Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Block 5 - Cyber Security > 3A > Flashcards

3A Flashcards

1
Q

___ are critical as a form of Cyber Security for they protect computer systems and networks on one side of the ___ from outside systems on the other side.

A

Firewalls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Firewalls accomplish this by monitoring data packets passing through the firewall, and either allows the traffic through or blocks it. Administrators ___ ___ ___ the firewalls operate from.

A

set the rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Firewalls can be implemented as hardware, software, or ___.

A

both

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A good firewall system will not only block unauthorized users from accessing the internal network but can also block ___ ___ from a “need to know” about the mission or resources of the secure
network.

A

internal users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does GPO stand for?

A

Group Policy Object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Windows OSs, through ___ ___, can be configured by network administrators to change which Windows features are available to users and to manage system security.

A

group policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Group policy can be configured on a local computer system or centrally configured for the network through ___ ___ via Windows Server.

A

Active Directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Active Directory settings will apply to systems and users every ___ ___, on next logon, and on restart.

A

90 minutes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A ___ of group policy configurations is called a group
policy object (GPO).

A

set

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the three types of GPO?

A
  1. User settings
  2. Computer settings
  3. Security settings/local policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The following describes which type of GPO?

___ ___ apply to a machine no matter who is logged in. These policies are used to restrict desktop settings.

A

User settings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the policies that fall under “user settings”?

A
  • Windows Settings | Scripts User Settings Identification- This policy configures scripts that execute when a user logs on or off.
  • Windows Settings | Internet Explorer Maintenance- This policy is used to configure settings in Internet Explorer (IE) such as website favorites and default home page.
  • Administrative Templates | Control Panel- This policy enables or disables Windows Control Panel features to control what users can change in the system.
  • Administrative Templates | Desktop- This policy controls what desktop icons appear on the system.
  • Administrative Templates | Start Menu and Taskbar- This policy controls what items appear in the Start menu.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The following describes which type of GPO?

___ ___ enforce password policies and restrict software that can be used on a system.

A

Computer settings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the policies that fall under “computer settings”?

A
  • Windows Settings | Scripts (Startup/Shutdown)- This implements scripts to allow automated processes to run during system startup or shutdown.
  • Security Settings | Account Policies- This policy configures user accounts, for example, account lockout and password policies.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The following describes which type of GPO?

___ ___ contain user right configuration options, auditing, and other security settings including banners.

A

Security settings/local policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the policies that fall under “security settings/local policies”?

A
  • Security Settings | Windows Firewall with Advanced Security- This policy configures the firewall built into Windows.
  • Security Settings | Software Restriction Policies- This policy configures what software is allowed to run on a system.
  • Security Settings | Advanced Audit Policy Configuration- This policy controls the system auditing process and sets what types of events to audit.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A ___ server is a type of firewall that resides between a user’s computer and the Internet.

A

proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Proxies are typically associated with being able to control ____ communication by limiting which web sites an employee can visit.

A

outbound

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Users will typically authenticate to the proxy server first, and based on their ____, the proxy administrator will decide whether the employee is allowed to use the Internet and which websites they can visit.

A

username

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Proxy servers also ____ which websites are visited each day.

A

log

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Proxy servers provide…?

A

security, privacy and web filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Also, proxies protect clients because at no point does the client directly connect to the website. If an attacker wants to attack the IP address that connected to the site, they will attack the ____
instead of the client.

A

proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Additionally, proxy servers can implement _____, which stores web pages that are requested by the client. The next client that requests the same web page can retrieve the page more quickly because the proxy server can provide the web page without retrieving if from the Internet

A

caching

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A ____ proxy is what was previously described—the client sends the request to the proxy server and the proxy retrieves the resource out on the Internet and sends the response to the client.

A

forward

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A ____ proxy is used in a scenario in which you want a system on the Internet to be able to send a request to one of your internal systems, such as a web server or mail server. The direction of communications is reversed, but all communication still goes through the reverse proxy. The system on the Internet sends the request to the reverse proxy server, which then forwards the
request to the internal server after checking that the request is not malicious.

