Chapter 7 - Host, Data, and Application Security

Question 1

what is the most common approach to implementing a database?

7 - 215

Answer 1

relational database

Question 2

this language is the most commonly used language when speaking to databases

7 - 216

Answer 2

Structured Query Language

Question 3

Contrast the 3 database system models.

7 - 216

Answer 3

one tier - database and application exist on a single system
two tier - client workstation runs an application that communicates with the database that is running on a different server
three tier - there is a middle tier server that operates between the client and the database server

Question 4

there is a difference in benefits between the SQL server and the NoSQL server. what is that difference?

7 - 217

Answer 4

NoSQL can handle structured, semistructured, and unstructured data. SQL is good for structured data

Question 5

what’s the problem with Big Data?

7 - 218

Answer 5

hard to manage

Question 6

you have a mini-network with one purpose: store data. what is this network called?

7 - 218

Answer 6

Storage Area Network (SAN)

Question 7

what is fuzzing?

7 - 218

Answer 7

providing unexpected values as input to an application in order to make it crash

Question 8

how can you prevent fuzzing?

7 - 218

Answer 8

make sure your input is of the expected type

Question 9

what is the only prevention for cross-site scripting and sql injection?

7 - 218

Answer 9

secure coding

Question 10

what is OWASP?

7 - 219

Answer 10

voluntary group dedicated to forming secure coding practices for web-based applications

Question 11

there is another group responsible for secure coding. what is that group?

7 - 219

Answer 11

CERT, the Computer Emergency Response Team

Question 12

can baselining be done with metrics, applications, or both?

7 - 219

Answer 12

both

Question 13

tell me the difference between a hotfix, a patch, and a service pack? how are they similar?

7 - 220

Answer 13

hotfix - immediate and urgent, applied to the system
patch - additional functionality, non urgent fix
service pack - cumulative assortment of hotfixes and patches

similar because they are all patches to the operating system

Question 14

tell me the 5 user permissions, going from least restrictive to most restrictive

7 - 220,221

Answer 14

full control
modify
read and execute
read
write

Question 15

in your own words, tell me what an access control list is

7 - 221

Answer 15

a list of who can access what resource and at what level

Question 16

there are 6 things you can do to keep hosts safe from malware. what are they?

7 - 221, 222

Answer 16

install antivirus software
install antispam filters
install antispyware software
use pop-up blockers
use host-based firewalls
use host-based IDSs

Question 17

true-false: a web application firewall can look at every single request between a web client and a web server for the purpose of identifying attacks

7 - 226

Answer 17

true

Question 18

security baselining is also known as performance baselining. what input does it provide?

7 - 227

Answer 18

the input needed to design, implement, and support a secure network

Question 19

what two things can you do to harden your web servers?

7 - 228

Answer 19

run filters to limit traffic to what is required and only what is required

only run scripts that have been tested, debugged, and approved for use

Question 20

what can you do to harden your email servers?

7 - 228

Answer 20

use an active virus scanner

Question 21

other than replacing your FTP server with SFTP, what are four things you can do to harden your FTP servers?

7 - 229,230

Answer 21

create a separate drive or sub-directory on the system to allow file transfers
use VPN or SSH connections for FTP type activities
use separate logon accounts and passwords for FTP access
always disable the anonymous user account

Question 22

how can you minimize DNS DoS attacks?

7 - 230

Answer 22

keep the server software and OS software updated and make sure to use two-factor authentication

Question 23

attackers use footprinting to find a means of entering your network and learning its configuration. what can you do to dash away their dreams?

7 - 231

Answer 23

the network information you have on an external DNS server should be kept to a bare minimum

Question 24

what will happen if a bogus record is inserted into a DNS server?

7 - 231

Answer 24

the record will point to the location the attacker intends to compromise rather than to a legitimate site.

Question 25

what happens in DNS poisoning? how is the stolen information used?

7 - 231

Answer 25

a daemon caches DNS reply packets.

info is used in a break-in or man-in-the-middle attack

Question 26

briefly describe the three types of backups

7 - 233

Answer 26

full - all changes to the data are archived
differential - all changes since the last full backup are archived
incremental - all changes since the last backup of any type are archived

Question 27

there are 7 types of RAID. list them.

7 - 235

Answer 27

0 - striped disks. minimum 2 disk, no fault tolerance.
1 - mirroring. minimum 2 disks
3/4 - striped disks with dedicated parity. 3 or more disks.
5 - striped disks with distributed parity, 3 or more disks.
6 - striped disks with dual parity, 4 or more disks
1+0 - a stripe of mirrors, 4 disks minimum
0+1 - mirror of stripes, 4 disks minimum

Question 28

when you have multiple computers working together a a single server, what is that called?

7 - 235

Answer 28

clustering

Question 29

what can you do to obtain high availability?

7 - 235

Answer 29

load balancing

Question 30

there is a list of application security issues you should be aware of. list them for me.

7 - 235

Answer 30

key management - cryptography and keys
credential management - user names and passwords
authentication - problem in mobile devices
geo-tagging - GPS
encryption - increases security
application white-listing - list of apps allowed on network
transitive trust/authentication - A=B=C

Question 31

what does DLP do?

7 - 236

Answer 31

data loss prevention, makes sure data isn’t deleted or removed. RSA is a DLP product.

Question 32

tell me what TPM stands for and what it does?

7 - 237

Answer 32

Trusted Platform Module

assists with hash key generation