Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CompTIA Linux+ XK0-005 Study Guide (Remix), Exams of Computer Science

CompTIA Linux+ XK0-005 Study Guide (Remix)

Typology: Exams

2023/2024

Available from 08/29/2024

Lectmark
Lectmark 🇺🇸

5

(1)

3.3K documents

Partial preview of the text

Download CompTIA Linux+ XK0-005 Study Guide (Remix) and more Exams Computer Science in PDF only on Docsity! CompTIA Linux+ XK0-005 Study Guide (Remix) Linux - Family of open-source Unix-like operating systems. Open-Source - Computer software in which the source code is readily available for public use or modified from the original design. Proprietary - Licensed software that has restrictions on what end users can do. Command Line Interface (CLI) - Text-based interface between the user and the operating system that accepts input in the form of typed commands. Syntax - Proper way of structuring a command and any supporting information. echo - Repeats input back to the user on the screen. ls - Lists the content of a directory that can give options to view permissions and hidden files. Displays the permissions set on a file or directory. pwd - Displays the current working directory. cd - Changes the current working directory to another directory. cp - Copies a file or directory to another location. mkdir - Creates a new directory. clear - Used to clear the command line interface of all text. cat - Used to view the contents of a file without editing options. less - Used to view the contents of a file that won't fit on one screen. Scroll (Navigation) - Page Up, Page Down Exit (Navigation) - Q vi(m) - Default text editor in Linux nano - Simple user-friendly text editor that requires installation gedit - GUI text editor that requires installation of a desktop environment like Gnome or KDE Simple and powerful GUI-based text editor used in the GNOME desktop environment. su (Substitute User) - Allows to switch user credentials Man Pages - Contains the complete documentation for Linux commands. Synopsis - Provides the syntax of the command with examples of its use. Home Key (Man Navigation) - Moves to beginning page End Key (Man Navigation) - Moves to end page / (Man Navigation) - Begins a search n (Man Navigation) - Moves to next occurrence p (Man Navigation) - Moves to previous occurrence Group ID (groupadd, groupmod, groupdel) - Reference number on the system. Group List (groupadd, groupmod, groupdel) - Refers to members of the group. whoami - Used to display the username currently logged in to the system. who - Used to determine the details of the users currently logged in. w - Used to display the details of users that are currently logged i to a system and their transactions. last - Displays the history of user login and logout actions, and the actual time and date. id - Used to display user ID (UID) and group ID (GID) information. .bashrc File - Enables customization of the user's own environment. .bash_profile File - Provides the shell configuration for the initial login environment. /etc/profile File - Provides system-wide environment variables that are used to apply certain settings to user accounts. /etc/profile.d - Serves as a storage location for scripts that admins may use to set additional system- wide variables. /etc/bashrc - Provides system-wide configuration changes specific to Bash settings. Permission - Access rights assigned to users that enable them to access or modify files and directories. chmod - Enables the owner to modify the permissions of a file or directory. Symbolic Mode - Enables the set permissions using three components. Absolute Mode - Uses octal (base-8) numbers to specify permissions. The numbers are added to give the overall permission for users, groups, and others. 4 -> Read 2 -> Write 1 -> Execute umask - Used to set the default permissions for newly created files and folders. Ownership - Refers to a property by which a user can apply and modify the permissions of a file or directory. chown - Used to change the owner and/or group of a file or directory. chgrp - Used to change the group ownership of a file or directory. Special Permission - The less privileged users are allowed to execute a file by assuming the privileges of the file's owner or group. Set User ID (SUID) - User is allowed to have similar permissions as the owner of the file. Set Group ID (SGID) - User is allowed to have similar permissions as the group owner of the file and directories. Sticky Bit - Special permission bit that protects files in a directory. Immutable Flag - Attribute of a file or directory that prevents it from being modified. lsattr - Used to list the attributes of a file or directory. chattr - Used to change the attributes of a file or directory. getfacl - Useful when retrieving the ACLs of the files and directories. Troubleshooting - Begins with the identification of a problem and ends with restored services. getent - Enables to retrieve group members of non-standard authentication methods. Block Devices - Read/Write in Blocks of Data Ex. Hard Drives, Solid-State Drives Character Devices - Read/Write in Character Streams of Data Ex. Keyboards, Mice, Serial Ports File System - A data structure used by an operating system to store, retrieve, organize, and manage files and directories on storage devices. File Allocation Table (FAT) - An older file system compatible with different operating systems. ext2 - Used to be the native Linux file system of some older releases. ext3 - Much haster in recovering data and better ensures data integrity in abrupt system shutdowns. ext4 - Supports volumes up to one exabyte and files up to 16 terabytes in size. XFS - A 64-bit, high-performance journaling file system that provides fast recovery and can handle large files efficiently. BTRFS - Supports volumes of up to 16 exabytes in size and up to 18 quintillion files on each volume. Default file system for SUSE Linux Enterprise Server 15 mount - Loads a file system to a specified directory to make it accessible to users and applications. Binary - A source code that is compiled into an executable program. umount - Disassociates a mounted file system from the directory. File System Table (fstab) - A list of file systems to be mounted, their mount points, and any options that might be needed for specific file systems. systemd.mount - Used to create a new mount unit to mount the file system. This tool can determine if it has any errors or misconfigurations. Filesystem in USErspace (FUSE) - Lets non-privileged users create own file system without editing the underlying kernel code. /etc/mtab File - Reports the status of currently mounted file systems. /proc/partition File - Contains information about each partition attached to the system. lsblk - Displays information about block storage devices currently available on the system. blkid - Prints each block device in a flat format and includes some additional information. fsck - Used to check the correctness and validity of a file system. resize2fs - Used to resize ext2, ext3, or ext4 file systems. tune2fs - Used to adjust various tunable parameters of the ext2/ext3 file systems. Superblock - Contains metadata about the file system, including its size, type, and status. dumpe2fs - Prints the superblock and block group information for the selected device. lsscsi - Used to list information about SCSI devices connected to a Linux system. fcstat - Interacts with and displays statistics of Fibre Channel connected devices. Special Files - System files stored in the /dev directory. Links - Makes a file accessible in multiple parts of the system's file tree. Domain Sockets - Provide inter-process networking that is protected by the file system's access control. Named Pipes - Enable processes to communicate with each other without using network sockets. Filesystem Hierarchy Standard (FHS) - Specifies a set of guidelines for the names of files and directories and their locations on Linux systems. /bin - Stores essential command-line utilities and binaries. /boot - Stores the files necessary to boot the Linux operating system. Contains files that are used to facilitate the Linux Boot process. /etc - Stores basic configuration files. /home - Stores users' home directories, including personal files. /lib - Stores shared program libraries required by the kernel, command-line utilities, and binaries. /media - Stores mount points for removable media such as CD-ROMs and floppy disks. /mnt - Refers to the mount point for temporary mounting file systems. /opt - Stores optional files for large software packages. /proc - Represents continually updated kernel information to the user in a typical file format. /root - Refers to the home directory of the root user. /sbin - Contains binary executables and command line tools that are preserved for the root user. These are privileged commands used for system administration tasks. /sys - Stores information about devices. /tmp - Stores temporary files that may be lost on system shutdown. /usr - A read-only directory that stores small programs and files accessible to all users. /var - Stores variable files, or files that are expected to constantly change as the system runs. Current Working Directory (CWD) - The location on the system being accessed at any point in time. Parent Directory - One level above the current working directory. Path - Specifies a location in the file system. Absolute Path - The path to the specific location irrespective of the CWD or combines paths. Relative Path - The path relative to the current working directory. ulimit - Limits the system resources for a user in a Linux-based server. df/du - Facilitate storage space tracking. Touch - Tests the permissions or creates files that will be processed by some applications. Remove/Rm - Removes files and directories. Unlink - Used to remove files but not directories. Make Directory/Mkdir - Used to create (or make) a directory. Remove Directory/Rmdir - Removes empty directories. Echo - Built-in feature that prints out arguments as the standard output. Printf - Provides the user with more control over how the output is formatted. Tr - Performs operations like removing repeating characters, converting uppercase to lowercase, and basic character replacement and removal. Wc - Allows users to count the number of lines, words, characters, and bytes in a file and prints the result. Sort - Command line utility for sorting lines of text files. Cut - Extracts the specified lines of text from a file using a specified number of characters from each line, a delimiter, or a field number. Paste - Used to merge lines from text files horizontally. Diff - Used to compare text files. Grep - Used to search the contents of a file for a particular string of text. Awk - Performs pattern matching on files. Relational_Expression - Retrieves all the records containing the value "abc" in the first field. Pattern_1 && Pattern_2 - Retrieves all the records that contain the value "abc" in the first field and the second field contains the value "01" Pattern_1 || Pattern_2 - Retrieves records that satisfy the condition that either the first field or the second field contains. Pattern_1 ? Pattern 2 : Pattern 3 - Evaluate and match pattern 1 to pattern 2 and pattern 3, then the record will print on the