A

reverse

26
Q

A ____ proxy solution does not require any software or additional configuration on the client. You simply configure the IP default gateway setting to point to the proxy server. The user does not know they are configured for a proxy; they think the IP address of the default gateway is referring to the router address.

A

transparent

27
Q

A ____ proxy requires you to install a proxy client, or agent, and configure the applications to point to the proxy server for outbound requests.

A

nontransparent

28
Q

Proxy servers are also known as ___ ___ firewalls.

A

application-layer

29
Q

They can inspect the header as well as application data within the packet, known as the payload. For example, it can deny packets
containing suspicious commands. This allows filtering by source and destination IP addresses as well as by data type.

A

Application/Multipurpose Proxy

30
Q

What does ACL stand for?

A

Access Control List

31
Q

Network administrators secure information on the organization’s network by implementing permissions on the files and folders. This is known as building an…?

A

ACL

32
Q

By setting permissions on the files and allowing only a specific group of users access to the files, you are maintaining ___.

A

confidentiality

33
Q

ACLs come in three categories:

A

File System ACLs, Active Directory ACLs, and Networking
ACLs.

34
Q

With File System ACL, there are two steps to securing folders on a Windows server: secure the folder with ____ permissions, and then set share permissions when you share the folder out to the network.

A

NTFS

35
Q

What does NTFS stand for?

A

New Technology File System

36
Q

All modern Windows OSs should be using the NTFS rather than legacy file systems like FAT32, in part because NTFS has ___ ___, such as permissions, which ACLs manage.

A

extra features

37
Q

To set NTFS permissions, the storage drive must first be ____ as NTFS. If it is not NTFS, it can be converted. Once you set NTFS permissions, they will apply when the user accesses the folder either locally or from across the network.

A

formatted

38
Q

What are the commonly used NTFS permissions?

A
  1. List Folder Contents - Assigned to a folder; allows a user to view a contents list for the folder, but not necessarily to read the files in the folder.
  2. Read - Folder and file permission; enables a user to open and read the contents of files.
  3. Read and execute - Folder and file permission; allows users to read the contents of files and to execute an executable file.
  4. Write - File and folder permission; allows a user to modify the contents of a file (write to it) or to create a new file or folder within that folder.
  5. Modify - Folder or file permission; includes all permissions mentioned previously. Allows a user to read, execute, delete, list folder contents, and write to the contents of the folder or file.
  6. Full Control - Folder or file permission; gives a user all permissions possible. User will be able to modify the contents of the file and to change its permissions.
39
Q

The second step in setting permissions, after securing folder with NTFS permissions, is to “publish” the folder, in other words to share it on the network with shared user permissions. When a share permission is applied to a folder, remember that the permission
is applied to all subfolders and files as well.

A

Shared Folder Permissions

40
Q

What are the commonly used Shared Folder permissions?

A
  1. Read - Enables a user to open and read the contents of files within the share.
  2. Change - Enables a user to open and read the contents of files within the share, create new files, and change the contents of files within the share.
  3. Full Control - Enables a user to open and read the contents of files within the share, create new files, change the contents of files within the share, and change permissions on the share. This permission is typically not assigned to users on the network.
41
Q

Directory service (not just a directory) that stores information about all network resources such as servers, printers, individual user accounts, groups of user accounts, security policies, and other
information across a domain.

A

Active Directory

42
Q

Like firewalls, routers can control which traffic can enter or leave the network. ____ can be configured to regulate this inbound and outbound traffic. Cisco routers have a feature known as access lists, in which you can add rules that apply to packets which the packets then follow.

A

Networking Access Control Lists

43
Q

Cisco routers have two common types of access lists:

A

standard access lists and extended access lists

44
Q

A standard access list is assigned a number between _ and __ and can permit or deny traffic based only on the source IP address.

A

1 and 99

45
Q

Two steps are needed to configure standard access lists— define
the access list and then ___ ___ to an interface on the router

A

apply it

46
Q

With standard access lists, the first rule that matches a packet is
the rule that ___ ___ ___. Cisco routers have an implicit deny rule at the bottom of the access list by default.

A

the packet follows

47
Q

Extended access lists are built similarly to standard access lists but are assigned numbers ___ and ____.

