2.0 - 2.10 Flashcards
Some secure areas include an ____ (formerly known as a mantrap), which is an area with two locking doors. A person might get past the first door by way of tailgating but likely will have difficulty getting past the second door, especially if there is a guard between the two doors. An ____ essentially slows down the entry process, in hopes that any people sneaking in behind others will be thwarted before they gain entry to the secure area. If someone lacks the proper authentication, that person will be stranded in the ____ until authorities arrive.
access control vestibule
ID badges and readers can use a variety of physical security methods, including the following:
_______ If the bearer of the card doesn’t look like the person on the
card, the bearer might be using someone else’s card and should be
detained.
Photos
ID badges and readers can use a variety of physical security methods, including the following:
____: The codes embedded on these cards carry a range of information about the bearers and can limit individuals’ access to only authorized areas of buildings. These cards can be read quickly by a barcode scanner or swipe device.
Barcodes and magnetic strips
ID badges and readers can use a variety of physical security methods, including the following:
____: As with barcoded badges, cards with radiofrequency identification (RFID) chips can be used to open only doors that are matched to the RFID chip. They can also track movement within a building and provide other access data required by a security officer. To prevent undetected tampering, ID badges should be coated with a tamper-evident outer layer.
RFID technology
____are devices that can interpret the data on a certain type of ID.
Although photo IDs are still best assessed by humans, other types of IDs
add extra security that ____can govern.
Badge Reader
Cameras are ubiquitous, thanks to the explosive growth of the Internet of Things (IoT). They are affordable and can easily store recordings for security and historical reference. ___of secure areas is essential.
Video Surveillance
Alarms are common in many areas of security, from failed drive alarms in computers to hacking attempts in firewalls. Less sophisticated but just as
essential are physical alarms that alert security personnel when doors are open or cables are moved.
Alarm Systems
When used with video and alarm systems, __ can provide good physical security. Motion detectors can activate alarms and time-stamp
events for tracking on video recordings.
Motion Sensors
A determined and skillful thief can foil even the best security plans. The best way to deter a thief is to use a mix of technical barriers and human interaction. ____ can be deployed in different ways. When employees enter the work area in the presence of a guard, best practices most likely will be followed and everyone will scan in and be authenticated. Without a guard, people might hold the door open for others whom they recognize but who say they misplaced their IDs. Knowing that someone is watching carefully keeps honest people honest and deters dishonest people. Another way to deploy ____ is to have them watch several areas via security cameras that record access into and out of the buildings. Although this method is not as effective as posting a guard at each door, it allows fewer security ____ to scan different areas for traffic behaviors that warrant further attention.
Guards
Of course, the easiest way to secure an area is to lock doors. This seems like an obvious statement, but it is surprisingly common for people to simply wander into unauthorized areas. Some organizations have written policies explaining how, when, and where to lock doors. Beyond the main entrances, you should also always lock server rooms, wiring closets, labs, and other technical rooms when they are not in use. Physical ____ might seem like a simple solution, but they can’t be taken over by hackers.
Door Locks
Most desktops, laptops, and other mobile devices such as projectors and docking stations feature a security slot. On a laptop, the slot is typically located near a rear corner
Equipment Locks
____ are short wood, metal, or concrete posts installed in sidewalks and driveways to allow pedestrian and bike traffic to pass while keeping larger vehicles away. They are often removable with key access, to allow maintenance vehicles and other necessary traffic to get close to buildings. ____ are a passive way of keeping vehicles that could be listening for signals away from sensitive data centers. People coming and going from buildings also are easier to keep track of with video cameras.
Bollards
Of course, the most fundamental security device is a fence. ____ are usually subject to building codes, so effective design is important. They should be as tall as possible, sturdy, and monitored.
Fences
targets the entire website if the website is using a SQL database. Attackers can potentially run SQL commands that allow them to delete website data, copy it and run other malicious commands.
SQL Injection
____ can be used with a variety of security devices. ____ can contain RFID chips, and many are used as part of a two-step authentication process that works as follows:
The user carries a key fob that generates a code every 30 to 60 seconds. Every time the code changes on the fob, it is also matched in the authentication server. In some cases, the user must also log into the fob to see the access code, for an extra layer of security.
The user then logs into the system or restricted area, using the randomly generated access code displayed on the key fob’s LCD display. The authentication server matches the current code and allows access. A key fob used in this way is often referred to as a hardware token.
