Chapter 11

Question 1

Ways in which we can decrease our attack surface

Answer 1

1. Removing unnecessary software
2. Removing Unessential services
3. Alter default accounts
4. Use the Principles of Least Privilege
5. Perform updates in a timely manner
6. Implement logging and auditing functions

Question 2

Detects threats

Answer 2

Anti-Malware

Question 3

A technology that prevents the operating system and applications from using certain portions of the memory to execute code. Requires both a hardware component and a software component.

Answer 3

Executable Space Protection

Question 4

What does Intel call their implemented Executable Space Protection components?

Answer 4

Execute Disable

Question 5

What does AMD call their implemented Executable Space Protection components?

Answer 5

Enhanced Virus Protection

Question 6

An attack that works by inputting more data than an application is expecting. (entering 10000 characters into a field that was only expecting 10

Answer 6

Buffer Overflow

Question 7

Contains a subset of the features we might find on a large firewall appliance

Answer 7

Software Firewall

Question 8

HIDS

Answer 8

Host Intrusion Detection System

Question 9

NIDS

Answer 9

Network Intrusion Detection System

Question 10

Are used to analyze the activities on or directed at the network interface of a particular host. (Reduces scope of features than a Network Intrusion Detection System)

Answer 10

Host Intrusion Detection System

Question 11

Aimed at finding and reporting network services on hosts that have known vulnerabilites

Answer 11

Vulnerability Assessment Tools

Question 12

A collection of prepackaged exploits and tools, such as network mapping tools and sniffers

Answer 12

Exploit Framework