A

100 and above

48
Q

Extended access lists can control traffic based on both the ___ and ___ IP address as well as protocol information in the packet. Once the extended access list is created, just like with the standard access list, it must be applied.

A

source and destination

49
Q

___ are designed to protect systems on one side of the firewall from systems on the other side by analyzing packets that reach the firewall and determining whether each packet is allowed to
pass through.

A

Firewalls

50
Q

By default, administrators should configure firewalls to…?

A

block all traffic

51
Q

There are two major classes of firewalls:

A

software-based
hardware-based

52
Q

Also known as an ___, ___, ___, a software-based firewall is a piece of software that is installed on a single system to protect that
one system.

A

application-based firewall
host-based firewall
personal firewall

53
Q

Host-based firewalls can be installed on any system, a computer or a server. Host- based firewalls have several common features:

A
  1. Block incoming traffic- Packets sent to the system from a host on the network or Internet can be blocked.
  2. Block outgoing traffic- Packets leaving the system headed out to the network or Internet can be blocked.
  3. Notifications- Most host-based firewalls can be configured to show a message if someone tries to connect to your system or if a program on your system tries to send data out on the network or Internet.
  4. A default rule- Once enabled, most firewalls have a default rule of denying all traffic unless you allow the traffic in (implicit deny). You can change the default rule of denying all traffic except the packets you specify.
  5. Create rules- Most firewalls allow you to add rules on top of the default rule to customize what traffic is permitted to enter or exit the system.
54
Q

Software-based firewalls can be installed from a third-party source or ____. Windows OS’s include Windows Firewall.

A

included with an OS

55
Q

The firewall included with Windows operating systems.

A

Windows Firewall

56
Q

The firewall included with Windows operating systems have the following features:

A
  1. Allow a program or feature through Windows Firewall.
  2. Change notification settings- Turns Windows Firewall on or off and configures whether you wish to be notified if Windows Firewall blocks a program.
  3. Turn Windows Firewall on or off- Turns Windows Firewall on or off for specific network locations and configures whether you wish to be notified if Windows Firewall blocks a program.
  4. Restore defaults.
  5. Advanced settings- Allows you to control detailed inbound and outbound rules
57
Q

Also known as a network-based firewall, a ____ sits at the edge of a network and controls what traffic is allowed to enter and leave the network.

A

Hardware-based firewall

58
Q

What are the four types of hardware-based firewalls?

A

Packet-Filtering Firewall
Stateful Packet Inspection Firewall
Application-Layer Firewall
Linux Firewall

59
Q

The following describes which type of hardware-based firewall?

Also known as a stateless firewall, a __-__ firewall can block or allow traffic through. Filtering is based on the source or destination IP address and the source or destination port number. Administrators specify rules that control what type of traffic is to be blocked. The packet header includes the source/destination IP addresses and port numbers, which is what stateless firewalls inspect to determine what to filter. An attacker could alter the header to match what the firewall will allow inside.

A

Packet-Filtering Firewall

60
Q

The following describes which type of hardware-based firewall?

Like packet-filtering firewalls, ___ ___ ___ firewalls can filter traffic based on the sources and destination IP address or port number. It can also look at the context of the conversation and determine if the packet should be received at that point in the conversation. For example, if a TCP connection has not been established through a three-way handshake, the packet will not be allowed inside.

A

Stateful Packet Inspection Firewall

61
Q

The following describes which type of hardware-based firewall?

The _____ firewall combines features of the packet-filtering firewall and the stateful packet inspection firewall. _____ firewalls are also known as application/multipurpose proxy servers.

A

Application-Layer Firewall

62
Q

The following describes which type of hardware-based firewall?

Iptables is a command-line firewall utility that uses policy chains to allow or block network traffic. When a connection tries to establish itself on a system, Iptables looks for a rule in the list to match it to. If it doesn’t find one, it resorts to the default action. Iptables gets its name from the tables of rules that control what traffic is allowed to enter or leave the system or to be forwarded on to another system. The three main tables are:
* Input- Controls what traffic is allowed to pass through the network card into the ____ system.
* Output- Controls what traffic is allowed to pass through the network card out of the ____ system.
* Forward- Forwards a packet from the ____ system on to another system.

A

Linux Firewall

Block 5 - Cyber Security (24 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions