C836 Ch. 11 Flashcards

1
Q

Operating system hardening

A

The process of reducing the number of available avenues through which our operating system might be attacked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Attack surface

A

The total of the areas through which our operating system might be attacked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Name the six main hardening categories

A
  1. Removing unnecessary software
  2. Removing or turning off unessential services
  3. Making alterations to common accounts
  4. Applying the principle of least privilege
  5. Applying software updates in a timely manner
  6. Making use of logging and auditing functions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The principle of least privilege

A

A principle that states we should only allow a party the absolute minimum permission needed for it to carry out its function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A particularly complex and impactful item of malware that targeted the Supervisory Control and Data Acquisition (SCADA) systems that run various industrial processes; this piece of malware raised the bar for malware from largely being a virtual-based attack to actually being physically destructive

A

Stuxnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Anti-malware tool

A

A type of tool that uses signature matching or anomaly detection (heuristics) to detect malware threats, either in real-time or by performing scans of files and processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Heuristics

A

The process of anomaly detection used by anti-malware tools to detect malware without signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Executable space protection

A

A hardware- and software-based technology that prevents certain portions of the memory used by the operating system and applications from being used to execute code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Buffer overflow attack

A

The act of inputting more data than an application is expecting from a particular input, creating the possibility of executing commands by specifically crafting the excess data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Address space layout randomization (ASLR)

A

A security method that involves shifting the contents of memory around to make tampering difficult

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Software firewall

A

This type of firewall generally contains a subset of the features on a large firewall appliance but is often capable of similar packet filtering and stateful packet inspection activities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Host intrusion detection system (HIDS)

A

A system used to analyze the activities on or directed at the network interface of a particular host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Scanner

A

A type of tool that can detect various security flaws when examining hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Vulnerability assessment tool

A

A tool that is aimed specifically at the task of finding and reporting network services on hosts that have known vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Nessus

A

A well-known vulnerability assessment tool (it also includes a port scanner)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Exploit framework

A

A group of tools that can include network mapping tools, sniffers, and exploits

17
Q

Exploits

A

Small bits of software that take advantage of flaws in other software or applications in order to cause them to behave in ways that were not intended by their creators

18
Q

Name three examples of exploit frameworks

A

Metasploit, Immunity CANVAS, Core Impact