11) Operating System Security Flashcards

1
Q

What type of OS hardening is the following action:

All user IDs are password protected and were changed when setting up the computer.

A

Alter default accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What type of OS hardening is the following action:

Admin and Administrator usernames are changed

A

Alter default accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What type of OS hardening is the following action:

Regular user IDs do not have the ability to install software.

A

Apply the principle of least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What type of OS hardening is the following action:

Never connect a new computer to the corporate network unless patches have already installed.

A

Perform updates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What type of OS hardening is the following action:

Knowing what ports are open is useful to complete this hardening task.

A

Remove all unessential services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What type of OS hardening is the following action:

The database server is stripped down except for mySQL.

A

Remove all unnecessary software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What type of OS hardening is the following action:

The trail of significant OS events are placed on the hard drive.

A

Turn on logging and auditing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

(T/F) Executable space protection is a software technology implemented by operating systems to stop attacks using the same techniques used in malware.

A

False

Executable space protection requires two components to function: a hardware component and a software component. Both AMD and Intel CPU chips manufacturers support the hardware and many operating systems support the software required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

This type of host-based software may communicate with the management device by sending regular beacons.

A

HIDS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

HIDS is a type of host-based software that may communicate with the management device by sending regular beacons. What does HIDS stand for?

A

Host intrusion detection system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What type of security tool is the following:

Metasploit

A

Exploit Framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What type of security tool is the following:

CANVAS

A

Exploit Framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What type of security tool is the following:

Nmap

A

Scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What type of security tool is the following:

Nesus

A

Vulnerability Assessment Tool

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The process of reducing the number of available avenues through which our operating system might be attacked.

A

Operating system hardening

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The total of the areas through which our operating system might be attacked.

A

Attack surface

17
Q

A principle that states we should only allow a party the absolute minimum permission needed for it to carry out its function.

A

The principle of least privilege

18
Q

A particularly complex and impactful item of malware that targeted the SCADA systems that run various industrial processes; this piece of malware raised the bar for malware from largely being a virtual-based attack to actually being physically destructive.

A

Stuxnet

19
Q

Stuxnet is a particularly complex and impactful item of malware that targeted the SCADA systems that run various industrial processes. What does SCADA stand for?

A

Supervisory Control and Data Acquisition

20
Q

A type of tool that uses signature matching or anomaly detection to detect malware threats, either in real-time or by performing scans of files and processes.

A

Anti-malware tool

21
Q

The process of anomaly detection used by anti-malware tools to detect malware without signatures.

A

Heuristics

22
Q

A hardware/software-based technology that prevents certain portions of the memory used by the operating system and applications from being used to execute code.

A

Executable space protection

23
Q

The act of inputting more data than an application is expecting from a particular input, creating the possibility of executing commands by specifically crafting the excess data.

A

Buffer overflow attack

24
Q

A security method that involves shifting the contents of memory around to make tampering difficult.

A

ASLR

25
Q

An ASLR is a security method that involves shifting the contents of memory around to make tampering difficult. What does ASLR stand for?

A

Address space layout randomization

26
Q

This type of firewall generally contains a subset of the features on a large firewall application, but is often capable of similar packet filtering and stateful packet inspection activities.

A

Software firewall

27
Q

A system used to analyze the activities on or directed at the network interface of a particular host.

A

HIDS

28
Q

A HIDS is a system used to analyze the activities on or directed at the network interface of a particular host. What does HIDS stand for?

A

Host intrusion detection system

29
Q

A type of tool that can detect various security flaws when examining hosts.

A

Scanner

30
Q

A tool that is aimed specifically at the task of finding and reporting network services on hosts that have known vulnerabilites.

A

Vulnerability assessment tool

31
Q

A well-known vulnerability assessment tool (it also includes a port scanner)

A

Nessus

32
Q

A group of tools that can include network mapping tools, sniffers, and exploits.

A

Exploit framework

33
Q

Small bits of software that take advantage of flaws in other software or applications in order to cause them to behave in ways that were not intended by their creators.

A

Exploits

34
Q

The total of the available avenues through which our operating system might be attacked.

A

Attack surface

35
Q

What security strategy best protects an operating system from buffer overflow attacks?

a) Implement anti-malware tools
b) Apply software updates
c) Implement executable space protection
d) Install a host intrusion detection system

A

c) Implement executable space protection

36
Q

Which well-known tool is a scanner with a large and broad set of functionality?

a) Nmap
b) Hping3
c) NetStumbler
d) Metasploit
e) Stuxnet

A

a) Nmap

37
Q

Which tool is a well-known vulnerability assessment tool that also includes a port scanner?

a) NetStumbler
b) Metasploit
c) Nessus
d) Immunity CANVAS

A

c) Nessus

38
Q

Small bits of software that take advantage of flaws in other software or application to cause them to behave in ways that were not intended by their creators.

A

Exploits