Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

CPSA Unix Security Assessment Exam UPDATED ACTUAL QUESTIONS AND CORRECT ANSWERS

Rating
-
Sold
-
Pages
7
Grade
A+
Uploaded on
16-07-2026
Written in
2025/2026

CPSA Unix Security Assessment Exam UPDATED ACTUAL QUESTIONS AND CORRECT ANSWERS What R* services can be used for user enumeration? - CORRECT ANSWER What does rwho do? - CORRECT ANSWER rusers, rwho. Reports information on logged on users on a remote host. What does rwho do? - CORRECT ANSWER local network. Reports all users logged onto machines in the How can users be enumerated with SMTP? - CORRECT ANSWER command. What does finger do? - CORRECT ANSWER VRFY or RCPT TO Finger is a program that can be used to find information about users of a system. It usually lists the login name, the full name, and possibly other details about the user you are fingering. This is a dated service that was used to determine who was currently on a device. Gets it information from /etc/passwd. What ports are used for FTP and for what reasons? - CORRECT ANSWER command 20 - data and 21 - What kind of access allows any users to interact with an FTP service? - CORRECT ANSWER Anonymous What could be risk of allowing anyone to write to FTP service? - CORRECT ANSWER Potential upload into code execution, obtaining sensitive files, identifying vulnerable version. What is a mail relay? - CORRECT ANSWER SMTP relay lets users send e-mails through external servers. Spammers and hackers can use an e-mail server to send spam or malware through e mail under the guise of the unsuspecting open-relay owner.

Show more Read less
Institution
CPSA
Course
CPSA

Content preview

CPSA Unix Security Assessment Exam
UPDATED ACTUAL QUESTIONS AND
CORRECT ANSWERS
What R* services can be used for user enumeration? - CORRECT ANSWER rusers, rwho.



What does rwho do? - CORRECT ANSWER Reports information on logged on users on a
remote host.



What does rwho do? - CORRECT ANSWER Reports all users logged onto machines in the
local network.



How can users be enumerated with SMTP? - CORRECT ANSWER VRFY or RCPT TO
command.



What does finger do? - CORRECT ANSWER Finger is a program that can be used to find
information about users of a system. It usually lists the login name, the full name, and possibly other
details about the user you are fingering. This is a dated service that was used to determine who was
currently on a device. Gets it information from /etc/passwd.



What ports are used for FTP and for what reasons? - CORRECT ANSWER 20 - data and 21 -
command



What kind of access allows any users to interact with an FTP service? - CORRECT ANSWER
Anonymous



What could be risk of allowing anyone to write to FTP service? - CORRECT ANSWER
Potential upload into code execution, obtaining sensitive files, identifying vulnerable version.



What is a mail relay? - CORRECT ANSWER SMTP relay lets users send e-mails through
external servers. Spammers and hackers can use an e-mail server to send spam or malware through e-
mail under the guise of the unsuspecting open-relay owner.

, What is CVE-2003-0694? - CORRECT ANSWER The prescan function in Sendmail 8.12.9
allows remote attackers to execute arbitrary code via buffer overflow attacks.



What is CVE-2003-0161? - CORRECT ANSWER A buffer overflow has been reported in the
prescan() function of Sendmail versions 8.12.9 and earlier. The overflow can be exploited to execute
arbitrary code on the system.



What is CVE-2002-1337? - CORRECT ANSWER Buffer overflow in Sendmail 5.79 to 8.12.7
allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender
and recipient header comments as processed by the crackaddr function of headers.c.



What is NFS? - CORRECT ANSWER NFS is Network File System, a legacy protocol
providing network based file services. Allowing files to be accessed as they would be locally.



How can NFS be restricted? - CORRECT ANSWER The etcexports file can be altered to add a
policy restricting access to certain hosts or directories. The SUID bit can be disabled too.



What is Root Squash? - CORRECT ANSWER Root Squashing remaps the root user to an
anonymous user in NFS. The no_root_squash needs to be changed to root_squash to prevent this.



What options can be set to restrict what can be done to abuse NFS? - CORRECT ANSWER
NoExec - prevents execution of binaries on the system. NoSuid - prevents suid being used on
the system. This is when connecting via NFS.



How can restricted files be accessed via UID/GID manipulation in certain NFS setups? - CORRECT
ANSWER Auth relies on UID and GID from the OS. You can change the UID in a VM to
match that of the target and get their permissions.



What do the /etc/hosts.equiv and.rhosts files do and what are the differences? - CORRECT ANSWER
Gives a specified user(s) permission to log in remotely from the specified host without having
to supply a password. /etc/hosts.equiv is system-wide and applies to everyone, while .rhosts is specific
to the user (and is stored in their home directory).



What is rlogin? - CORRECT ANSWER The rlogin (remote login) utility enables a user to log
automatically into a remote machine without having to supply a username and a Password. Port 513
TCP.

Written for

Institution
CPSA
Course
CPSA

Document information

Uploaded on
July 16, 2026
Number of pages
7
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

  • cpsa
$11.49
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
STANFORDTOPGRADES Stanford University
View profile
Follow You need to be logged in order to follow users or courses
Sold
58
Member since
1 year
Number of followers
2
Documents
7570
Last sold
2 weeks ago
TOPSELLER

Hi there! I'm dedicated to sharing my high-quality study guides and helpful EXAM Materials to make your learning easier and more efficient. All my materials are well-organized and tailored to help you ace your courses. I offer genuine and dependable exam papers that are directly obtained from well-known, reputable institutions as a highly regarded professional who specializes in sourcing study materials. Kindly don't hesitate to contact me, my study guides, notes and exams or test banks, are 100% graded and fully guaranteed

Read more Read less
3.7

9 reviews

5
3
4
1
3
4
2
1
1
0

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions