11) Operating System Security Flashcards
What type of OS hardening is the following action:
All user IDs are password protected and were changed when setting up the computer.
Alter default accounts
What type of OS hardening is the following action:
Admin and Administrator usernames are changed
Alter default accounts
What type of OS hardening is the following action:
Regular user IDs do not have the ability to install software.
Apply the principle of least privilege
What type of OS hardening is the following action:
Never connect a new computer to the corporate network unless patches have already installed.
Perform updates
What type of OS hardening is the following action:
Knowing what ports are open is useful to complete this hardening task.
Remove all unessential services
What type of OS hardening is the following action:
The database server is stripped down except for mySQL.
Remove all unnecessary software
What type of OS hardening is the following action:
The trail of significant OS events are placed on the hard drive.
Turn on logging and auditing
(T/F) Executable space protection is a software technology implemented by operating systems to stop attacks using the same techniques used in malware.
False
Executable space protection requires two components to function: a hardware component and a software component. Both AMD and Intel CPU chips manufacturers support the hardware and many operating systems support the software required.
This type of host-based software may communicate with the management device by sending regular beacons.
HIDS
HIDS is a type of host-based software that may communicate with the management device by sending regular beacons. What does HIDS stand for?
Host intrusion detection system
What type of security tool is the following:
Metasploit
Exploit Framework
What type of security tool is the following:
CANVAS
Exploit Framework
What type of security tool is the following:
Nmap
Scanner
What type of security tool is the following:
Nesus
Vulnerability Assessment Tool
The process of reducing the number of available avenues through which our operating system might be attacked.
Operating system hardening
The total of the areas through which our operating system might be attacked.
Attack surface
A principle that states we should only allow a party the absolute minimum permission needed for it to carry out its function.
The principle of least privilege
A particularly complex and impactful item of malware that targeted the SCADA systems that run various industrial processes; this piece of malware raised the bar for malware from largely being a virtual-based attack to actually being physically destructive.
Stuxnet
Stuxnet is a particularly complex and impactful item of malware that targeted the SCADA systems that run various industrial processes. What does SCADA stand for?
Supervisory Control and Data Acquisition
A type of tool that uses signature matching or anomaly detection to detect malware threats, either in real-time or by performing scans of files and processes.
Anti-malware tool
The process of anomaly detection used by anti-malware tools to detect malware without signatures.
Heuristics
A hardware/software-based technology that prevents certain portions of the memory used by the operating system and applications from being used to execute code.
Executable space protection
The act of inputting more data than an application is expecting from a particular input, creating the possibility of executing commands by specifically crafting the excess data.
Buffer overflow attack
A security method that involves shifting the contents of memory around to make tampering difficult.
ASLR