ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 61 - XK0-005 discussion

Report
Export

To harden one of the servers, an administrator needs to remove the possibility of remote administrative login via the SSH service. Which of the following should the administrator do?

A.
Add the line DenyUsers root to the /etc/hosts.deny file.
Answers
A.
Add the line DenyUsers root to the /etc/hosts.deny file.
B.
Set PermitRootLogin to no in the /etc/ssh/sshd_config file.
Answers
B.
Set PermitRootLogin to no in the /etc/ssh/sshd_config file.
C.
Add the line account required pam_nologin. so to the /etc/pam.d/sshd file.
Answers
C.
Add the line account required pam_nologin. so to the /etc/pam.d/sshd file.
D.
Set PubKeyAuthentication to no in the /etc/ssh/ssh_config file.
Answers
D.
Set PubKeyAuthentication to no in the /etc/ssh/ssh_config file.
Suggested answer: B

Explanation:

The administrator should set PermitRootLogin to no in the /etc/ssh/sshd_config file to remove the possibility of remote administrative login via the SSH service. The PermitRootLogin directive controls whether the root user can log in using SSH. Setting it to no will deny any remote login attempts by the root user. This will harden the server and prevent unauthorized access. The administrator should also restart the sshd service after making the change. The other options are incorrect because they either do not affect the SSH service (/etc/hosts.deny or /etc/pam.d/sshd) or do not prevent remote administrative login (PubKeyAuthentication). Reference: CompTIA Linux+ (XK0-005) Certification Study Guide, Chapter 13: Managing Network Services, page 413.

asked 02/10/2024
David Miller
32 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first