screen. Pattern_1, Pattern 2 - Prints a range of records from the record in the first field and goes in the second field. Sed/Stream Editor - Program that users can use to modify text files according to various parameters. Link/Ln - Used to create a link to a file. Hard Link - Points a filename to data on a storage device. Symbolic Link - Reference to a file/directory that can span multiple file systems. Text Stream - Sequence of lines of text that can be leveraged to read or write to a particular device or system component. Standard Input/Stdin - Acts as the source for command input. Standard Output/Stdout - Acts as the destination for command output. Standard Error/Stderr - Used as the destination for error messages. &> - Used to redirect standard output and the standard error message to a file. < - Used to read the input from a file rather than from the keyboard or mouse. << - Used to provide input data from the current source and stop when a line containing the provided string occurs. Here Document - Refers to a special block of code. Xargs - Reads streams of data from standard input, then generates and executes command lines. Tee - Reads the standard input, sends the output to the default output device, and copies the output to each specified file. Kernel - The core of an operating system. Kernel Space - Where the kernel executes sevcies. User Space - Area of memory outside the kernel space. Monolithic Kernel - All system modules, such as drives or file systems, run in kernel space. Microkernel Architecture - Kernel runs the minimum amount of resources necessary to implement a fully functional operating system. Device Driver - Enables operating systems to identify the characteristics and functions of a hardware device. Linux Kernel - Free and open-source monolithic kernel that manages all other resources on an operating system. Uname - Prints the name of the kernel. /proc/filesystems - Contains a list of file system types that are supported by the kernel. /proc/meminfo - Contains information about RAM usage. /proc/modules - Contains information about modules currently installed on the system. /proc/stat - Contains various statistics about the system's last reboot. /proc/version - Specifies several points of information about eh Linux kernel. GNU Compiler Collection (GCC) - Used to compile the kernel, the user name, and the time the kernel was compiled. dmesg - Used to print messages that have been sent to the kernel's message during and after system boot. Booting - Process of starting or restarting a computer and loading an operating system. Bood Loader - Small program stored in ROM that loads the kernel from a storage device. Boot Sector Program - Loads the second boot loader on startup. Second Stage Boot Loader - Loads the operating system and contains a kernel loader. Boot Loader Installer - Controls the installation of drive sectors and runs only when booting. BIOS - Enables to test the various hardware components in a computer as well as run a boot loader. UEFI - Operates with a greater amount of memory, accesses storage drivers and hardware types, and has improved security protections. Preboot eXection Environment (PXE) - Enables a client to retrieve the necessary boot loader and system files from a server over the network. Master Boot Record (MBR) - Sector that the BIOS reads in and starts when the machine is first booted. GUID Partition Table (GPT) - Partition structure with a more modern design and is part of the UEFI standard. Raw Partition - Enables users and applications to read from and write to a block storage without using the system cache. Initial RAM Disk (initrd) - Root file system that is temporarily loaded into memory upon system boot. Initrd Image - Archive file that contains all the essential files that are required for booting the operating system. Mkinitrd - Used to create an initrd image for preloading the kernel modules. dracut - Used to generate an initramfs image. Kernel Panic - Mechanism by which the system detects fatal errors and responds to it. GNU Grand Unified Bootloader (GNU Grub) - enable users to choose which operating system or kernel version to boot. /etc/grub.d/ - Contains scripts that are used to build the main grub.cfg file. /etc/grub.d/40_custom - Enables customization of the menu presented to the user during the boot process. /etc/default/grub - Contains GRUB 2 display menu settings that are read by the /etc/grub.d/ scripts. grub2-mkconfig - Generates a new grub.cfg configuration file and is sued to update the existing grub.cfg file Localization - Adapting system components for use within a distinct culture. /usr/share/zoneinfo - A container for all the regional time zones the system can use. /etc/timezone - Lists the time zone by the region structure seen in the /usr/share/zoneinfo directory. date - Prints the date in a specified format based on the /etc/localtime file timedatectl - Sets system date and time information. Systematic Drift - The predictable amount of time that the hardware clock gains or loses each day. /etc/adjtime File - Records information about when and by how much the hardware clock is changed. localectl - Views and configures the system locale and keyboard layout settings. Graphical User Interface (GUI) - Enables users to interact with a system or application through visual design elements. Display Server - Constructs and manages the windowing system and other visual elements that can be drawn on the screen. Virtual Network Computing (VNC) - A cross-platform remote desktop service that enables full remote control of a desktop environment. Xrdp - Free and open-source utility that