GIAC Foundational Cybersecurity Technologies Practice Test

The distinction between "sudo" and "su" is fundamental in Linux and Unix-based systems, particularly in relation to user permissions and command execution.

When using "sudo" (short for "superuser do"), it allows a permitted user to execute a command as the superuser (or another user, if specified) while providing their own credentials. This command is highly valuable for scenarios where specific commands require elevated privileges without granting full access to the superuser account for the entire session. It promotes better security practices by allowing more granular control over permissions and reducing the risk of accidental or malicious changes to system settings.

On the other hand, "su" (short for "substitute user" or "switch user") allows a user to become another user, including the superuser, during the terminal session. When invoked without any additional parameters, it typically requires the password of the target user, defaulting to the superuser. This change in user context remains in effect until the user exits the session or terminates the shell. It gives complete access to the privileges of the user they switch to, which can pose security risks if not managed properly.

The correct response highlights that "sudo" is permitted for executing individual commands with elevated privileges while retaining the user's identity