1) Do ubuntu release security updates for their OS, if so often are they released, perhaps on a monthly scale. Are there any tools to identify missing linux security patches?
2) How can you run a list of server apps running on the server with their software version
3) How can you run a list of all local user accounts on the server and audit their password strength/policy? Is there anywhere to see a "password last changed" type feature?