constructs a Remote Desktop Protocol (RDP)-like server for non-Windows systems. Renice - Alters the scheduling priority of an already running process. Jobs - Lists out all jobs either in the foreground or in the background. Nohup (No Hangup) - Prevents a process from ending when the user logs off. Kill - Sends any specific signal (termination) to one or more processes. Pkill - Sends any specified signal (termination) to processes based on a matching pattern. Killall - Sends any specified signal (termination) too all processes matching the name specified. /proc/cpuinfo File - Identifies characteristics about the CPU that might indicate issues related to performance or lack of support for features. Uptime - Displays the time from when a system started running. Sar - Displays system usage reports based on data collected from system activity. Lscpu - Displays information about the CPU architecture. Free - Parses the /proc/meminfo file for easier analysis of memory usage statistics. Lsmem - Lists the ranges of available memory with their online status. Vmstat - Displays various statistics about virtual memory, as well as process, CPU, and I/O statistics. Out-of-Memory (OOM) Killer - Determines process to kill when the system is extremely low on memory. Device Swap Space - Used to run large applications. File System Swap Space - An emergency resource when the available swap space runs out. Pseudo Swap Space - Enables large applications to run on computers with limited RAM. Swap Partition - An area of virtual memory on a storage device to complement the physical RAM in the computer. Mkswap - Creates swap space on a storage partition. Device Drivers - Act as an interface between the operating system and hardware devices. Client Device/Thin Client - Any lightweight computing device that connects to a power powerful server. Universal Serial Bus (USB) - De facto standard for connecting input devices, external storage devices, and mobile devices. Wireless Devices - Transmit and receive signals over the air. Wi-Fi - Technology used primarily in establishing wireless local area connections (WLAN). Bluetooth - Technology used primarily for establishing a personal area network (PAN). Near Field Communication (NFC) - Communications protocol used by mobile devices and peripherals. Video and Audio Devices - Input or output peripherals that are attached to client systems. Network Adapter - Acts an an interface that allows computer devices to have access to a network. General-Purpose Input/Output (GPIO) - Pins on a circuit board that have no designated purpose. Serial AT Attachment (SATA) - Computer bus interface standard for attaching storage devices to traditional computers. PCI Express (PCIe) - Supports raw data rates of up to 16GB/s. Supports greater transfer speeds, more reliable error detection, and is physically smaller than PCI. Small Computer System Interface (SCSI) - Computer bus interface for connecting devices to computers. Serial Attachment SCSI (SAS) - Developed to apply a serial interface to SCSI technology. Host Bus Adapter (HBA) - Hardware component that connects a host system to a storage device. Peripheral Component Interface (PCI) - Used as an expansion bus for attaching peripheral devices. Device Files - Represent information about hardware devices and settings. /sys/ - Virtual file system that focuses on creating a hierarchical view of device information. /sys/devices/ - Includes files that show details about specific devices. /dev/ - Enables the system and users to access devices. /etc/ - Contains configuration files for components that interface with devices. /etc/X11/ - Contains configuration files for I/O devices affecting X.Org server. Hot-Pluggable - Can be physically added or removed from the system without requiring a reboot. udev - Handles modules loading for cold-pluggable and hot-pluggable devices. Presentation - Layer 6 Formats data for use. Session - Layer 5 Establishes, maintains, and tears down a connection. Configures and manages user sessions. Transport - Layer 4 Enables reliable transmission of information. Network - Layer 3 Enables logical addressing. Data Link - Layer 2 Enables physical addressing. Physical - Layer 1 Enables physical network connectivity. Node - Refers to devices with an identity on the network. An object that runs the containerized applications. MAC Address - Physical Address of a Device formatted using Hexadecimal IP Address - Logical Address of a Device formatted using four 8-bit integers or eight 16-bit integers. Provides an addressing system for managing network identities. Hostname - Human-readable name of the device. Switch - Acts as a concentrator, centralizing all network connections. Router - Acts as a control point for communication between network segments. Media - Actual path of an electrical signal traveling from one component to another. Domain Name System (DNS) - Service that provides name resolution. Performs name resolution for easy-to-remember hostnames. Dynamic Host Configuration Protocol (DHCP) - Service that provides dynamic configuration. Provides configurations including IP addresses, subnet masks, and default gateways. Loopback Address - Used for diagnostics and allows the system to network with itself. Link-Local Range - Used for zero-configuration LANs or when the DHCP lease generation process fails (APIPA). IPv6 - Addresses IPv4's weaknesses, has a larger address space, built-in encryption, and more efficient routing. Network Port Numbers - Numeric values assigned to application layer protocols. Subnet - Logical divisions of a network. Network ID - Part of the IP address each node is