SIT182 – Real World Practices for Cyber Security
Pass Task 3.1P: Unix/Linux Access Control
Overview of the task
In this task you will work on Unix/Linux Access Control. You will need to provide the information specified in the Task Details section of this document in the solution file that you upload on OnTrack. As you know by now, OnTrack only accepts PDF documents.
Copyright By PowCoder代写 加微信 powcoder
NOTE: You will need to use references to support your answer – as detailed in Task 3.1. Please note that we do not have any restriction on referencing style you can use any of Deakin’s approved referencing formats including APA, Chicago, Harvard, and IEEE – more details available on https://www.deakin.edu.au/students/studying/study- support/referencing. Please list your references below each question. You do not need to include references that you have not referred to in your answer directly (i.e., we do not need a bibliography).
Task Details
Step1 – Research about Docker:
• To perform this task, you will need to install Docker. If you have never used docker before, its worth to do bit of research and find out what it is. You can start with this link by IBM: https://www.ibm.com/cloud/learn/docker
Step2 – Boot Kali in VirtualBox:
• Open Kali OS which you installed in Task 1.4P. Step3 – Install Docker on Kali:
• To install Docker on Kali, it’s very easy.
• Run this command in terminal to install latest version of docker – “sudo apt
install docker.io”
• Once installation is complete, run this command to verify the docker is installed
or not. – “docker –version” – if you installed docker successfully, it should display docker version as below.
(see next page☺)
1 , Australia.
A) What is the Docker Engine that you downloaded and what does it do?
B) What is the difference between Docker Container and Virtual machine?
C) What is meant by `build’ the docker image? What do you achieve after this step?
D) Include a FULL screenshot of your system shows that the image is successfully
Step4 – Start Practical on Kali:
• Visit this link – https://secgroup.dais.unive.it/teaching/security-1/lab-unix-linux- access-control/
• Click on Perquisites. (Figure below)
• Complete step 2 as shown in figure below. NOTE: you have already installed docker at this point so no need to complete step 1.
• Click on Task 1 as you can see in the figure above and complete it. (see next page☺)
2 , Australia.
SIT182 – Real World Practices for Cyber Security
• If you are successful, you would have the password needed to complete Task 2.
A) What is a Kernel in an Operating System? Can a malware be loaded into a machine before the Kernel is loaded? (Hint: Week 2 lecture helps with this)
B) Include a screenshot of the file that is accessible by alice on your machine.
C) Include the password you found.
Click on Task 2 (using the password you found in Task 1 you can get access to this task). [COPY/PASTE the link to your browser]
• Complete Task 2 and find the password needed to move to Task 3.
o Hint: The command is inclusive of space characters. The exact command
you would use and all in small characters.
A) What does the `Chmod’ command do in Unix?
B) What are the classes of users, operator, and mode supported by `Chmod’
command? List them with a very brief description (1-2 lines maximum).
C) Include the command used to set the requested permission with a very brief
description showing your understanding.
• Goto https://secgroup.dais.unive.it/teaching/security-1/lab-unix-linux-access-control/
Click on Task 3 (using the password you found in Task 2 you can get access to this task). [COPY/PASTE the link to your browser]
• Complete Task 3 and find the password needed to move to Task 4.
A) What is the file that is accessible to carol? Why?
B) Include a screenshot of this file on your system.
3 , Australia.
SIT182 – Real World Practices for Cyber Security
• Goto https://secgroup.dais.unive.it/teaching/security-1/lab-unix-linux-access-control/
Click on Task 4 (using the password you found in Task 3 you can get access to this task). [COPY/PASTE the link to your browser]
A) Include screenshot of running the commands used in Task 4 on your own machine.
B) In a paragraph summarize what you understood about SUID permission and
capabilities working through Task 4 in your own words – you can use references if you referred to other resources to better understand the task. As detailed in Task 1.3P, you can use any academic reference style allowed by (IEEE, Harvard, etc). However, you are expected to write this paragraph in your own words.
Q6) All files have an owner and group associated with them. There are three sets of read/write/execute permissions: one set for the user of the file, one set for the group of the file, and one set for everyone else (other). These permissions are determined by 9 bits in the i-node information and are represented by the characters “rwxrwxrwx.” The first three characters specify the user, the middle three the group, and the last three the world. If the permission is not true, a dash is used to indicate lack of privilege.
Complete the following sentences and include the completed sentences in your solution file.
A. If you wanted to have a data file that you could read, write and execute, but don’t want anyone else to see, the permission would be …………….. (answer using the 9- bit e.g. -r–r–r–)
B. If the file is owned by the user, the …………………. permission determine the access. (fill the blank either with OWNER/GROUP/OTHER)
C. If the group of the file is the same as the user’s group, the ………………… determine the access. (fill the blank either with OWNER/GROUP/OTHER)
D. If the user is not the file owner, and is not in the group, then the …………….. is used. (fill the blank either with OWNER/GROUP/OTHER)
4 , Australia.
SIT182 – Real World Practices for Cyber Security
has the permissions —–xrwx or 017 in octal. It would be listed as: ——xrwx 1 Jack guests 0 Feb 1 20:47 myfile
Let’s assume the directory of myfile has the permission 775 (world readable and searchable). When considering this file,
A) “ AN use the file”. True or False? Justify your answer in a sentence or two.
B) “Anyone in group GUESTS CANNOT execute the program.” True or False? Justify
your answer in a sentence or two.
C) “Everyone else besides Jack and the members of the GUESTS group can read,
write, and execute the program.” True or False? Justify your answer in a sentence or two.
Q7) Consider the case of a file that is owned by user Jack, is in the group GUESTS, and
o When you graduate and aim for a cybersecurity position, you will very likely have some questions about UNIX/Linux permissions during your job interview. Have a look at some of the questions available at:
• https://www.golinuxhub.com/2014/01/interview-questions-on-linux- permissions.html
• Some questions are also available at: https://www.softwaretestinghelp.com/unix-interview-questions/
A) List any 5 interesting interview questions you can find online related to Access Control and Unix Permissions (with reference to SIT182’s lecture in Week 3 and this task). Include the link you found the question from. (Academic referencing not expected for this question. JUST the link☺)
o Browsing online I found the following resources to be interesting and simple to start with – if you found better ones please share via Discussion forum on Moodle.
• https://www.guru99.com/file-permissions.html
• http://linuxcommand.org/lc3_lts0090.php
• http://cs.brown.edu/cgc/net.secbook/se01/handouts/Ch03-FilesystemSecurity.pdf
[COPY/PASTE the links to your browser]
(see next page☺)
5 , Australia.
SIT182 – Real World Practices for Cyber Security
Remember that the old way of teaching and providing you with step-by-step tutorials has not been effective in preparing students for their career in this field. Work on the tasks with patience and try to learn and prepare for the future career you are investing for. You have all the support you need when you ask for it:
Use Discussion Forum > OnTrack Task 3.1P to discuss and seek help from each other and teaching team. It is a good idea to use Search first and see whether your question has been answered before.
PLEASE DO NOT use OnTrack comment section to seek help. That’s for Q&A about the tasks and is used for assessment purposes only.
Also, please kindly note:
– If you start working on weekly tasks of this unit the night before, you will not be able to complete it. Consequences of failing a PASS-level task in this unit is ineligibility to PASS this unit. The workload for this unit (as per the unit outline) is about 150 hours during the trimester.
Submission Details
Convert your document to PDF and upload on OnTrack. There is no specific resource for this task. All you need to do is to include answer to questions available in this task.
Document version:
Version 1 – Current as of 8 July 2022.
6 , Australia.
SIT182 – Real World Practices for Cyber Security
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com