Home > Articles > Linux Operating System

Linux Operating System

Chapter Description

In this sample chapter from CCNA Cybersecurity Operations Companion Guide and the Cisco Networking Academy, learn how to perform basic Linux operations as well as administrative and security-related tasks.

Linux Hosts (3.3)

In this section, you will learn about working with Linux hosts through the GUI and the CLI.

Working with the Linux GUI (3.3.1)

In this topic, you will learn about the Linux GUI.

X Window System (

The graphical interface present in most Linux computers is based on the X Window System. Also known as X or X11, X Window is a windowing system designed to provide the basic framework for a GUI. X includes functions for drawing and moving windows on the display device and interacting with a mouse and keyboard.

X works as a server and, as such, allows a remote user to use the network to connect, start a graphical application, and have the graphical window open on the remote terminal. While the application itself runs on the server, the graphical aspect of it is sent by X over the network and displayed on the remote computer.

Notice that X does not specify the user interface, leaving it to other programs such as window managers to define all the graphical components. This abstraction allows for great flexibility and customization as graphical components such as buttons, fonts, icons, window borders, and color scheme are all defined by the user application. Because of this separation, the Linux GUI varies greatly from distribution to distribution. Examples of window managers are Gnome and KDE, as shown in Figures 3-9 and 3-10, respectively. While the look and feel of window managers vary, the main components are still present.

Figure 3-9

Figure 3-9 Gnome Window Manager

Figure 3-10

Figure 3-10 KDE Window Manager

For more information on Gnome, visit the following website:


For more information on KDE, visit the following website:


The Linux GUI (

Although an operating system does not require a GUI to function, GUIs are considered more user-friendly than the CLI. The Linux GUI as a whole can be easily replaced by the user. As a result of the large number of Linux distributions, this chapter focuses on Ubuntu when covering Linux because it is a very popular and user-friendly distribution.

Ubuntu Linux uses Unity as its default GUI. Unity’s goal is to make Ubuntu even more user-friendly. The main UI components of Unity include:

  • Top Menu Bar: This multipurpose menu bar contains the currently running application. It includes the maximize, minimize, and exit buttons of the application in focus, as well as the system toggles including settings, logout, and shutdown, clock, and other notifications.

  • Launcher: This is a dock on the left side of the screen that serves as the application launcher and switcher. Click to launch an application and when the application is running, click again to switch between running applications. If more than one instance of an application is running, Launcher will display all instances.

  • Quicklist: Right-click any application hosted on the Launcher to access a short list of tasks the application can perform.

  • Dash Search Box: This holds the Search tool and a list of recently used applications. Dash includes Lenses at the bottom of the Dash area which allow the user to fine-tune Dash search results. To access Dash, click the Ubuntu button on the top of the Launcher.

  • System and Notification Menu: Many important functions are located in the indicator menu, located at the top right corner of the screen. Use the indicator menu to switch users, shut down your computer, control the volume level, or change network settings.

Figure 3-11 shows a breakdown of the Ubuntu Unity Desktop.

Figure 3-11

Figure 3-11 Ubuntu Unity GUI

To experience Unity desktop in your web browser, visit the following website:


Working on a Linux Host (3.3.2)

In this topic, you will learn how to install and run Linux applications, keep your system up to date, and guarding against malware on a Linux host.

Installing and Running Applications on a Linux Host (

Many end-user applications are complex programs written in compiled languages. To aid in the installation process, Linux often includes programs called package managers. A package is the term used to refer to a program and all its supported files. By using a package manager to install a package, all the necessary files are placed in the correct file system location.

There are several package managers. For this course, we will use the Advanced Packaging Tool (apt) package manager. Example 3-9 shows the output of a few apt commands. The apt-get update command is used to fetch the package list from the package repository and update the local package database. The apt-get upgrade command is used to update all currently installed packages to their latest versions.