using. Network Time Protocol (NTP) - Enables the synchronization of a node's time with a designated and definitive time source. Secure Shell (SSH) - Provides an authenticated and encrypted method of connecting to a remote or local system. Web Servers - Hosts the files and images on websites. Certificate - Provides a means of identity guarantee. Simple Network Management Protocol (SNMP) - Capable of passing information of performance and workloads to a central management database. Centralized Authentication - Holds information about user identities in a directory store. Proxy - Has direct access to the Internet and to an internal network connection. Logging - Centralizes log files from many Linux Servers to one. Load Balancing - Used to distribute inbound connection requests across multiple servers. File/Print Services - Allows file storage and printing. Samba - Server Message Block (SMB) compatible file sharing protocol. NFS - A native Unix/Linux protocol used to provide workstations access to directories stored on a server. Database - Used to store large quantities of data and make easy queries. Virtual Private Network (VPN) - Enables remote users to connect to the internal company network and access internal resources. Email - Responsible for the distribution of electronic mail. Red Hat - Provides Linux-based cloud solution, designed as a full-featured private cloud for organizations. Virtualization - Enables the use of hardware and provides fault tolerance, disaster recovery, and scalability. Hypervisor - Software layer that provides control between the virtual machines and the physical hardware. Type 1 Hypervisor - Run directly on the hardware called bare metal deployment. Type 2 Hypervisor - Run as a service on top of Linux, Windows , or MacOS. Kernel-Based Virtual Machine (KVM) - Enables Linux virtual machines with the attributes of type 1 and type 2 hypervisors. Open Virtualization Format (OVF) - Contains configuration files, packages, and settings for virtual machines and network devices. JavaScript Object Notation (JSON) - Used by most programming languages to store information. YAML Ain't Markup Language (YAML) - Used to store configuration information on the newly deployed virtual machine. Container Image - Used by a specialized type of virtual machine called container. Bootstrapping - Any test or metric that uses random sampling with replacement, and falls under the broader class of resampling methods. "Get into or out of a situation using existing resources" Cloud-Init - Cloud-baed Linux mechanism to customize a virtual machine during the first boot up. Anaconda - Used by Linux distributions to manage deployments. Kickstart - Used to customize the installation and provide an automated and unattended installation of new virtual machines. Storage - Used to store virtual machines and process data. Virtual Storage - File that resides on the physical drive. Thin Storage - Virtual storage device file that will grow on demand up to a maximum size. Thick Storage - Reserves the allocated space for use by the virtual device. Blocks - Written to the storage device (physical or virtual). Virtualization Hypervisor - Configured to provide access to networking services. Network Address Translation (NAT) - Provides virtualized network functionality in physical networks. "Headless" Mode - Runs Linux without a GUI to save on memory and processing resources. Virsh - Interactive shell that controls the virtual machines. Libvirt - Provides software building blocks to write virtualization solutions. Virtual Machine Manager (VMM) - Used for managing connectivity to virtual machines. Ping - Generates a response request from the sending computer. Timeout - Request has reached the destination, but a response did not return to the source computer. Traceroute - Used to report the network path between the source and destination. Hop - Process of a packet traveling from one router to another. Netstat - Used to gather information about TCP connections on the system. Ss (Socket State) - Information gathering utility with simpler output and syntax. Dig - Used for gathering information and testing name resolution. Ip - Replaced the ifconfig command for interacting with the NIC. Route - Used to view the routing table. Network Mapper (nmap) - Tool for exploring a network environment. Wireshark - Common packet sniffer and network analyzer. Tcpdump - Determines traffic type and content. Netcat (nc) - Used to test connectivity and send data across network connections. Iftop - Displays bandwidth usage information for the system. Iperf - Used to test the maximum throughput of an interface. Mtr - Combination of ping and traceroute that enables testing the quality of network connection. Shows Hosts, Loss%, Snt Packets, and Ping Statistics Ldd - Enables a user to view share library dependencies. Makefile - Contains instructions used by a compiler to build a program from source code. Cybersecurity - Protection of computer systems and digital information resources from unauthorized access, attack, theft, or data damage. Confidentiality - Keeps the information and communications private and protected from unauthorized access. Integrity - Keeps the organization information accurate, error-free, and without unauthorized modifications. Availability - Ensures that computer systems run continuously, and authorized users can access data. Authentication - Enables an organization to trust the users. Token - Any unique object (physical or digital)used to verify identity. Biometrics - Authentication scheme that verifies a user's identity based on physical characteristics. Remote Authentication