Key Fobs
A____ is a credit card–sized card that contains stored information and possibly also a simple microprocessor or an RFID chip.____s can be used to store identification information for use in security applications and to store values for use in prepaid telephone or debit card services, hotel guest room access, and other functions.____s are available in contact and contactless form factors.
Smart Card
Contactless cards are also known as ___. Readers for these cards are usually wall mounted so that users can scan their cards within 6 inches of a reader.
proximity cards
A ____–based security system includes ____s, card readers that are designed to work with ____s, and a back-end system that contains a database that stores a list of approved ____s for each secured location. ____–based security systems can also secure individual personal computers.
Smart Card
smart card security systems can be multifactor, requiring the user to input a __ or __and then provide the smart card at secured checkpoints, such as the entrance to a computer room.
PIN / security password
Keeping track of ____ is essential. If ____ are entrusted to a careless person or, worse, a dishonest employee, the entire security plan can fail. Document who has ____ to server rooms and wiring closets, and periodically change the locks and ____. Cipher locks that use punch codes also enhance security. Using a combination of these methods provides greater protection.
keys
security refers to the use of a person’s biological information, gathered from scans.
Biometric
One of main type Biometeric is currently in use ,
_______________As with iris scanning, ____ is
highly accurate, but this type of biometric scan is much more
affordable to implement. The scan gathers data on fingerprints and
compares their features to data stored for matching. More than one
fingerprint can be stored for reference.
fingerprint scanning
One of main type Biometeric is currently in use ,
_______________ This scan is less accurate than fingerprint scanning because the palm scanner does not analyze the structure of the fingerprints; it merely gathers data on the size of the hand.
Palmprint scanning:
One of main type Biometeric is currently in use ,
_______________This highly accurate technology is nearly impossible to foil, but it requires specialized equipment and can be expensive
Retina (iris) scanning:
Maintaining well-lit areas is important, for many obvious and not-so obvious reasons. With the advent of LED ____, good ____ is no longer the cost and energy concern it used to be. Well-lit areas can provide safety for workers, enhanced readability of tiny labels when working with racks of equipment, and enhanced quality for video cameras and other security measures.
Lighting
The term ____is simply another name for a metal detector, common to all airports and many public areas. Highly sensitive areas generally have restrictions on weapons; a ____can identify concealed weapons, to enforce the rules and reduce the likelihood of a violent incident.
Magnetometers
Privacy issues are important to any company that handles confidential data. When that data is being used on a workstation screen or mobile device, it needs to be protected from unintentional viewing. Data on a computer screen can be easily protected by installing a ____, which is a transparent cover for a PC monitor or laptop display. It reduces the cone of vision, usually to about 30 degrees, so that only the person directly in front of the screen can see the content. Many of these screens are also antiglare, to reduce the user’s eye strain.
Privacy Screen
A computer is a combination of physical and logical systems, and security practices must address both of these sides of computing. Addressing software (logical) security practices is essential as well.
Logical Security Concepts
The ____ appears to be basic common sense, but it should not be taken lightly. When user accounts are created locally on a computer—especially on a domain—great care should be taken in assigning users to groups. Additionally, many programs ask during installation who can use and make modifications to the program; often the default is “all users.” Some technicians just accept the defaults when hastily installing programs, without realizing that they are giving users full control of the program. It is an important practice to give clients all they need, but to limit their access to only what they need.
Principle of Least Privilege
Applying the ____ means giving users access to only what they require to do their jobs. Most users in a business environment do not need administrative access to computers and should be restricted from functions that can compromise security.
Principle of Least Privilege
are lists of permissions or restriction rules for access to an object, such as a file or folder. ____which users or groups can perform specific operations on specified files or folders.
Access control lists (ACLs)
. For example,
consider a person gaining access to a system by using a digital code from a fob and then typing a username and password. The combination of the password and the digital token makes it very difficult for imposters to gain access to a system. ____ is more secure than earlier versions of software tokens, which could be stolen.
multifactor authentication (MFA)
A ____ system uses two or more authentication methods and is far more secure than single-factor authentication
multifactor authentication (MFA)
____ uses Advanced Encryption Standard (AES) encryption.
Wi-Fi Protected Access 2 (WPA2)
____ uses 128-bit blocks and supports variable key lengths of 128, 192, and 256 bits. It allows up to 63 alphanumeric characters (including punctuation marks and other characters) or 64 hexadecimal characters. ____ also supports the use of a RADIUS authentication server in corporate environments
Wi-Fi Protected Access 2 (WPA2)
____, which was released in 2018, uses 128-bit encryption (192-bit in an enterprise version) and has a different method for sharing security keys than the other types of encryption. ____is designed to add better privacy and protection against attacks on public Wi-Fi networks.