Example 3-9 The Advanced Packaging Tool (APT) Package Manager

analyst@cuckoo:~$ sudo apt-get update
[sudo] password for analyst:
Hit:1 http://us.archive.ubuntu.com/ubuntu xenial InRelease
Get:2 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:3 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Get:4 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB]
Get:5 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages [534 kB]
<output omitted>
Fetched 4,613 kB in 4s (1,003 kB/s)
Reading package lists... Done
analyst@cuckoo:~$ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
 linux-generic-hwe-16.04 linux-headers-generic-hwe-16.04
The following packages will be upgraded:
 firefox firefox-locale-en gir1.2-javascriptcoregtk-4.0 gir1.2-webkit2-4.0
 libwebkit2gtk-4.0-37 libwebkit2gtk-4.0-37-gtk2 libxen-4.6 libxenstore3.0 linux-
  libc-dev logrotate openssh-client
 qemu-block-extra qemu-kvm qemu-system-common qemu-system-x86 qemu-utils snapd
  ubuntu-core-launcher zlib1g
21 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
Need to get 85.7 MB of archives.
After this operation, 1,576 kB of additional disk space will be used.
Do you want to continue? [Y/n]

Keeping the System Up to Date (

Also known as patches, OS updates are released periodically by OS companies to address any known vulnerabilities in their operating system. While companies have update schedules, the release of unscheduled OS updates can happen when a major vulnerability is found in the OS code. Modern operating systems will alert the user when updates are available for download and installation but the user can check for updates at any time.

To update the local package metadata database using the CLI, use the apt-get update command.

To upgrade all the currently installed packages using the CLI, use the apt-get upgrade command.

To manually check and install updates on Linux using the GUI, click Dash Search Box, type software updater, and click the Software Updater icon, as shown in Figure 3-12.

Figure 3-12

Figure 3-12 The Ubuntu GUI-Based Software Updater

Processes and Forks (

A process is a running instance of a computer program. Multitasking operating systems can execute many processes at the same time.

Forking is a method that the kernel uses to allow a process to create a copy of itself. Processes need a way to create new processes in multitasking operating systems. The fork operation is the only way of doing so in Linux.

Forking is important for many reasons. One of them relates to process scalability. Apache, a popular web server, is a good example. By forking itself, Apache is able to serve a large number of requests with fewer system resources than a single-process-based server.

When a process calls fork, the caller process becomes the parent process, with the newly created process referred to as its child. After the fork, the processes are, to some extent, independent processes; they have different process IDs but run the same program code.

The following are a few commands used to manage processes:

  • ps: This command is used to list the processes running on the computer at the time it is invoked. ps can be instructed to display running processes that belong to the current user or other users. While listing processes does not require root privileges, killing or modifying other users’ processes does.

  • top: This command is also used to list running processes, but unlike ps, top keeps displaying running processes dynamically. Press q to exit top.

  • kill: This command is used to modify the behavior of a specific process. Depending on the parameters, kill will remove, restart, or pause a process. In many cases, the user will run ps or top before running kill. This is done so the user can learn the PID of a process before running kill.

Example 3-10 shows the output of the top command on a Linux computer.

Example 3-10 Output of the top Command

top - 12:37:51 up 28 min,  1 user,  load average: 0.07, 0.02, 0.02
Tasks:  99 total,   1 running,  98 sleeping,   0 stopped,   0 zombie
%Cpu0  :   2.8/0.7     3[|||                                                ]
GiB Mem : 94.6/0.981    [                                                   ]
GiB Swap:  0.0/0.000    [                                                   ]

