.allow and hosts.deny (e) What keyword in TCP Wrappers matches any daemon or client?
All or Exact
(f) Given the following entry in TCP Wrappers what will happen when a client address 172.16.24.100 tries to access a Web site running on this server?
The IP matches both the access and deny hosts files. It will be allowed access because it matches the first hosts file that is checked.
(g) What is a chroot jail?
It is a process with a root directory other than /. Say you run a process or program and specify its root as /home/sam/jail, it would have no knowledge of any files above /home/sam. Jail is the root directory.
(h) When might a chroot jail not work?
Running a chroot utility with root privileges, and also using su or sudo programs. Those are compiled for Fedora/REEL and they call PAM, you would have to modify the source so it does not call PAM. Either one could lead to an unsecure jail.
(i) What is the name of the kernel component that uses the iptables rules to filter network traffic?
Netfilter
2. Create an iptables rule that will block all traffic from 10.14.34.207 and not let the sender know that the traffic was blocked.
#