Wi-Fi Protected Access 3 (WPA3)
____is somewhat like WEP in design so that it can operate on legacy hardware that lacks computing power. ____is no longer considered sufficiently secure.
Temporal Key Integrity Protocol (TKIP),
____ is much more secure and has been adopted by the U.S. government as the encryption standard. Some important points to remember are that two versions of WPA2 exist: WPA2-Personal and WPA2-Enterprise.
Advanced Encryption Standard (AES)
___ protects unauthorized network access via a password. ___uses pre-shared keys
WPA2-Personal
___verifies network users through a server.
WPA2-Enterprise
____maintains equivalent cryptographic strength through the required use of 192-bit AES for the Enterprise version and optional 192-bit AES for the Personal version. ____helps prevent offline password attacks by using Simultaneous Authentication of Equals (SAE). This still allows users to choose easier-to-remember passwords and, through forward secrecy, does not compromise traffic that has already been transmitted, even if the password becomes compromised.
Wi-Fi Protected Access 3 (WPA3)
Four different ____methods are used for access to a wireless network: single-factor, multifactor, RADIUS, and TACACS+. These methods also apply to wired networks.
Authentication
____ authentication is basic username and password access to a computer or network. For years, this was sufficient—and it is still used in many environments. But the rise of online banking and shopping drew more advanced hacking methods, and ____authentication is now rare in online commerce
Single-factor
A ___authentication system uses two or more authentication methods and is far more secure than single-factor authentication.
multifactor
dates back to the days of dial-up modem access to networks in the early 1990s. It has been widely distributed and is still in use, although it has been updated over the years. A user who wants to access a network or an online service can contact a ___ server and enter username and password information when requested. The server authenticates (or declines) the user and advises the network or service to allow the client in (or not).
Remote Authentication Dial-In User Service (RADIUS)
is an open standard authentication protocol that is used between two clients (or a client and a server) and a third-party ___Key Distribution Center server. The clients acquire a ___key and can mutually authenticate across an unsecure network or the Internet. Microsoft’s version of ___is the default method for Windows authentication for joining domains. Versions are also available on macOS, Linux, and other operating systems
Kerberos
solved a problem that occurred as network use expanded in the 1980s. The name and acronym seem convoluted, but they describe the function and process pretty well. In early network computing, when a user logged into a network, each time he or she accessed a different resource or host on that network, the user had to reauthenticate. Dial-up was slow, and logging in was a time consuming process. With ___, a user who was already authenticated into the network was automatically logged into other resources in the system as well. The network’s access control system took care of the user’s terminal access. In its original form, TACACS is quite insecure, but Cisco has updated and re-released it in proprietary form as ___.
Terminal Access Controller Access Control System (TACACS+)
Malicious software, or___, is software designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent.___ is a broad term used by computer professionals to include viruses, worms, Trojan horses, spyware, rootkits, keyloggers, adware, and other types of undesirable software.
Malware
___malware, also known as a ___horse, is a malware program disguised as a “gift”—usually popular videos or website links—that trick the user into downloading a virus that might be used to trap keystrokes or transmit sensitive information. Trojans are aptly named for the famous story of the wooden ___horse, an apparent gift that hid invading soldiers and allowed them to sneak inside the city gates of Troy.
Trojan
does not need a host program to work; rather, it substitutes itself for a legitimate program.
A malware that disguises itself as one thing, but does something else.
Trojan
attaches itself to some executable code like a program. When the program is running, it touches many files, each of which is now susceptible to being infected with the ___. It replicates itself on these files, does the malicious work it’s intended to do and repeats this over and over until it spreads as far as it can.
virus
Just as biological ____es can infect humans and cause all sorts of different illnesses, computer ____es can infect and damage computers. ____ is a generic term for any malicious software that can spread to other computers and cause trouble. Some ____es are more malicious than others, but all need to be guarded against with anti____ updates. Most ____ attacks are spread with human assistance when users fall prey to phishing and carelessly open attachments.
virus
A __ is a set of hacking tools that makes its way deep into the computer’s operating system or applications and sets up shop to take over the computer. Some ____ do keylogging, some listen for banking information, and more complex ones completely take over a computer. A ____ is a complex type of malware that is difficult to detect and remove with standard malware antivirus software. Sometimes wiping the drive and reinstalling the operating system is the only certain solution.
rootkit
spies on you to collect personal information that it transmits over the Internet to web-hosting sites.