Dial-In User Service (RADIUS) - Internet standard protocol that provides authentication, authorization, and accounting (AAA) services. Terminal Access Controller Access-Control System (TACACS) - Provides AAA services for remote users. Terminal Access Controller Access-Control System (TACACS+) - More secure and scalable than RADIUS. Lightweight Directory Access Protocol (LDAP) - TCP/IP-based directory service protocol. Kerberos - Authentication service based on a time-sensitive ticket-granting system. Privilege Escalation - User is given access to additional resources or functionality. Chroot Jail - Way to isolate a process and its children from the rest of the system Encryption - Cryptographic technique that converts data from plaintext form into coded or ciphertext. Algorithm (Cipher) - Responsible for the conversion process. Full Drive/Disk Encryption (FDE) - Encrypts a storage drive, partition, or volume using hardware/software utilities. File Encryption - Encrypts individual file and folder using software utilities. Linux Unified Key Setup (LUKS) - Used to encrypt storage devices in Linux systems. Shred - Used to securely wipe a storage device. Cryptosetup - Used as the front-end to LUKS and dm-crypt. Hashing - Transforms plaintext input into an indecipherable, fixed-length output. Identify and Access Management (IAM) - Security process that provides identity, authentication, and authorization mechanisms. SSH Protocol - Supports many authentication methods. Public Key Authorization - Used for interactive and automated connections. PasswordAuthentication - Used to enable or disable password-based authentication. Hostkey - Used to reference the locations of the server's private keys. UsePAM - Enables or disabled support for Pluggable Authentication Modules (PAM) Port - Used to change the port number to bind the SSH service. SyslogFacility - Used to change the logging level of SSH events. ChrootDirectory - Used to reference a chroot jail path for a user. AllowUsers/AllowGroups - Used to enable user-specific access by allowing the specified users or groups access over SSH. DenyUsers/DenyGroups - Used to restrict the specified users or groups from accessing the server over SSH. PermitRootLogin - Used to enable to disable the ability for the root user to log in over SSH. TCP Wrapper - Checks the allowed and denied hosts before permitting the host to connect with the SSH service. Pluggable Authentication Modules (PAM) - Used to help applications make proper use of user accounts in Linux. Module Interface - Defines functions of the authentication and authorization process contained within a module. Control Flag - Indicates what should be done upon a success or failure of the module. Module Name - Finds the module that the directive is going to apply to. Module Argument - Additional options that can pass into the module. Joe Swanson Enforcing - SELinux security policies are enforced. Premissive - SELinux is enabled but the security policies are not enforced. Targeted Policy - Default SELinux policy used in Red Hat Enterprise Linux and CentOS. Strict Policy - System subject and object is enforced to operate on MAC. Audit2allow - Used to gather informatio from the denied operations log. AppArmor - Alternative context-based permissions scheme and MA implementation for Linux. Capabilities - Provide the executable in question access to system functionality. Path Entries - Enable the executable to access a specific file on the file system. Complain Mode - Profile violations are both logged and prevented. Enforce Mode - Profile violations are both logged and prevented. Tunables - Mechanism for tuning configuration in AppArmor without profile adjustments. /etc/apparmor.d/tunables/home - Most common tunable to adjust. Firewall - Program interface between a private network and the internet. Packet Filters - Make decisions baed on rules that correspond to network packet attributes. Stateful - Identifies past traffic related to a packet. Application Layer Firewall - Inspects the contents of application layer traffic. Stateless Firewall's ACL - Allows or denies packets based on various factors. Accept - Traffic is allowed through the firewall and sent to its destination. Reject - Traffic is blocked at the firewall and the firewall notifies the sender. Drop - Traffic is blocked at the firewall and does not notify the sender. Iptables - Applies to a certain context and consists of rule sets (chains). Filter Table - Default table used for typical packet filtering functionality. NAT Table - Used to implement Network Address Translation rules. Mangle Table - Used to alter the packets' TCP/IP header. Raw Table - Used to configure exceptions involved in connection tracking. Security Table - Used to mark packets with SELinux security contexts. Uncomplicated Firewall (UFW) - Makes the iptables service easier to configure. Firewall Daemon (firewalld) - Used to dynamically manage a firewall without requiring a restart. Netfilter - Handles packets that traverse a network interface. IP Forwarding - Enables incoming traffic on one network interface to another. IP Set - Stored collection of IP and MAC addresses, network ranges, port numbers, and network interface names. Intrusion Prevention System (IPS) - Monitors and evaluates a system for attack signs and blocks traffic that it determines malicious. DenyHosts - Protects SSH servers from brute force password cracking attacks. Bantime - Defines how long a host is blocked fro accessing a resource. Maxretry - Defines the number of times a host can fail before being blocked. Ignoreip - Defines a whitelist of accepted hosts. Operating