GIAC Foundational Cybersecurity Technologies Practice Test

What is the difference between "sudo" and "su"?

• A. There is no difference
• B. Sudo is allowed by the admin to run a command while su is to become the admin
• C. Su is allowed by the admin to run a command while sudo is to become the admin
• D. Sudo is more used in Linux while su is a Kali Linux command

The correct answer is: Sudo is allowed by the admin to run a command while su is to become the admin

The distinction between "sudo" and "su" is fundamental in Linux and Unix-based systems, particularly in relation to user permissions and command execution. When using "sudo" (short for "superuser do"), it allows a permitted user to execute a command as the superuser (or another user, if specified) while providing their own credentials. This command is highly valuable for scenarios where specific commands require elevated privileges without granting full access to the superuser account for the entire session. It promotes better security practices by allowing more granular control over permissions and reducing the risk of accidental or malicious changes to system settings. On the other hand, "su" (short for "substitute user" or "switch user") allows a user to become another user, including the superuser, during the terminal session. When invoked without any additional parameters, it typically requires the password of the target user, defaulting to the superuser. This change in user context remains in effect until the user exits the session or terminates the shell. It gives complete access to the privileges of the user they switch to, which can pose security risks if not managed properly. The correct response highlights that "sudo" is permitted for executing individual commands with elevated privileges while retaining the user's identity