Chapter 7 Security Flashcards
A mantrap is:
an area with two locking doors
A mantrap essentially:
slows down the entry process in hopes that people sneaking in behind others will be thwarted before gaining entry to the secure area
Badge readers are:
devices that can interpret the data on a certain type of ID
ID badges and readers can use a variety of physical security methods, including the following:
Photos
Barcodes and magnetic strips
RFID technology
Barcodes embedded on ID badges and readers enable:
the cards to carry a range of information about the bearers and can limit individuals’ access to only authorized areas of building
ID badges and readers with RFID chips can:
be used to open only doors that are matched to the RFID chip
A smart card is:
a credit-card sized card that contains stored information and might also contain a simple microprocessor or an RFID chip
Smart card can be used to store:
identification for use in security applications
store values for use in prepaid telephone and debit card services, hotel guest room access and many other functions
Smart cards are available in 2 form factors:
contact
contactless
Contactless cards are also known as:
proximity cards
Contactless card readers are usually:
wall mounted so users can scan their cards within 6 inches of a reader
A smart card-based security system includes:
smart cards
card readers that are designed to work with smart cards
a back-end system that contains a database that stores a list of approved smart cards for each secured location
A smart card-based security system can also be used to:
secure individual personal computers
The best way to deter a thief is to:
use a mix of technical barriers and human interaction
When employees enter the work area in the presence of a guard, it is more likely that:
the best practices will be followed and everyone will scan in and be authenticated
Without a guard in the work area it is more common for:
people to hold the door for people who are recognized but say they have misplaced their IDs
Another way to deploy guards besides in the work area is to:
have them watch several areas via security cameras that record access into and out of the buildings
The easiest way to secure an area is to:
lock doors
Aside from main entrances, you should also always lock:
server rooms
wiring closets
labs
other technical rooms when not in use
Physical door locks might seem low tech, but they can’t be:
taken over by hackers
Other precautions to take besides locking doors include:
documenting who has keys to server rooms
wiring closets and periodically changing locks and keys
Cipher locks on a door uses:
punch codes
Biometric security refers to:
the use of a person’s biological information to authenticate potential users of a secure area
The most common type of biometric security for PCs is:
fingerprint based
Examples of biometric security include:
fingerprint scanning
retina scanning
facial recognition
What is a token?
Any physical device that a user must carry to gain access to a specific system
Examples of a token are:
smart cards
RFID cards
USB tokens
key fobs
Where is the security slot on a laptop typically located?
near a rear corner
Rack-level security involves:
locking down equipment in a server rack
Rack-level security can be done with:
cabinets or cages with secure biometric locks or perhaps keycards that can be changed often
Besides cabinets or cages in a data center, what else is appropriate to use for security?
Security cameras
USB locks can be used to:
secure USB cables into the computer and to securely plug empty USB ports
Data on a computer screen can be easily protected by installing a:
privacy screen
A privacy screen is a:
transparent cover for a PC monitor or laptop display that reduces the cone of vision, usually about 30 degrees, so that only the person directly in front of the screen can see the content
Many privacy screens are also:
antiglare, helping to reduce the user’s eye strain
Key fobs can contain:
RFID chips
Many key fobs are used as part of a two-step authentication protocol as follows:
The user carries a key fob that generates a code every 30 to 60 seconds. Every time the code changes on the fob, it is also matched in the authentication server. In some cases the user must also log into the fob to see the access code for an extra layer of security
The user then logs into the system or restricted area, using the randomly generated access code displayed on the key fob’s LCD display
An entry control roster is:
a list of individuals or representatives who are authorized to enter a secured area
A keypad lock on an entrance to a secure area can:
store a list of authorized PINs
Active Directory is:
a Microsoft solution for managing users, computers, and information access in a network
Active Directory is based on:
a database of all resources and users that will be managed within the network. The information in the database determines what people can see and do within the network
Here are the basics for Active Directory:
Login script
Domain
Group Policy
Organization Unit (OU)
Home folder
Folder redirection
Explain login script for Active Directory:
When a user logs onto the network, Active Directory knows who that user is and runs a login script to make the assigned resources available
Explain domain for Active Directory:
The domain is a computer network or group computer networks under one administration
Explain Group Policy for Active Directory:
This is a set of rules and instructions defining what a user or group of users can or cannot do when logged into the domain
The term Group Policy Object (GPO) is:
a set of instructions assigned to a group of users or to certain machines on the network
Explain Organizational Unit (OU) for Active Directory:
