Skip to content

Unit 3 Part 2 Lab

  1. Describe how the dd command is used in the lab and why dd is a dangerous Linux command. In addition list and describe two other dangerous linux commands.
  2. List and discuss two common SSH security risks. Describe how you would avoid and mitigate each of these risks.
  3. What do the events information, audit success, audit failure, warning, and error mean in the context of windows logs. List and describe any two event codes that you would monitor for Windows security logs and why?
  4. Research iptables firewall rules and write and describe a rule that would drop all SSH connections from a specific IP address.
  5. Write an iptables firewall rule that will allow established and related incoming traffic. Describe what this rule does and why it is not considered a security risk.
  6. why is only port 80 open on 192.168.1.30. What iptables rule would open 192.168.1.30 for http, https, and ssh connections?