IT 325 System Administration

Assignment 3 - Chapter 3
Oct 3, 2024
Name: ______________
ID: _________________

1. What are the three main categories of users in the UNIX access control system?
Groups
Owner (user)
other

2. What does the 'r' permission allow a user to do?

Read the contents of a file or list the contents of a directory.

3. If a file has permissions set to chmod 770, what permissions are given to the owner?

Read, write, and execute permissions.

4. In the permission set chmod 540, what is the permission level for the group?

Read and execute permissions

5. What is the numeric value for the permission set that includes read and execute but not
write?

5 (Read = 4, Execute = 1; so 4 + 1 = 5).

6. Who is typically the owner of a file or directory?

The user who created the file or directory.

7. Which user account has the ability to act as the owner of any file or directory and perform
certain sensitive administrative operations?
The root user
 8. Which command can be used to determine the ownership and permissions of a file?
Ls -1
9. What is the significance of a UID of 0 in UNIX systems?
It indicates the root user, who has full administrative privileges.
10. Name two examples of operations that are restricted even for the superuser.
Modifying kernel parameters without appropriate safeguards, and accessing certain secure files
(e.g., /etc/shadow) inappropriately.

11. What is the primary purpose of sudo?

To allow permitted users to execute commands as the superuser or another user.

12. What command is used to safely edit the sudoers file and check for syntax errors?
visudo
13. Define PAM and its purpose.
A framework that provides a way to develop authentication-related programs in a flexible
and modular manner.
14. How does PAM improve user authentication compared to traditional methods?
It allows for multiple authentication methods to be used interchangeably and configured
easily without changing the application code.

15. Which of the following numeric values represents read, write, and execute permissions?
A) 4
B) 6
C) 7
D) 5
16. In the permission set chmod 770 file1, what permissions are assigned to others?
 A) Read and write
B) Read only
C) No permissions
D) Read, write, and execute
17. What does the numeric value 2 represent in UNIX permissions?
A) Read
B) Write.
C) Execute
D) Read and execute
18. Which permission set allows a user to modify a file but not execute it?
A) chmod 777
B) chmod 466
C) chmod 600
D) chmod 700

19. For the permission set chmod 540, what permissions are assigned to the user?
A) Read and write
B) Read and execute.
C) Read only
D) Write only
20. What is the main role of the root user in UNIX-like systems?
A) To manage file ownership
B) To create files and directories
C) To perform sensitive administrative operations and terminate any process
D) To assign permissions to files
21. Which of the following is true about the root user?
 A) The root user cannot terminate processes
B) The root user is restricted from performing sensitive operations
C) The root user can perform any operation and act as the owner of any object
D) The root user can only manage file permissions
22. What does the output -rw-r-----1 guest guest May 29 19:55 file_name indicate about file
permissions?
A) Read and write permissions for the user, read-only for the group, no permissions
for others.
B) Read and write permissions for the user, execute permissions for the group, no
permissions for others
C) Read-only permissions for the user and group, no permissions for others
D) Write-only permissions for the user, read-only for the group, no permissions for
others
23. What is the primary role of the root account in UNIX systems?
A) To manage file permissions for regular users
B) To perform any valid operation on any file or process.
C) To configure network interfaces
D) To create new user accounts

24. Which of the following is NOT a restricted operation even for the superuser?
A) Setting the system’s hostname
B) Shutting down the system
C) Reading a file.
D) Opening privileged network ports
25. Why is it generally a bad idea to create additional accounts with a UID of 0?
A) It causes performance issues
B) It can lead to confusion due to multiple superuser accounts.
C) It restricts network access
D) It makes file access slower
26. Which command allows users to execute commands as root without giving them full root
access?
 A) su
B) sudo
C) chmod
D) passwd
27. What must users do before executing commands with sudo?
A) Enter the root password.
B) Enter their own password.
C) Disable their account.
D) Log out and log back in.
28. What does the visudo command do?
A) Provides a list of all users with root privileges.
B) Changes the root password.
C) Safely edits the sudoers file and checks for syntax errors.
D) Logs all sudo commands.

29. What is the relationship between PAM and Kerberos?

A) PAM and Kerberos are the same thing.
B) PAM is an authentication framework, and Kerberos is a specific authentication
method that can be used with PAM.
C) PAM is used for access control, and Kerberos is used for managing file
permissions.
D) Kerberos replaces PAM in authentication processes.

30. What technology is commonly used by Windows for authentication?

A) PAM
B) Kerberos
C) ACLs
D) LDAP
31. What do ACLs (Access Control Lists) allow in UNIX and Linux systems?
A) Setting permissions for a single user only
B) Setting permissions for multiple users and groups, providing more granular
control
C) Restricting access to system files
D) Replacing PAM for authentication
32. Which of the following statements about ACLs is true?
A) ACLs are not supported by major UNIX and Linux filesystems.
B) ACLs must be supported by the filesystem to be used.
C) ACLs are a type of PAM module.
D) ACLs are only used in network file systems.