    1 root      20   0    8.9m   3.8m  0.0  0.4   0:00.70 S systemd
  173 root      20   0   70.6m   2.4m  0.0  0.2   0:00.06 S  `- systemd-journal
  205 root      20   0   15.0m   1.8m  0.0  0.2   0:00.09 S  `- systemd-udevd
  270 root      20   0    5.5m   0.3m  0.0  0.0   0:00.09 S  `- ovsdb-server
  272 root      20   0    5.7m   0.9m  0.0  0.1   0:00.00 S  `- start_pox.sh
  281 root      20   0   42.0m   8.2m  0.7  0.8   0:03.47 S      `- python2.7
  274 root      20   0   23.2m   1.6m  0.0  0.2   0:00.00 S  `- rsyslogd
  276 root      20   0    7.0m   1.3m  0.0  0.1   0:00.00 S  `- systemd-logind
  277 dbus      20   0    6.4m   2.0m  0.0  0.2   0:00.18 S  `- dbus-daemon
  283 systemd+  20   0   16.6m   0.5m  0.0  0.1   0:00.00 S  `- systemd-network
  284 root      20   0    7.5m   1.2m  0.0  0.1   0:00.00 S  `- ovs-vswitchd
  297 root      20   0   29.3m   1.5m  0.0  0.2   0:00.19 S  `- VBoxService
  314 root      20   0    5.2m   0.7m  0.0  0.1   0:00.00 S  `- vsftpd
  317 root      20   0    7.6m   0.9m  0.0  0.1   0:00.00 S  `- sshd
  320 root      20   0   35.3m   6.7m  0.0  0.7   0:00.04 S  `- lightdm
  332 root      20   0  164.3m  61.5m  2.6  6.1   0:05.76 S      `- Xorg
  385 root      20   0   31.2m   2.9m  0.0  0.3   0:00.01 S      `- lightdm
  396 analyst   20   0    5.5m   1.0m  0.0  0.1   0:00.00 S          `- sh
  416 analyst   20   0   75.7m  26.8m  0.0  2.7   0:00.07 S              `- xfce4-session
  426 analyst   20   0   60.0m  28.9m  0.0  2.9   0:00.41 S                  `- xfwm4
  427 analyst   20   0   57.6m  25.6m  0.0  2.6   0:00.06 S                  `- Thunar
  428 analyst   20   0   70.3m  31.9m  0.0  3.2   0:00.28 S                  `- xfce4-panel
  459 analyst   20   0   56.7m  26.0m  0.0  2.6   0:00.08 S                      `- panel-6-systray
  462 analyst   20   0   57.9m  25.5m  0.0  2.5   0:00.09 S                      `- panel-2-actions
  432 analyst   20   0   90.2m  33.6m  0.0  3.3   0:00.57 S                  `- xfdesktop
  444 analyst   20   0   78.5m  25.9m  0.0  2.6   0:00.06 S                  `- polkit-gnome-au
  329 root      20   0    7.5m   0.5m  0.0  0.1   0:00.00 S  `- nginx
  330 http      20   0    8.8m   1.3m  0.0  0.1   0:00.00 S      `- nginx
  333 root      20   0   38.0m   2.8m  0.0  0.3   0:00.03 S  `- accounts-daemon
  340 polkitd   20   0   71.2m  10.3m  0.0  1.0   0:00.07 S  `- polkitd
  391 analyst   20   0    8.9m   1.8m  0.0  0.2   0:00.00 S  `- systemd
  392 analyst   20   0   12.2m   1.1m  0.0  0.1   0:00.00 S      `- (sd-pam)
  408 analyst   20   0    6.4m   1.8m  0.0  0.2   0:00.02 S      `- dbus-daemon
  420 analyst   20   0   10.2m   2.4m  0.0  0.2   0:00.01 S      `- xfconfd
  671 analyst   20   0   42.9m   6.4m  0.0  0.6   0:00.01 S      `- at-spi-bus-laun
  423 analyst   20   0    4.7m   0.2m  0.0  0.0   0:00.00 S  `- ssh-agent
  425 analyst   20   0   23.3m   0.2m  0.0  0.0   0:00.02 S  `- gpg-agent
  430 analyst   20   0   67.9m  26.3m  0.0  2.6   0:00.03 S  `- xfsettingsd
  440 analyst   20   0   80.0m  26.6m  0.0  2.6   0:00.08 S  `- xfce4-power-man
  448 analyst   20   0   79.8m  26.5m  0.0  2.6   0:00.02 S  `- xfce4-power-man
  463 root      20   0   52.6m   2.5m  0.0  0.2   0:00.02 S  `- upowerd
  478 analyst   20   0   15.2m   0.3m  0.0  0.0   0:00.00 S  `- VBoxClient
  487 analyst   20   0   17.4m   0.4m  0.7  0.0   0:01.78 S      `- VBoxClient
  479 analyst   20   0   15.2m   0.3m  0.0  0.0   0:00.00 S  `- VBoxClient
  484 analyst   20   0   16.9m   0.4m  0.0  0.0   0:00.01 S      `- VBoxClient

Malware on a Linux Host (

Linux malware includes viruses, Trojan horses, worms, and other types of malware that can affect the operating system. Due to a number of design components such as file system structure, file permissions, and user account restrictions, Linux operating systems are generally regarded as better protected against malware.