Spyware
____is software that spies on system activities and transmits details of web searches or other activities to remote computers. Getting multiple unwanted pop-up windows when browsing the Internet is a good indicator of ____. Some pop-up windows show fake security alerts , in the hopes that a user will click on something and then either purchase rogue or fake antivirus software or just download more malware. ____can cause slow system performance.
Spyware
holds your data or system hostage until you pay some money
Ransomware
uses malware to encrypt the targeted computer’s files. The ransom demand might be presented after you call a bogus technical support number displayed by a fake error message from the ____, or the ransom demand might be displayed onscreen. The ransom must be paid within a specified amount of time, or the files will not be decrypted.
Ransomware
An even larger attack is technically known as UNC2452 but more commonly known by how it was spread: through huge networks piggybacking on Solar Winds networking software. This virus is so exceptionally complicated that is thought to be the work of an unknown government.
Ransomware
A famous recent example of ____ is the WannaCry virus, which spread throughout the world in 2017. It impacted Windows machines that had not been updated with security patches that would have prevented the spread of the attack.
Ransomware
viruses are especially dangerous because they track keystrokes and can capture usernames and passwords of unwitting users. A ____ can be delivered via a Trojan horse, phishing, or a fake email attachment that the user opens. One way to foil these attacks is to require multifactor authentication because the second authentication factor changes, rendering the stolen password invalid.
Keylogger
tracks all your keystrokes and can be used to steal your identity, credit card numbers, Social Security number, bank information, passwords, email addresses, and so forth
Keylogger
A ___is similar to a rootkit virus, in that it is embedded deep into the computer. In this case, the virus embeds itself into the initial code of the boot sector on a hard drive. Once there, it can be loaded into system memory on startup and initialize the hidden virus in other drives on the network. Current versions of BIOS and UEFI have built-in protection against boot sector viruses, and these viruses are less common than in decades past.
boot sector virus
____ are viruses that take over the resources of an infected computer to mine cryptocurrency, usually bitcoin. This practice is also known as cryptojacking. Bitcoin mining is largely legal in most countries, but it is expensive in terms of power use and computer resources. Thus, miners sometimes try to force someone else to pay the costs of mining while they reap the benefit of earning cryptocurrency. Viruses can be delivered in Trojan horses, during phishing, and in browser-based attacks in which malicious code is put into a web page and runs when the browser visits the page. Slow performance, high CPU usage, and higher network traffic are symptoms that a crypto virus might be onboard.
Cryptominers
Protection against viruses and malware is necessary for every type of computing device, from mobile devices to servers. Computer protection suites that include antivirus, anti-malware, anti-adware, and anti-phishing protection are available from many vendors, but some users prefer a “best of breed” approach and choose the best available product in each category
Antivirus/Anti-malware
programs can use some or all of the following techniques to protect users and systems:
Real-time protection to block infection
Periodic scans for known and suspected threats
Automatic updating on a frequent (usually daily) basis
Renewable subscriptions to obtain updated threat signatures
Links to virus and threat encyclopedias
Inoculation of system files
Permissions-based access to the Internet
Scanning of downloaded files and sent/received emails
Antivirus/Anti-malware
When attempting to protect against viruses and malware, the most important consideration is to keep your __application up-to-date. The second most important consideration is to watch out for unknown data, whether it comes via email, USB flash drive, a mobile device, or some other mechanism.
anti-malware
____enables you to reset your PC or boot from a recovery disk. If resetting the PC is not sufficient, you can boot from a recovery disk to remove infected files and restore your original files. Access the recovery tools in Windows 10 by going to Settings > Update & Security > Recovery.
Recovery Mode
Regardless of the sophistication of physical or digital security measures, a lack of ___ can lead to security issues. Users should be educated in how to do the following:
Ask for an ID when approached in person by someone claiming to be from the help desk, the phone company, or a service company.
Ask for a name and a supervisor name when contacted by phone by someone claiming to be from the help desk, the phone company, or a service company.
Use only official contact information for the help desk, phone company, and authorized service companies, and call the authorized contact person to verify that a service call or phone request for information is legitimate.
Log into systems first and then give the technician the computer (instead of giving the technician all the login information).
Change passwords immediately after service calls.
Report any potential social engineering calls or in-person contacts, even if no information was exchanged. Social engineering experts can gather innocuous-sounding information from several users and create a convincing story to gain access to restricted systems.
