.05 RG Vocab system security - microsoft Flashcards
Windows
Microsoft’s proprietary operating systems, used by approximately 93% of the
world’s computers, with a closed kernel and utilizing a folder-based file system.
Kernel Mode
the mode the computer processor is running in when interacting with core
system components such as hardware drivers and the bootloader.
User Mode
the mode the computer processor is running in when interacting with
applications, services, sessions, and processes.
Enterprise
a term that encompasses all systems Microsoft provides to help businesses
function and serve customers
User
single account entity in Microsoft, can be applied to a person, device, or application
Groups
used in Windows to apply collective permission sets to users
Active Directory
Microsoft’s flagship enterprise user control software. It runs on Windows
Server. Oversees all users, groups, and devices in a Windows environment and allows System
Administrators to control permissions and access granularly
Objects
all users, applications, and devices are considered objects in Active Directory
Principals
a term used to describe user or group objects in Active Directory
Resources
a term used to describe printers, servers, and computers in Active Directory
Mobile Device Management (MDM)
integrated enterprise control over mobile devices
whether company-owned or in a BYOD (Bring Your Own Device) business environment
Mobile Application Management (MAM)
allows control over application use and
behavior in a business environment to enhance security and limit data leakage
Common Vulnerability and Exposure (CVE)
A publicly available database of known
computer security issues, each noted with a unique identifying number
PrintNightmare (CVE-2021-34527)
Initially reported as a minor local privilege escalation
vulnerability, this CVE was upgraded to a critical Remote Code Execution vulnerability a few
weeks later. Several patches were published before the mitigation was found acceptable,
though many systems are still presumed vulnerable.
EternalBlue (CVE-2017-0144)
A server Message Block vulnerability discovered by the NSA
and stolen by an APT known as the Shadow Brokers. The NSA reportedly knew about this
vulnerability for months before notifying Microsoft after discovering the breach.