Chapter 7 - Host, Data, and Application Security Flashcards
what is the most common approach to implementing a database?
7 - 215
relational database
this language is the most commonly used language when speaking to databases
7 - 216
Structured Query Language
Contrast the 3 database system models.
7 - 216
one tier - database and application exist on a single system
two tier - client workstation runs an application that communicates with the database that is running on a different server
three tier - there is a middle tier server that operates between the client and the database server
there is a difference in benefits between the SQL server and the NoSQL server. what is that difference?
7 - 217
NoSQL can handle structured, semistructured, and unstructured data. SQL is good for structured data
what’s the problem with Big Data?
7 - 218
hard to manage
you have a mini-network with one purpose: store data. what is this network called?
7 - 218
Storage Area Network (SAN)
what is fuzzing?
7 - 218
providing unexpected values as input to an application in order to make it crash
how can you prevent fuzzing?
7 - 218
make sure your input is of the expected type
what is the only prevention for cross-site scripting and sql injection?
7 - 218
secure coding
what is OWASP?
7 - 219
voluntary group dedicated to forming secure coding practices for web-based applications
there is another group responsible for secure coding. what is that group?
7 - 219
CERT, the Computer Emergency Response Team
can baselining be done with metrics, applications, or both?
7 - 219
both
tell me the difference between a hotfix, a patch, and a service pack? how are they similar?
7 - 220
hotfix - immediate and urgent, applied to the system
patch - additional functionality, non urgent fix
service pack - cumulative assortment of hotfixes and patches
similar because they are all patches to the operating system
tell me the 5 user permissions, going from least restrictive to most restrictive
7 - 220,221
full control modify read and execute read write
in your own words, tell me what an access control list is
7 - 221
a list of who can access what resource and at what level
there are 6 things you can do to keep hosts safe from malware. what are they?
7 - 221, 222
install antivirus software install antispam filters install antispyware software use pop-up blockers use host-based firewalls use host-based IDSs
true-false: a web application firewall can look at every single request between a web client and a web server for the purpose of identifying attacks
7 - 226
true
security baselining is also known as performance baselining. what input does it provide?
7 - 227
the input needed to design, implement, and support a secure network
what two things can you do to harden your web servers?
7 - 228
run filters to limit traffic to what is required and only what is required
only run scripts that have been tested, debugged, and approved for use
what can you do to harden your email servers?
7 - 228
use an active virus scanner
other than replacing your FTP server with SFTP, what are four things you can do to harden your FTP servers?
7 - 229,230
create a separate drive or sub-directory on the system to allow file transfers
use VPN or SSH connections for FTP type activities
use separate logon accounts and passwords for FTP access
always disable the anonymous user account
how can you minimize DNS DoS attacks?
7 - 230
keep the server software and OS software updated and make sure to use two-factor authentication
attackers use footprinting to find a means of entering your network and learning its configuration. what can you do to dash away their dreams?
7 - 231
the network information you have on an external DNS server should be kept to a bare minimum
what will happen if a bogus record is inserted into a DNS server?
7 - 231
the record will point to the location the attacker intends to compromise rather than to a legitimate site.
what happens in DNS poisoning? how is the stolen information used?
7 - 231
a daemon caches DNS reply packets.
info is used in a break-in or man-in-the-middle attack
briefly describe the three types of backups
7 - 233
full - all changes to the data are archived
differential - all changes since the last full backup are archived
incremental - all changes since the last backup of any type are archived
there are 7 types of RAID. list them.
7 - 235
0 - striped disks. minimum 2 disk, no fault tolerance.
1 - mirroring. minimum 2 disks
3/4 - striped disks with dedicated parity. 3 or more disks.
5 - striped disks with distributed parity, 3 or more disks.
6 - striped disks with dual parity, 4 or more disks
1+0 - a stripe of mirrors, 4 disks minimum
0+1 - mirror of stripes, 4 disks minimum
when you have multiple computers working together a a single server, what is that called?
7 - 235
clustering
what can you do to obtain high availability?
7 - 235
load balancing
there is a list of application security issues you should be aware of. list them for me.
7 - 235
key management - cryptography and keys
credential management - user names and passwords
authentication - problem in mobile devices
geo-tagging - GPS
encryption - increases security
application white-listing - list of apps allowed on network
transitive trust/authentication - A=B=C
what does DLP do?
7 - 236
data loss prevention, makes sure data isn’t deleted or removed. RSA is a DLP product.
tell me what TPM stands for and what it does?
7 - 237
Trusted Platform Module
assists with hash key generation