Keep antivirus, antispyware, and anti-malware programs updated.
Scan systems for viruses, spyware, and malware.
Understand the major malware types and techniques.
Scan removable media drives (such as optical discs and USB drives) for viruses and malware.
Disable Autorun and AutoPlay.
Configure scanning programs for scheduled operation.
Respond to notifications that viruses, spyware, or malware have been detected.
Quarantine suspect files.
Report suspect files to the help desk.
Remove malware.
Disable antivirus software when needed (such as during software installations) and know when to reenable antivirus software.
Avoid opening attachments from unknown senders.
Use anti-phishing features in web browsers and email clients.
user education
Phishing is a well-known problem that continues to confound network security educators. Phishing requires naive or vulnerable users who are unfamiliar with how easily they can provide a home for malware or a virus. This is usually done by opening email that users do not carefully look at before opening, or giving away information that can help hackers access the network.
Training can involve weekly reports of phishing examples. Some IT departments even internally release “fake” phishing attempts to see if anyone responds and needs more training.
Anti-Phishing Training
is often a good solution for an infected computer. It is an involved process, but many viruses are so well hidden that it can be the best solution.
OS reinstallation
During and after the __:
Keep the computer off the network during the process.
Ask for all updates available.
Enable the firewall and install any other security software used on the network.
Scan the external drive that contains the backed-up files, to make sure the virus is not reimported in one of them.
Enable automatic updates for the OS and antivirus software.
reinstallation
Before performing the ___:
Isolate the computer from any network connections.
Change all passwords that were used during the suspected time of infection, especially banking and work passwords. (There is no point in changing the computer’s passwords because they will need to be reset during the installation.)
Back up data files on an external hard drive. Don’t back up the apps; the virus might reside in one of them.
reinstallation
Eight common___ techniques that all employees in an organization should know about are phishing, vishing, shoulder surfing, whaling, tailgating, impersonation, dumpster diving, and evil twin.
social engineering
____ involves creating bogus websites or sending fraudulent emails that trick users into providing personal, bank, or credit card information. A variation, phone ____, uses an interactive voice response (IVR) system that the user is tricked into calling, to dupe the user into revealing information.
____ is a constant threat that administrators can address with awareness warnings that give examples of the latest threats and educate employees on identifying suspicious message
Phishing
____ involves leaving deceptive voice messages that appear to come from an internal source or other authority. These messages request confidential information, such as payroll or tax information. The attacks typically target a specific person, organization, or business. The best protection against ____ is to implement security practices that educate users on how to handle sensitive information within the organization.s.
Vishing
____ is a specific type of phishing attack that goes after high-level employees (the big fish, or whale) in an organization, especially the CEO. The attacks tend to be more sophisticated and customized, appearing to come from a high-level executive at another company. Links inside the mail or website infect the computer belonging to leadership, granting access to more sensitive information and possible authorization for fund transfers.
Whaling
____ is a type of social engineering similar to phishing, in which a hacker sends an email pretending to be someone the victim trusts. It can take time and research for the impersonator to figure out how to gain the target’s trust. ____, also known as business email compromise (BEC), is not restricted to email, but can happen on the phone or in person. Common sense and strict policies on how to communicate sensitive information can help prevent ____ attacks.
Impersonation
Going through the trash seeking information about a network—or a person with access to the network—is called ____. This type of activity does not have to involve an actual dumpster, of course—just someone searching for any information that will help him or her socially engineer a way into a network. To limit the prospects of a dumpster diver, paper shredders or shredding services should be employed to keep data out of reach.
Dumpster Diving
____ is the attempt to view physical documents on a user’s desk or electronic documents displayed on a monitor by looking over the user’s shoulder. Shoulder surfers sometimes watch the keyboard to see passwords being entered. They act covertly, looking around corners and using mirrors or binoculars. They might also introduce themselves to users and make conversation, in the hopes that the users will let down their guard. A common protection against ____ is using a special privacy screen that limits the viewing range of a display. Employees should be trained to be aware of others who are able to see their screens and to leave screens locked when they are away from their workstations.
Shoulder surfing
____ occurs when an unauthorized person attempts to accompany an authorized person into a secure area by following that person closely and grabbing the door before it shuts. This is usually done without the authorized person’s consent; sometimes the authorized person is tricked into believing that the thief is authorized. If the authorized person is knowingly involved, the act is known as piggybacking. Mantraps, mentioned earlier, are designed to thwart ____.
