Larry manages a Linux server. Occasionally, he needs to run commands that require root-level privileges. Management wants to ensure that an attacker cannot run these commands if the attacker compromises Larry’s account. Which of the following is the best choice?Group of answer choicesGrant Larry sudo access.Add Larry’s account to the LocalSystem account.Give Larry the root password.Add Larry’s account to the administrator’s group.
Question
Larry manages a Linux server. Occasionally, he needs to run commands that require root-level privileges. Management wants to ensure that an attacker cannot run these commands if the attacker compromises Larry’s account. Which of the following is the best choice?Group of answer choicesGrant Larry sudo access.Add Larry’s account to the LocalSystem account.Give Larry the root password.Add Larry’s account to the administrator’s group.
Solution
The best choice would be to grant Larry sudo access. Here's why:
-
Sudo (Super User DO) is a utility for UNIX- and Linux-based systems that provides an efficient way to grant administrative or root-level privileges to normal users.
-
When a user executes a command using sudo, they are prompted to enter their own password. This means that even if an attacker compromises Larry's account, they would still need Larry's password to execute commands with root-level privileges.
-
Sudo also provides an audit trail of the commands executed along with timestamps, which can be useful for system audits.
-
Unlike giving Larry the root password, using sudo ensures that Larry can only execute commands with root-level privileges when necessary, and not all the time. This follows the principle of least privilege, which is a key security concept.
-
Adding Larry's account to the LocalSystem account or the administrator's group would give Larry unnecessary privileges and could potentially pose a security risk.
So, granting Larry sudo access is the most secure and efficient solution.
Similar Questions
QuestionA Linux server administrator wants to elevate their privileges. Which of the following commands makes elevating an account possible? (Select all that apply.)A.suB.passwdC.sudoD.chown
In Linux the sudo command is used toGroup of answer choicesSubstitute one users privileges for anotherRun programs with the security privileges of root"Login as another user, usually root"Elevate the privilege of the command being run
You want to grant a group called "developers" the ability to run any command as root without a password prompt. What entry should be added to the sudoers file?1.0 Marksdevelopers ALL=(ALL) NOPASSWD: ALLALL developers=(ALL) NOPASSWD: ALLdevelopers ALL=(ALL) NOPASSWD: *ALL=(ALL) NOPASSWD: developers ALL%developers ALL=(ALL) NOPASSWD: ALL
You want to grant a group called "developers" the ability to run any command as root without a password prompt. What entry should be added to the sudoers file?1.0 Marks%developers ALL=(ALL) NOPASSWD: ALLALL developers=(ALL) NOPASSWD: ALLdevelopers ALL=(ALL) NOPASSWD: *ALL=(ALL) NOPASSWD: developers ALLdevelopers ALL=(ALL) NOPASSWD: ALL
You want to grant a group called "developers" the ability to run any command as root without a password prompt. What entry should be added to the sudoers file?1.0 MarksALL developers=(ALL) NOPASSWD: ALLdevelopers ALL=(ALL) NOPASSWD: ALL%developers ALL=(ALL) NOPASSWD: ALLdevelopers ALL=(ALL) NOPASSWD: *ALL=(ALL) NOPASSWD: developers ALL
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.