Chapter 11 Flashcards
Ways in which we can decrease our attack surface
- Removing unnecessary software
- Removing Unessential services
- Alter default accounts
- Use the Principles of Least Privilege
- Perform updates in a timely manner
- Implement logging and auditing functions
Detects threats
Anti-Malware
A technology that prevents the operating system and applications from using certain portions of the memory to execute code. Requires both a hardware component and a software component.
Executable Space Protection
What does Intel call their implemented Executable Space Protection components?
Execute Disable
What does AMD call their implemented Executable Space Protection components?
Enhanced Virus Protection
An attack that works by inputting more data than an application is expecting. (entering 10000 characters into a field that was only expecting 10
Buffer Overflow
Contains a subset of the features we might find on a large firewall appliance
Software Firewall
HIDS
Host Intrusion Detection System
NIDS
Network Intrusion Detection System
Are used to analyze the activities on or directed at the network interface of a particular host. (Reduces scope of features than a Network Intrusion Detection System)
Host Intrusion Detection System
Aimed at finding and reporting network services on hosts that have known vulnerabilites
Vulnerability Assessment Tools
A collection of prepackaged exploits and tools, such as network mapping tools and sniffers
Exploit Framework