Tailgating
An____ attack involves setting up a fraudulent wireless access point on a network that imitates the legitimate AP for local users. The____ AP sometimes attacks the legitimate AP, so users are fooled into logging onto the____. The twin can then sniff usernames and passwords and listen for other valuable information. Sometimes an____ can set up a fake portal that mimics the company site, to collect even more data on anyone who logs on.
evil twin
Any viable plan to protect a network and data must be based on a clear understanding of the __ that all IT networks face.
Threats
A ____ attack involves one computer attacking a specific target with an overwhelming number of service requests. This is very similar to a DDoS attack, but without the bots. The messages coming from one source can still take down a network, at great cost to a business.
denial of service (_DOS___)
When legitimate software is sold and distributed, it might have unknown security vulnerabilities. When the flaws are discovered, the users put out alerts and the software company creates a patch. Sometimes hackers watch for those alerts and exploit the vulnerabilities before the patch is installed, hence the term ____.
zero-day attack.
is a general term for malware attacks that purport to come from a trustworthy source.
Spoofing
Phishing, spear phishing, and rogue antivirus programs are three examples of __.
spoofing
An ____involves an attacker intercepting a connection while fooling the endpoints into thinking that they are communicating directly with each other. Essentially, the attacker becomes an unauthorized and undetected proxy or relay point; the attacker uses this position to capture confidential data or transmit altered information to one or both ends of the original connection.
on-path attack / man-in-the-middle
A_- involves cracking passwords by calculating and using every possible combination of characters until the correct password is discovered. The longer the password used, and the greater the number of possible characters in a password, the longer ____ takes. One way an administrator can block ____ is to set authentication systems to lock after a specified number of incorrect passwords. Longer passwords also aid in the fight against ___.
brute-force attack
___ involve attempting to crack passwords by trying all the words in a list, such as a dictionary. A simple list might include commonly used passwords such as 12345678 and password. ____ can be blocked by locking systems after a specified number of incorrect passwords. Requiring more sophisticated passwords that do not include identifiable information such as birthdays or family names is also a strategy.
Dictionary attacks
Many security procedures are designed to prevent people outside an organization from penetrating a network and making off with valuable data. However, a very real threat comes from ____, in the form of dishonest or unhappy employees or a trusted vendor or contractor who has access to the network or the network infrastructure. Many incidents of corporate or government espionage and intellectual property theft have been performed by insiders with high levels of access. In fact, an insider can do much more harm than an outsider. Preventing ____ is difficult, but many of the monitoring and antiphishing practices also protect against insider fraud. It is a common corporate practice that when employees with access to the network are terminated or quit, their credentials are immediately rescinded and they have no further access to the buildings or the network.
insider threat
____ is a standard language for communication among databases. This language can be used to attack a database to steal important information such as credit card numbers, social security numbers, and other private data. It can also be used to simply attack a company or government and destroy or heavily damage databases so that they become useless. Database administrators must carefully design their databases to mitigate the threat of dangerous queries. In a ____ injection attack, malicious code is inserted into strings that are later passed to a database server.
Structured Query Language (SQL) Injection
____ is a code-injection technique that uses client-side scripts. It involves tricking a user, often with a link in an email or through some other ruse. When an unsuspecting user clicks on the link, the attacker can inject malicious code into a web-based app. This code is then “trusted” in the user environment, but it can steal information stored in cookies or other valuable information. The best defense against ____ is to have specific firewall settings on data types entering the systems and encrypting data leaving the system. This way, if information is stolen, the thief cannot read it.
Cross-Site Scripting (XSS)
are systems that are tagged by a configuration manager application (for example, Microsoft’s Endpoint Configuration Manager) as not having the most up-to-date security patches installed. Systems that do not have the most updated security patches are especially vulnerable to attacks.
Noncompliant systems
An example of this is a user attempting to log onto a corporate network with a personal computer that has not been updated to network standards that comply with the corporation’s specifications.
Noncompliant systems
A ___ is a weakness in an organization’s security plan that can allow threats to become real problems.
Vulnerabilities
Similar to noncompliant systems, an ____ will not protect against recently discovered and newly fixed zero-day vulnerabilities. When hackers know about these vulnerabilities, the attacks increase. ____ will be vulnerable to the attacks. Systems should be patched within one week of the release of a patch.
Unpatched System
Similar to an unpatched system, an ___that is missing firewalls and antivirus software (or outdated security software) is vulnerable to the latest known virus information.
Unprotected Systems