System Log - Provides a wealth of diagnostic information about a computer. System Log - Records of system activities and events. Remote Logging - Centralized logging servers that receive and processes syslog data. Log Rotation - Practice of creating new versions of a log file. Logrotate - Used to perform automatic rotation of logs. Syslog-ng - Replacement for syslogd. Journalctl - Enables the viewing and querying of log files. Systemd Journal - Stores logs in memory. Last - Displays the user's history of login and logout events. Search Path - Sequence of various directory paths to locate files. HISTFILESIZE - Sets the maximum number of lines in the command history file. Alias - Used to customize the shell environment by generating command-line aliases. Time - Used to gather information about how long it takes to execute a command. Bash - Powerful Scripting Language for Linux. A command-line scripting language used for the command shell inside Unix-like systems. #!/bin/bash - Instructs the operating system to use the Bash shell interpreter. Assigning Variable - Symbolically associate a piece of information with a name. Substitution or Parameter Expansion - Act of referencing./retrieving the value of a variable. Operators - Objects that can evaluate expressions in different ways. Operands - Variable being operated on. Arithmetic Operators - Include addition, subtraction, multiplication, division, and other operations. Comparison Operators - Used to check if things are less than, greater than, or equal. Logical Operators - Connect multiple values (AND, OR, and NOT). String Operators - Used in operations that manipulate strings. String Literal - Any fixed value that represents a string of text within the source code. Escape Character - Used to remove special meaning. Array - Enables to store multiple values in a single variable. Function - Block of code that can be reused to perform a specific task. # - Every character after it is apart of a comment. Metacharacters - Special characters that the Bash shell will interpret in a certain way. Exit Code/Exit Status - Programs can pass a value to a parent process while terminating. Variable Substitution - Identifies the $ special character and expands into its actual value. Globbing - Used for matching or expanding specific types of patterns. * (Asterisk) - Used to match any number of characters. ? (Question Mark) - Used to match a single character. [ ] (Square Brackets) - Used to match any of the characters listed. Positional Parameter - Variable within a shell script that is assigned to an argument when the script is invoked. Exec - Replaces the bash with the command to be executed. Source - Used to execute another command within the current shell process. Bash Scripting - Powerful part of system administration and development. At - Schedules a command to run once at a particular time. Atq - Used to view the current queue of tasks scheduled by at command. Atrm - Used to delete a scheduled task. Cron Daemon - Used to manage scheduled tasks called cron jobs. Crontab - Used by sytsem administrators to do tasks at routine intervals inside Linux. Git - Mature, actively maintained open-source project. Git Repository - Storage area where versions of code and related files are stored. Branching - Feature available in most modern version control systems. .gitignore - Identifies files that should be ignored during a commit action. *.git/ - Contains all files Git uses to manage version control for a project. Orchestration - Automation of multiple steps in a deployment process. Automation - Process of accomplishing a configuration task without human intervention. Chef - Uses "cookbooks" to deliver configuration declarations to cloud and on-premise managed systems. Puppet - Uses manifest files to define infrastructure as code for application, cloud, and infrastructure orchestration. Continuous Delivery - A software development method where application and platform requirements are frequently tested and validated for immediate availability. Continuous Deployment - A software development method where application and platform updates are committed to production rapidly. /var/log/secure - Contains information related to authentication and authorization privileges. Ifcfg - File that controls the software interfaces for individual network devices. Nftables - A subsystem that provides filtering and classification of network packets/datagrams/frames. Firewall-cmd - The command line client for the Firewalld daemon. Bridge - A kernel module that behaves like a network switch, forwarding packets between interfaces that are connected to it. Docker Info - Displays system wide information regarding the docker installation. Docker ps - Lists all running Docker containers. Docker Pull - Downloads Docker images from the internet. Docker Push - Uploads Docker images to the internet. Default.Target - Uses the system default configuration for the Linux user interface, whether it be GUI-based or CLI-based. Graphical.Target - Sets the system to be configured and ran with a GUI. Multi-User.Target - Sets the system to accept multiple non-graphical user sessions. Rescue.Target - Starts Linux with the minimum amount of processes, not starting any optional/unneeded processes. Chkconfig - Allows you to specify which runlevel to start a selected service, as well as to list all available services along with their current settings. %wa - Displays the percentage of wait-time. %us - Displays the percentage of time spent in User Space. %st - Displays the "steal" percentage or the amount of time spent in a Hypervisor. tr - Translates or deletes