Chapter 7 Host, Data and Application Security

Question 1

Relational Database

pg.216

Answer 1

most common approach to database implementation. Technology allows data to be viewed in dynamic ways based on the users or administrator’s needs

Question 2

One-Tier Model or Single-Tier environment

pg.216

Answer 2

database and the application exist on a single sytem

Question 3

Two-Tier Model

pg.217

Answer 3

Two-tier Model the client workstation or system runs an application that communicates with the database that is running on a different server

Question 4

Third-Tier Model

pg.217

Answer 4

effectively isolates the end user from the database by introducing a middle term/third-tier model. Accepts clients requests from clients, evaluates them, and sends them back

Question 5

No SQL

pg.217

Answer 5

More servers on for database management. . Its relatively a new concept.

Question 6

Big data

pg.218

Answer 6

organizations have to store extremely large amounts of data, often many terabytes

Question 7

SAN

pg.218

Answer 7

storage are network as a separate network set up to appear as a server to the main organizational network

Question 8

Fuzzing

pg.

Answer 8

the technique of providing unexpected values, numerical values as input to an application in order to make it crash

Question 9

Secure Coding

pg.218

Answer 9

can best prevent many attack. Cross site scripting and SQL injection

Question 10

OWASP

pg.219

Answer 10

Open Web Application Security Project is a voluntary group dedicated to forming secure coding practices for web based applications as well as mobile and client applications along the back end design issues. Organization has a range of coding standards, most fundamental is security validation

Question 11

Cert Secure Coding Standards

pg.219

Answer 11

Computer Emergency Response Team (cert) at Carnage Mellon University also details standards for coding

Question 12

Baselining

pg.219

Answer 12

involves comparing performance to a metric. Can be done with any metric such as a network performance or CPU usage as well as with applications

Question 13

Metric

pg.219

Answer 13

a historical measure that you can point to and identify as coming before a configuration change

Question 14

Hotfix

pg.220

Answer 14

an immediate and urgent patch. Applied to the system

Question 15

Patch

pg.220

Answer 15

provides some additional functionality or a non urgent fix

Question 16

Service Pack

pg.220

Answer 16

are a cumulative assortment of the hotfixes and patches to. Always tested first before being applied

Question 17

Permissions

pg.220

Answer 17

the most basic aspect of security

Question 18

Full control

pg.220

Answer 18

user can only read, execute and write and can also assign permissions to other uses

Question 19

Modify

pg.221

Answer 19

Is the same as read and write. with delete added

Question 20

Read and Execute

pg.221

Answer 20

not all files are documents so the read and execute programs

Question 21

Read

pg.221

Answer 21

the user can read but not to modify the file

Question 22

Write

pg.221

Answer 22

allows permission to modify the file

Question 23

Anti-virus

pg.221

Answer 23

Access and Control, authentication and authorization should be installed on workstations and servers. Actively monitoring of incoming files, scans should be conducted regularly

Question 24

Antispam filters

pg.221

Answer 24

are needed to keep the majority of this unwanted email from reaching the users

Question 25

Firewall

pg,222

Answer 25

first line of defense against attackers and malware.

Question 26

Security baseline

pg.226

Answer 26

defines the level of security that will be implemented and maintained for your organization

Question 27

Performance baseline

pg.227

Answer 27

provides the input needed to design, implement and support a secure network

Question 28

Filters

pg.228

Answer 28

allow you to limit the traffic to only that which is requested for your business can help ward off attacks

Question 29

FTP services

pg.229

Answer 29

aren’t intended for high security applications because of their inherent weaknesses

Question 30

Domain Name Service Denial of Service Attacks

pg.230

Answer 30

primarily aimed at DNS servers intended to disrupt the operations of servers making the system unusable

Question 31

Foot printing

pg.230

Answer 31

the act of gathering data about a network int order to find ways that someone might intrude

Question 32

Full Back up

pg.233

Answer 32

all changes to the data are archived

Question 33

Differential Backup

pg.233

Answer 33

all changes since the last full back up are archived

Question 34

Incremental Back up

pg.233

Answer 34

All changes since the last backup of any type are archived

Question 35

Geo-Tagging

pg.236

Answer 35

allows GPS coordinates to accompany a file such as an image

Question 36

Application White Listing

pg.236

Answer 36

are lists of those items that are allowed . Applications are approved and accepted on your network

Question 37

Data Loss Prevention

pg.236

Answer 37

Monitors the content of systems to make sure that key content is not deleted or removed

Question 38

Trusted Platform Module

pg.237

Answer 38

used to assist with hash key generation.assigned to a chip that can store cryptographic keys. passwords or certificates