Chapter 2 Monitoring and Diagnosing Networks Flashcards
Application Log
contains carious events logged by applications or progarams
Security Log
logs successful and unsuccessful log on attempts
Hardening
applied to operating systems. Lock down, the operating system
File and print services
Primary vulnerable to denial of service (DOS) and access attacks
Services
Are programs that run when the operating system boots and are often running in the background
Networks with PC-Based Systems
make sure that NetBIOS services are disabled on servers or that an effective firewall is in place between the server and the internet
Directory sharing
should be limited to what is essential to performing systems functions
Performance Monitor
used to examine activity on any computer
Patch
update to a system
File Systems
FAT- designed for relatively small disk drives/ allows only two types of protection share level and user level
NTFS- files. directories and volumes can each have their own security
802.1x
port based security for wireless network access control
Security Audits
an integral part of continuous security needs and budget
Alarms
indications of an ongoing current problem
Alerts
Issues to which you need to pay attention to
Trends
threats that are fashionably used/ fads
Honeypot
a computer that has been designated as a target for computer attacks.
Enticement
the process of luring someone into your plan or trap
Entrapment
the process in which a law enforcement officer or a government agent encourages or induces a person to commit a crime
Rouge Machine
an intruder/unauthorized machine in the network
Remediation Policy
When a gap in the security posture can be an opening for security risk
Promiscuous Mode
PC and network card must be in this mode for network monitoring
Sniffer
monitors network traffic and displays traffic in real time
ipconfig /all
Command to find MAC addresses for windows based machine
ifconfig /all
Command to find Mac addresses for Linux based machine