characters from standard input and writes the result to standard output. Docker Inspect - Returns detailed, low-level information on Docker objects. Docker RMI - Removes an image or images by their Docker ID. Docker Port - List port mappings or a specific mapping for the container. Git Commit - Used to move files from the staging are to your local repository. Git Push - Used to push local repository content to a remote repository. Git Pull - Runs git fetch with the given parameters and then will call git rebase or git merge depending on configuration options or command line flags. Git Add - Adds new or changed files in your working directory to the Git staging area. Git Checkout - Lets you navigate between the branches created by git branch. Compose (Docker) - Allows you to create a YAML file to define the services with a single command, allowing you to "spin verything up or tear it all down." Tilde Slash (~/) - Defines the path to the beginning directory. Overlay - Used to layer the changes made by a container on top of a base image while preserving the original image intact. Vgcreate - Creates a new volume group by name and adds at least one physical volume to it /etc/fstab - A configuration table designed to ease the burden of mounting and unmounting file systems to a machine. Also used when creating storage limits for users and groups. Make - Compiles different program pieces and builds a final executable. Make Install - Copies a built program, and its libraries and documentation to the correct location. Apt Get - Command line tool for handling packages within Debian based Linux distributions. ./configure - A local file that controls the operations of a program, utility or process. LUKS (Linux Unified Key Setup) - A Linux encryption standard for block device encryption. pvcreate - Initializes a Physical volume on a device so the device is recognized as belonging to LVM. htop - An interactive tool that allows us to view and manage the running processes and threads in real time. lsof - Shows a table with the first column being the command name and each row, an open file. semanage - Configures SELinux policies. setsebool - Changes the on/off status of an SELinux boolean value. /etc/login.defs - A file that contains the user mailbox location, password aging values, the UID and GID ranges, home directory creation, the default umask, and the password encryption hash. systemctl isolate - Allows the user to load specific unit files to change the environment of the system. sed - Used to modify text files or for global search actions. fstrim - Command used to permanently remove data so that the space is ready for new information to be written. ss - A utility that provides detailed information about network sockets and connections. Used to diagnose and troubleshoot network issues, such as identifying open ports, viewing established connections, and monitoring network traffic. System Security Services Daemon (SSSD) - Software for Linux that provides a set of daemons to manage access to remote directory services and authentication mechanisms. git merge - Combines multiple sequences of commits into one unified history. Remotes - Term used by Flatpak to refer to it's repositories. SIGTERM - A request to a program to terminate. Uses the signal number of "15". SIGKILL - A directive to kill the process immeditately. Uses the signal number of "9". SIGHUP - A signal sent to a process when its controlling terminal is closed. Used as a way to "hang up" from a process. resolvectl - Resolves domain names, IPv4 and IPv6 addresses, DNS resource records, and services. Introspect and reconfigure the DNS resolver. ExecStart - Specifies the full path of a command that will be executed to start a service. Execstop - Directive that executes commands along a specified absolute path upon shutdown to stop a service. ping x.x.x.x -c x (x representing a positive integer) - Defines pinging an IP address for a specific number of counts. systemctl get-default - Used to see the current default target. systemctl set-default - Used to set the current default target. Docker Run - Runs a command in a new container, pulling the image if needed and starting the container Docker Build - Builds a new image from a Dockerfile and a "Context". Git Tag - Used to view or add a label on which version of a Git program is currently in use along with any previous versions. Inode Exhaustion - When the number of Inodes runs out without running out of disk space. wget - Command that can be written into a program in order to get files from a Web Server. Only works over HTTP, HTTPS, FTP, and FTPS. curl - Command that can be written into a program or used in command line in order to get files from the internet. Works over many different types of file types including HTTP, IMAP, SMTP, Telnet, CRAM, SCRAM, and more. X11 Forwarding - An SSH protocol that enables users to run graphical applications on a remote server. TShark - A terminal version of Wireshark that also captures and displays packet information from any network interface. stat - A command which gives information about the file and filesystem such as File Size, Access via UID and GID, Birth, and Access Times. file - Command used to determine the type of file though a series of test arguments. /etc/ssh/ssh_config - Location of SSH configuration files, allowing for the automation of SSH connections. Soft Link - Points to the location of the original file, rather than a specified file. & - Forces a command to execute in the background. | - Used to combine two or more commands, making it so the output of one command acts as the input of the other command.