CHAPTER 5.1 Flashcards

1
Q

Common Type of Attacks

A

Network scanner applications that probe systems for unguarded ports, which can used to gain
access to the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Common Type of Attacks

A

Trojan horse
* applications that open a connection to a computer on the Internet, enabling
an attacker on the outside to run programs and store/retrieve data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Common Type of Attack

A

Social engineering
* Attackers obtain passwords by illicit means and then use remote access
technologies to log on to a computer from another location and compromise
its data and programming.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Common Type of Attack

A

Denial of service attacks
* uses authorized access points to bombard a system with traffic, preventing
legitimate traffic from reaching the computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Motivation for Network Attacks

A

Profit .An individual who wants to hack valuable information for
resale or obtain a ransom to stop an attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Motivation for Network Attacks

A

Revenge A discontented employee who feels offended by an
organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Motivation for Network Attacks

A

Publicity A person or team that performs a high-profile attack to
obtain notoriety

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Motivation for Network Attacks

A

Espionage A person who spies on government or organizations to
obtain network information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Motivation for Network Attacks

A

Personal satisfaction A person or team that may attack networks as a hobby or
to boost their egos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Motivation for Network Attacks

A

Terrorism A person or group that may impair societal infrastructure
and apply pressure on groups or governments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Common Network Vulnerabilities

A

Account passwords * Password is either too simple or shared among users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Audit settings.

A

. Auditing is not enabled, thus unable to detect or
report an attack that has occurred

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

User rights

A

User rights are not restricted to the minimum
User rights requirements to perform necessary tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Service

A

Any service or application may have flaws, making the
computer vulnerable to attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Key Security Principles

A

Defense-in-Depth * Provide multiple layers of protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Key Security Principles

A

Least privilege
* Grant the least amount of permission necessary to
perform required tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Key Security Principles

A

Minimized attack surface
* Reduce the number of vulnerable points on the
network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Defense-indepth

A

Defense-in-depth uses a
layered approach to
security

19
Q

Server Hardening

A

Server Hardening is the process of enhancing server security through
a variety of means which results in a much more secure server
operating environment.

20
Q

Best practices to increase security:

A

Stop and/or uninstall unneeded services
* Close unneeded ports
* Minimise software installations
* Keep security patches up to date

21
Q

Vulnerability Scanning

A

Microsoft Baseline Security Analyzer
* Analyze server security state in accordance with
Microsoft security recommendations

22
Q

It detects

A

common administrative vulnerabilities
* missing security updates

23
Q

what is security templates

A

Security templates are files that you use to manage and
configure security settings on Windows-based computers.

24
Q

Areas where security settings can be applied:

A

Account Policies, Local Policies, * Event Log, Restricted Groups

25
Q

User Account Control (UAC)

A

Security mechanism that prevents unauthorized changes to the OS without the approval
from the administrator

26
Q

User Account Control (UAC)

A

UAC prompt notifies the user if a program is about to make a system change that requires
the approval of an administrator or request for the administrator’s password or pin.

27
Q

Secure Desktop

A

The secure desktop is an alternative to the interactive user desktop
that Windows normally displays

28
Q

what does secure desktop do

A

When an elevation or credential prompt is generated, the system
switches to the secure desktop

29
Q

AppLocker

A

An application control policy designed to identify software
and control its execution.

30
Q

what does applocker do

A

It control in preventing potentially dangerous
applications from running.
* Control who is affected by the policies.

30
Q

Creating Rules Manually

A

Use a wizard-based interface

31
Q

Action

A

Allow or deny the user or group access to the resource.
In AppLocker, explicit deny rules always override allow rules.

31
Q

User or group

A

Specifies the name of the user or group to which
the policy should apply.

32
Q

Conditions

A

Specifies type of rules : publisher, path, or file hash
rule. The wizard generates an additional page to configure the
parameter.

33
Q
  • Exceptions
A

Specify exceptions to the rule you create, using any
of the three conditions: publisher, path, or file hash.

34
Q

what is firewall

A

A firewall is a software program
that

35
Q

what does firewall do

A

protects a computer or a
network by allowing certain
types of network traffic in and
out of the system while blocking
others.

36
Q

what does firewall do

A

uses filters to examine the
contents of packets and traffic
patterns to determine which
packets they should allow to
pass through the filter.

37
Q

configure the firewall by using

A

Basic Firewall configuration in Control Panel

38
Q

configure the firewall by using

A

Windows Firewall with Advanced Security

39
Q

Firewall Settings

A

IP addresses

40
Q

Firewall Settings

A

Protocol numbers

41
Q

Firewall Settings

A

Port numbers: