GIAC Foundational Cybersecurity Technologies Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the GIAC Foundational Cybersecurity Technologies Exam. Utilize flashcards and multiple-choice questions, each with detailed explanations. Enhance your skills and ensure success in your exam!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What file attribute is the penetration tester looking to find using the command below? find / -per -2000 -user root -type f -print 2>/dev/null

SGID set
SUID set
Sticky bit set
World writable

The correct answer is: SGID set

The command provided is used to search through the file system for files with a specific attribute. In detail, it looks for files that are owned by the user 'root', have a size of less than 2000 bytes, and are regular files. The command is also suppressing error messages to keep the output clean. The correct choice relates to the SGID (Set Group ID) attribute, which can be set on a file or directory. When the SGID is set on a directory, files created within that directory inherit the group of the directory rather than the primary group of the user who created the file. When set on an executable file, the process that runs the executable runs with the effective group ID of the group that owns the file, which can pose a security risk if the file is not controlled properly. The other attributes listed either involve settings that do not directly relate to what the command is checking for—such as SUID, which allows users to execute a file with the permissions of the file's owner, the sticky bit used on directories to restrict file deletion, or world writable which allows any user to modify the file or directory. Therefore, the specific focus on SGID in the context of filtering files by user and size distinctly supports