RH415 - ch01s02

Discuss Red Hat Security: Linux in Physical, Virtual, and Cloud

Welcome to the Red Hat Security: Linux in Physical, Virtual, and Cloud (RH415) group!

Deanna

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Security: Linux in Physical, Virtual, and Cloud! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH415.Read more about Red Hat Security: Linux in Physical, Virtual, and Cloud here.

415


	Which security management life-cycle component recommends revising, updating, and remediating changes?
A		Build
B		Run
C		Manage
D		Adapt
E		Design


	Which email address is used when reporting any suspected security vulnerability in a Red Hat product or service to Red Hat Product Security?
A		`<rhsecure@redhat.com>`
B		`<security@redhat.com>`
C		`<rhtraining@redhat.com>`
D		`<secalert@redhat.com>`


	Which three statements describe a critical impact severity classification? (Choose three.)
A		Requires an authenticated remote user.
B		Does not require user interaction to invoke a possible system compromise by arbitrary code execution.
C		Exposes a vulnerability that can be exploited by worms.
D		Requires a local user.
E		Is easily exploited by an unauthenticated attacker.


	Which two statements apply to Red Hat backporting of security fixes? (Choose two.)
A		Red Hat follows the same procedures as common proprietary software updates.
B		Red Hat takes a fix for a security flaw out of the most recent version of an upstream software package and applies that fix to an earlier version of the package that Red Hat distributes.
C		Red Hat discovers a fix for a security flaw out of the most recent version of a production software package and generates an advisory for all upstream distributions.
D		Red Hat ensures the fixes do not introduce unwanted side effects.


	Red Hat uses what industry standard numbering and naming to consistently report and track security-related software issues?
A		Customized email notifications from the `<rhsecurity@redhat.com>` bug-tracking team
B		Common Vulnerabilities and Exposures (CVE)
C		Common Vulnerability Scoring System (CVSS)
D		Red Hat Security Vulnerability Response (RHSVR)

Red Hat Security: Linux in Physical, Virtual, and Cloud

This course is now legacy content

Quiz: Managing Security and Risk

Lab Controls


	Which yum command provides an update information summary report for all security classification notices for a system?
A		yum updateinfo --security
B		yum checkupdates --security
C		yum list-updates --security
D		yum update-info --security
E		yum list-security --updates