Ch5: Securing Hosts and Data Flashcards

1
Q

Least functionality

A

A core security principle stating that systems should be deployed with the least amount of applications, services, and protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Trusted OS

A

A trusted OS meets a set of predetermined requirements, such as those identified in the Common Criteria. Uses the MAC (mandatory access control) model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A master image provides

A

a secure starting point for systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Admins create master images with templates or other tools to…

A

create a secure baseline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Integrity measurements discover…

A

when a system deviates from the baseline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The WannaCry ransomware worked only because…

A

Systems were not kept up-to-date with current patches. Microsoft had released an update to the known vulnerability two months before the attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Patch management ensures

A

OS’s and applications are up to date with current patches to protect systems against known vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Change management

A

Defines the process and accounting structure for handling modifications and upgrades. Goal is to provide documentation for all changes and reduce risks related to unintended outages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Application whitelist

A

List of authorized software that prevents users from installing or running software that isn’t on the list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Application blacklist

A

List of unauthorized software that prevents users from installing or running software on the list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Sandboxing

A

The use of an isolated area, often used for testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

I can create a sandbox with…

A

A VM or the chroot command on Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Secure deployment environment includes

A

Development, testing, staging, and production elements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Secure systems design considers…

A

Electromagnetic interference (EMI) and electromagnetic pulse (EMP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

EMI sources

A

Motors, power lines, fluorescent lights. Can be prevented with shielding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Mild forms of EMP

A

Electrostatic discharge and lightning. Systems can be protected from these

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

TPM

A

Trusted Platform Module is a hardware chip included on many laptops and mobile devices that includes a unique RSA asymmetric key burned into the chip and provides a hardware root of trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

TPM provides

A

Full disk encryption and supports a secure boot process and remote attestation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

HSM

A

Hardware security module is a removable or external device that can generate, store, and manage RSA keys used in asymmetric encryption. Many server-based applications use an HSM to protect keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

SaaS

A

Software as a Service cloud-based technologies includes any software or application provided to users over a network like the Internet, such as web-based email

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

PaaS

A

Platform as a Service provides customers with a fully managed platform, which the vendor keeps up to date with current patches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

IaaS

A

Infrastructure as a Service provides customers with access to hardware in a self-managed platform

23
Q

CASB

A

A cloud access security broker is a software tool deployed between an organization’s network and the cloud provider that provides Security as a Service by monitoring traffic and enforcing security policies

24
Q

Private clouds

A

Only available for one organization

25
Q

Public cloud services

A

…are provided by 3rd-party companies and available to anyone

26
Q

Community cloud

A

Shared by multiple organizations

27
Q

Hybrid cloud

A

Combination of 2 or more clouds

28
Q

COPE devices

A

Corporate-owned, personally enabled devices are owned by the organization but employees can use them for personal reasons

29
Q

BYOD

A

A bring your own device policy allows employees to connect their own personal devices to the corporate network

30
Q

CYOD

A

A choose your own device policy includes a list of approved devices. Employees with a device on the list can connect to the network

31
Q

VDI

A

A virtual desktop infrastructure is a virtual desktop and these can be created so that users can access them from a mobile device

32
Q

MDM tools help…

A

Mobile device management tools help enforce security policies on mobile devices.

33
Q

MDM tools include

A

Use of storage segmentation, containerization, full disk encryption, and enforcing strong authentication methods to prevent unauthorized access.

34
Q

Remote wipe

A

sends a signal to a lost or stolen device to erase all data

35
Q

Geolocation

A

Uses GPS and can help locate a lost or stolen device

36
Q

Geofencing

A

creates a virtual fence or geographic boundary and can be used to detect when a device is within an organization’s property

37
Q

GPS tagging

A

adds geographical data to files such as pictures

38
Q

Context-aware authentication

A

uses multiple elements to authenticate a user and a mobile device

39
Q

Jailbreaking

A

removes all software restrictions from an Apple device

40
Q

Rooting (android)

A

modifies an Android device, giving users root-level access to the device. Overwriting the firmware with custom firmware is one way (“another way”) to root an Android device

41
Q

Sideloading

A

The process of installing software on an Android device from a source other than an authorized store

42
Q

Tethering

A

The process of sharing a mobile device’s Internet connection with other devices

43
Q

Wi-Fi Direct

A

A standard that allows devices to connect without a wireless access point or wireless router

44
Q

You can use what to prevent tethering or Wi-Fi Direct Internet access?

A

MDM tools can block access to devices using tethering or Wi-Fi Direct to access the Internet

45
Q

Embedded system

A

Any device that has a dedicated function and uses a computer system to perform that function. Includes any IoT devices such as wearable technology and home automation systems

46
Q

SCADA system

A

A supervisory control and data acquisition system has embedded systems that control an industrial control system (ICS) such as one used in a power plant or water treatment facility

47
Q

Primary methods of protecting confidentiality of data

A

encryption and strong access controls

48
Q

Database column encryption

A

protects individual fields within a database

49
Q

File/folder-level protection

A

protects individual files

50
Q

Full disk encryption

A

protects entire disks

51
Q

chmod

A

changes permissions on linux systems

52
Q

Data exfiltration

A

the unauthorized transfer of data out of a network

53
Q

DLP techniques

A

Data loss prevention techniques can block the use of USB devices to prevent data loss and monitor outgoing email traffic for unauthorized data transfers

54
Q

Cloud-based DLP

A

can enforce security policies for data stored in the cloud, such as ensuring that Personally Identifiable Information (PII) is encrypted