While arguably better protected, Linux is not immune to malware. Many vulnerabilities have been found and exploited in Linux. These range from server software to kernel vulnerabilities. Attackers are able to exploit these vulnerabilities and compromise the target. Due to the open source nature of Linux, fixes and patches are often made available within hours of the discovery of such problems.

If a malicious program is executed, it will cause damage, regardless of the platform. A common Linux attack vector is its services and processes. Vulnerabilities are frequently found in server and process code running on computers connected to the network. An outdated version of the Apache web server could contain an unpatched vulnerability which can be exploited by an attacker, for example. Attackers often probe open ports to assess the version and nature of the server running on that port. With that knowledge, attackers can research if there are any known issues with that particular version of that particular server to support the attack. As with most vulnerabilities, keeping the computer updated and closing any unused services and ports is a good way to reduce the opportunities for attack in a Linux computer.

Example 3-11 shows an attacker using the telnet command to probe the nature and version of a web server. The attacker has learned that the server in question is running nginx version 1.12.0. The next step would be to research known vulnerabilities in the nginx 1.12.0 code.

Example 3-11 Using telnet to Probe a Web Server

[analyst@secOps ~]$ telnet 80
Connected to
Escape character is '^]'.
type anything to force an HTTP error response
HTTP/1.1 400 Bad Request
Server: nginx/1.12.0
Date: Wed, 17 May 2017 14:27:30 GMT
Content-Type: text/html
Content-Length: 173
Connection: close
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
Connection closed by foreign host.
[analyst@secOps ~]$

Rootkit Check (

A rootkit is a set of software tools designed to increase a user’s privileges, or grant access to portions of the software that should not normally be allowed. Rootkits are also often used to secure a backdoor to a compromised computer.

The installation of a rootkit can be automated (done as part of an infection) or an attacker can manually install it after compromising a computer. A rootkit is destructive because it changes kernel code and its modules, changing the most fundamental operations of the OS itself. With such a deep level of compromise, rootkits can hide the intrusion, remove any installation tracks, and even tamper with troubleshooting and diagnostics tools so that their output now hides the presence of the rootkit. While a few Linux vulnerabilities through history have allowed rootkit installation via regular user accounts, the vast majority of rootkit compromises require root or administrator access.

Because the very nature of the computer is compromised, rootkit detection can be very difficult. Typical detection methods often include booting the computer from trusted media such as a diagnostics operating system live CD. The compromised drive is mounted and, from the trusted system toolset, trusted diagnostic tools can be launched to inspect the compromised file system. Inspection methods include behavioral-based methods, signature scanning, difference scanning, and memory dump analysis.

Rootkit removal can be complicated and often impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system is usually the only real solution to the problem. Firmware rootkits usually require hardware replacement.

chkrootkit is a popular Linux-based program designed to check the computer for known rootkits. It is a shell script that uses common Linux tools such as strings and grep to compare the signatures of core programs. It also looks for discrepancies as it traverses the /proc file system comparing the signatures found there with the output of the ps command For more information about chkrootkit, visit the following website:


While helpful, keep in mind that programs to check for rootkits are not 100% reliable.

Example 3-12 shows the output of chkrootkit on Ubuntu Linux.

Example 3-12 Output of the chkrootkit Command

analyst@cuckoo:~$ sudo ./chkrootkit
[sudo] password for analyst:
ROOTDIR is `/’
Checking `amd’... not found
Checking `basename’... not infected
Checking `biff’... not found
Checking `chfn’... not infected
Checking `chsh’... not infected
Checking `cron’... not infected
Checking `crontab’... not infected
Checking `date’... not infected
Checking `du’... not infected
Checking `dirname’... not infected
Checking `echo’... not infected
Checking `egrep’... not infected
Checking `env’... not infected
Checking `find’... not infected
Checking `fingerd’... not found
Checking `gpm’... not found
Checking `grep’... not infected
Checking `hdparm’... not infected
Checking `su’... not infected
Checking `ifconfig’... not infected
Checking `inetd’... not tested
Checking `inetdconf’... not found
Checking `identd’... not found
Checking `init’... not infected
Checking `killall’... not infected
Checking `ldsopreload’... not infected
Checking `login’... not infected
Checking `ls’... not infected
Checking `lsof’... not infected
Checking `mail’... not found
Checking `mingetty’... not found
Checking `netstat’... not infected
Checking `named’... not found
Checking `passwd’... not infected
Checking `pidof’... not infected
Checking `pop2’... not found
Checking `pop3’... not found
Checking `ps’... not infected
Checking `pstree’... not infected
Checking `rpcinfo’... not found
Checking `rlogind’... not found
Checking `rshd’... not found
Checking `slogin’... not infected
Checking `sendmail’... not found
Checking `sshd’... not infected
Checking `syslogd’... not tested
Checking `tar’... not infected
Checking `tcpd’... not infected
Checking `tcpdump’... not infected
Checking `top’... not infected
Checking `telnetd’... not found
Checking `timed’... not found
Checking `traceroute’... not found
Checking `vdir’... not infected
Checking `w’... not infected
Checking `write’... not infected
Checking `aliens’... no suspect files
Searching for sniffer’s logs, it may take a while... nothing found
Searching for HiDrootkit’s default dir... nothing found
Searching for t0rn’s default files and dirs... nothing found
Searching for t0rn’s v8 defaults... nothing found
Searching for Lion Worm default files and dirs... nothing found
Searching for RSHA’s default files and dir... nothing found
Searching for RH-Sharpe’s default files... nothing found
Searching for Ambient’s rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while...
/usr/lib/debug/.build-id /lib/modules/4.8.0-36-generic/vdso/.build-id /lib/
  modules/4.8.0-52-generic/vdso/.build-id /lib/modules/4.8.0-49-generic/vdso/.build-id
/usr/lib/debug/.build-id /lib/modules/4.8.0-36-generic/vdso/.build-id /lib/
  modules/4.8.0-52-generic/vdso/.build-id /lib/modules/4.8.0-49-generic/vdso/.build-id
Searching for LPD Worm files and dirs... nothing found
Searching for Ramen Worm files and dirs... nothing found
Searching for Maniac files and dirs... nothing found
Searching for RK17 files and dirs... nothing found
Searching for Ducoci rootkit... nothing found
Searching for Adore Worm... nothing found
Searching for ShitC Worm... nothing found
Searching for Omega Worm... nothing found
Searching for Sadmind/IIS Worm... nothing found
Searching for MonKit... nothing found
Searching for Showtee... nothing found
Searching for OpticKit... nothing found
Searching for T.R.K... nothing found
Searching for Mithra... nothing found
Searching for LOC rootkit... nothing found
Searching for Romanian rootkit... nothing found
Searching for Suckit rootkit... nothing found
Searching for Volc rootkit... nothing found
Searching for Gold2 rootkit... nothing found
Searching for TC2 Worm default files and dirs... nothing found
Searching for Anonoying rootkit default files and dirs... nothing found
Searching for ZK rootkit default files and dirs... nothing found
Searching for ShKit rootkit default files and dirs... nothing found
Searching for AjaKit rootkit default files and dirs... nothing found
Searching for zaRwT rootkit default files and dirs... nothing found
Searching for Madalin rootkit default files... nothing found
Searching for Fu rootkit default files... nothing found
Searching for ESRK rootkit default files... nothing found
Searching for rootedoor... nothing found
Searching for ENYELKM rootkit default files... nothing found
Searching for common ssh-scanners default files... nothing found
Searching for Linux/Ebury - Operation Windigo ssh... not tested
Searching for 64-bit Linux Rootkit ... nothing found
Searching for 64-bit Linux Rootkit modules... nothing found
Searching for Mumblehard Linux ... nothing found
Searching for Backdoor.Linux.Mokes.a ... nothing found
Searching for Malicious TinyDNS ... nothing found
Searching for Linux.Xor.DDoS ... nothing found
Searching for Linux.Proxy.1.0 ... nothing found
Searching for suspect PHP files... nothing found
Searching for anomalies in shell history files... nothing found
Checking `asp’... not infected
Checking `bindshell’... not infected
Checking `lkm’... chkproc: nothing detected
chkdirs: nothing detected
Checking `rexedcs’... not found
Checking `sniffer’... enp0s3: PF_PACKET(/sbin/dhclient)
virbr0: not promisc and no PF_PACKET sockets
Checking `w55808’... not infected
Checking `wted’... chkwtmp: nothing deleted
Checking `scalper’... not infected
Checking `slapper’... not infected
Checking `z2’... user analyst deleted or never logged from lastlog!
Checking `chkutmp’...  The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID          PID TTY    CMD
! analyst      2597 pts/5  bash
! root         3733 pts/5  sudo ./chkrootkit
! root         3734 pts/5  /bin/sh ./chkrootkit
! root         4748 pts/5  ./chkutmp
! root         4749 pts/5  sh -c ps ax -o "tty,pid,ruser,args"
! root         4750 pts/5  ps ax -o tty,pid,ruser,args
chkutmp: nothing deleted
Checking `OSX_RSPLUG’... not tested

