2.5 Flashcards

1
Q

Mitigation and Security for Legacy Systems

A

hardening, patching, configuration enforcement, decommissioning isolation and segmentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Securing Bluetooth Devices

A

Turn off bluetooth when not in use
set devices to non discoverable mode by default
regularly update firmware so security patches are up to date
only pair with trusted devices
use a unique passkey or pin during pairing
be cautious of unsolicited connection requests
use encryption for sensitive data transfers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

securing Mobile devices

A

MDM Mobile device management
- includes patching, config management and best practice enforcement like disabling sideloading, detecting jailbreaking/rooting and enforcing vpn use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Securing OS Zero Day vulnerability

A

frequent system and software updates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Securing OS Misconfiguration vulnerability

A

conduct periodic audits and reviews to identify and mitigate vulnerabilities due to misconfigurations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Securing OS Data exfiltration vulnerability

A

protect with encryption for data at rest and endpoint protection tools to monitor and restrict unauthorized data transfers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Securing OS Malicious Updates vulnerability

A

maintain app allow lists, verify authenticity with digital signatures and hashes, source updates from trusted vendors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Hardening

A

process of enhancing system app or network security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What default configurations should be changed in relation to hardening?

A

default passwords
preset authentication details
should immediately be changes
rotate every 90 days
rely on password manager
unneeded ports and protocols
audit ports that are enabled
close unneeded ports
look for secure versions of protocols and use those
extra open ports
may be open by default
use the more secure ports and close insecure ones

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How can you restrict apps in the hardening process?

A

Least functionality - involves configuring system with only essential apps and services, un-needed apps should be restricted
managing software
- keep software up to date
- large networks should require preventive measures to control excessive installations
create secure baselines
- secure baseline images are used for new computers
- baselines include the os and minimum required apps
preventing unauthorized software
app allowlisting and blocklisting are used to control which apps can run on a workstation
- only apps on the approved list are allowed to run
- all other apps are blocked from running
app blocklisting
- apps placed on blocklist are prevented from running
centralized management
-microsoft AD domain controllers allow centralized management of lists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

TOS

A

Trusted OS
an OS that is designed to provide a secure computing environment by enforcing stringent security policies that usually rely on mandatory
SELinux is an example of a trusted OS so is Trsusted Solarisaccess controls
include mandatory access control
security auditing
role based access control (SELinus)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

EAL

A

Evaluation Assurance Level
a predefined security standard and cert from the common criteria for IT security evaluation
EA1 lowest
EA7 highest level of assurance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Mandatory Access Controls

A

access permissions are determined by a policy defined by the system admin and enforced by the OS. Its controlled at the kernel level and is often used for high security orgs like for the government or millitary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Hotfix

A

a software patch that solves a security issue and should be applied immediately after being tested in a lab environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Update

A

provides a system with additional functionality but it doesnt usually provide any security patching. they often introduce new vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Service Pack

A

includes all the hotfixes and updates since the release of the OS

17
Q

Patch Management

A

planning testing implementing and auditing of software patches

18
Q

Patch Planning

A

creating policies procedures and systems to track and verify patch compatibility

19
Q

Patch Rings

A

implementing patches one group at a time

20
Q

Patch auditing

A

scanning network to ensure patch was installed correctly

21
Q

Group Policies

A

a set ofr ules and policies that can be applied to users or computer accounts within an OS
can be accesses by entering gpedit in the run prompt
each policy acts as a security template applying rules like password complexity, acct lockout policies, software restrictions and app restrictions

22
Q

Security Templates

A

a group of policies that can be loaded through one procedure

23
Q

GPO

A

group policy objective
used to harden the OS and establish secure baselines
its like a secutity template in windows to apply settings across devices on a network

24
Q

Baselining

A

a process of measuring changes in the network hardware of software environment
helps establish what is normal for the org and identify deviations

25
Q

SELinux

A

Security enhanced linux
provides an additional layer of security for linux distros
enforces mandatory access control
enabled info to be classified and protected
enhances file system security

26
Q

MAC

A

mandatory access control
restricts access to system resources based on subject clearance and object labels

27
Q

SELinux Context based permissions

A

permission schemes that consider various properties to determine whether to grant or deny access to a user
two main types that use MAC
SELinux and App Armor

28
Q

DAC

A

discretionary access control
allows object owners to directly control access using tools like chown and chomos
selinux uses mac not dac

29
Q

Three main contexts in selinux

A

user context (defines which users have access to an object)
role context
type context - essential for fine grained access control most critical

30
Q

Optional context

A

level context
describes the sensitivity level of a file directory or process

31
Q

SELinux Modes

A

disabled turns off selinux relying on default dac for access control
enabled
permissive enabled selinux but does not enforce policies

32
Q

SELinux Policy Types

A

Targeted - only specific processes are confined to a domain while others are unconfined
strict policies - every subject and object operates under mac but its more complex to setup. most secure
MLS policy implements a more stringent security model based on the Bell-LaPadula model, which focuses on maintaining data confidentiality by controlling read and write access based on security levels.

33
Q

Data Encryption Levels

A

Full disk
partition
volume
file level
database
record

34
Q

Veracrypt

A

tool that encrypts partitions of a hard drive

35
Q

Volume encryption

A

used to encrypt a set space on the storage medium

36
Q

GNU Privacy Guard

A

a tool that provides cryptographic privacy and authentication for data and communication

37
Q

Mutex

A

mutually exclusive flag that acts as a gatekeepers to a section of the code so that only one threat can be processed at a time

38
Q

Deadlock

A

occurs when a lock remains in place because the process its waiting for is terminated crashes or doesnt finish properly