Piping Commands (

Although command line tools are usually designed to perform a specific, well-defined task, many commands can be combined to perform more complex tasks by a technique known as piping. Named after its defining character, the pipe (|), piping consists of chaining commands together, feeding the output of one command into the input of another.

For example, the ls command is used to display all the files and directories of a given directory. The grep command compares searches through a file or text looking for the specified string. If found, grep displays the entire contents of the folder where the string was found. The two commands, ls and grep, can be piped together to filter out the output of ls, as shown in Example 3-13 with the ls -l | grep nimda command.

Example 3-13 Output of the grep Command

[analyst@secOps ~]$ ls -l lab.support.files
total 584
-rw-r--r-- 1 analyst analyst    649 Jun 28  2017 apache_in_epoch.log
-rw-r--r-- 1 analyst analyst    126 Jun 28  2017 applicationX_in_epoch.log
drwxr-xr-x 4 analyst analyst   4096 Aug 24 12:36 attack_scripts
-rw-r--r-- 1 analyst analyst    102 Jul 20 09:37 confidential.txt
-rw-r--r-- 1 analyst analyst   2871 Dec 15  2016 cyops.mn
-rw-r--r-- 1 analyst analyst     75 May 24  2017 elk_services
-rw-r--r-- 1 analyst analyst    373 Feb 16  2017 h2_dropbear.banner
-rw-r--r-- 1 analyst analyst    147 Mar 21  2017 index.html
drwxr-xr-x 2 analyst analyst   4096 Aug 24 12:36 instructor
-rw-r--r-- 1 analyst analyst    255 May  2  2017 letter_to_grandma.txt
-rw-r--r-- 1 analyst analyst  24464 Feb  7  2017 logstash-tutorial.log
drwxr-xr-x 2 analyst analyst   4096 May 25  2017 malware
-rwxr-xr-x 1 analyst analyst    172 Jul 25 16:27 mininet_services
drwxr-xr-x 2 analyst analyst   4096 Feb 14  2017 openssl_lab
drwxr-xr-x 2 analyst analyst   4096 Aug 24 12:35 pcaps
drwxr-xr-x 7 analyst analyst   4096 Sep 20  2016 pox
-rw-r--r-- 1 analyst analyst 473363 Feb 16  2017 sample.img
-rw-r--r-- 1 analyst analyst     65 Feb 16  2017 sample.img_SHA256.sig
drwxr-xr-x 3 analyst analyst   4096 Aug 24 10:47 scripts
-rw-r--r-- 1 analyst analyst  25553 Feb 13  2017 SQL_Lab.pcap
[analyst@secOps ~]$ ls -l lab.support.files | grep ap
-rw-r--r-- 1 analyst analyst    649 Jun 28  2017 apache_in_epoch.log
-rw-r--r-- 1 analyst analyst    126 Jun 28  2017 applicationX_in_epoch.log
drwxr-xr-x 2 analyst analyst   4096 Aug 24 12:35 pcaps
-rw-r--r-- 1 analyst analyst  25553 Feb 13  2017 SQL_Lab.pcap
[analyst@secOps ~]$
7. Summary (3.4) | Next Section Previous Section

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020