logical groups that help organize users and computers so that Group Policy Object (GPO) may give them special access to financial records
Explain home folder for Active Directory:
This folder is accessible to the network administrator and is where the user’s data and files are kept locally
Explain Folder redirection for Active Directory:
This allows for the work done by an Organizational Unit (OU) to be saved on a common folder in the domain as directed by the administrator instead of the user
Software tokens are different than regular tokens because:
they exist in software and are commonly stored on devices
An example of a software token is:
Google Authenticator which is an app that is downloaded to a device and provides a shared secret key
A suite of software known as mobile device management (MDM) is used for:
Organizations that have many mobile devices that need to administer them such that all devices and users comply with the security practices in place
Good mobile device management (MDM) software do these things:
secures
monitors
manages
supports multiple different mobile devices across the enterprise
Disabling ports refers to:
using a firewall appliance of software firewall to prevent specified UDP or TCP ports from being used by a service, an app, a specific device, or all devices
Turning off unused ports makes it:
harder for hackers to find stealth access into a machine
The MAC address is a:
list of six two-digit hexadecimal numbers
A MAC address is usually found on:
a label on the side of a network adapter
Because MAC addresses are unique, it is possible to:
control access to most wireless networks by allowing only certain addresses in. This process is sometimes called whitelisting
Some routers can be configured to block:
a list of specified MAC address from accessing the wired network
MAC address filtering can be a useful way to:
block casual hackers from gaining access to a small wireless (or wired) network, but it can be troublesome for a large network with many different devices coming into and going out of the system as each needs to be entered separately.
What is MAC address cloning?
The use of software to change the MAC address of a network device
MAC addresses are not:
encrypted and can be detected by software used to hack networks
MAC address filtering should not:
be relied on alone to stop serious attacks
Digital certificates included in software are use to:
identify the publisher
Most OSs display warning messages when:
an app without a digital certificate is being installed
To access Certificate Manager in Windows 10 follow these steps:
click the Start button
type certmgr.msc in the search field and press Enter
In Windows 10 the Certificate Manager does what?
It keeps track of and check certificates
Antivirus/anti-malware software for mobile devices are:
third-party applications that need to be paid for, downloaded, and installed to the mobile device
One of the benefits of iOS being a closed-source OS is that it can be more difficult to:
write viruses for it, making is somewhat difficult to compromise
A firewall is a:
physical device or a software program that examines data packets on a network to determine whether to forward them to their destination or block them
A one-way firewall is used to:
protect against inbound threats only
A two-way firewall is used to:
protect against both unauthorized inbound and outbound traffic
A software firewall can be:
configured to permit traffic between specified IP addresses and to block traffic to and from the Internet except when permitted on a per-program basis
A corporate network may use a proxy server with a firewall as:
the sole direct connection between the Internet and the corporate network and use a firewall in the proxy server to protect the corporate network against threats
Physical firewalls are specialed:
computers whose software is designed to quickly analyze network traffic and make forwarding decisions based on rules set by the administrator
Most current OSs have some sort of firewall built in, the examples are:
Windows has Windows Defender, initially configured a one-way firewall but can be configured to work as a two-way firewall
macOS includes an application firewall
Linux includes iptables to configure netfilter, its packet-filtering framework
Authenticating users means:
making sure those who are logging in are truly who they say they are
To solve the problem of weak passwords, administrators should mandate:
strong passwords in their authentication settings
Strong passwords that foil casual hackers have the following characteristics:
They are at least eight characters long; every character added to this minimum makes the password exponentially safer
They include a variety of uppercase and lowercase letters, numbers, and symbols
They do not include real names and words
The best type of authentication system is one that:
uses two or more authentication methods, this is known as multifactor authentication
Directory permissions is the term used in macOS and Linux for:
configuring the access levels a user has to a directory (folder) and individual files. In Windows, the equivalent term is file and folder permissions
In Linux and macOS, directory permissions include:
Read (opens file but no changes)
Write (able to read and change file)
Execute (runs executable file or opens directory)
The chmod command is used in Linux to:
change directory permissions
In macOS, the Get Info menu’s Sharing & Permissions submenu is used to:
change directory permissions
In Windows, file and folder permissions on an NTFS drive include:
Full control
Modify
Read & Execute
List folder contents (applies to folders only)
Read
Write
Data loss/leakage prevention (DLP) involves:
preventing confidential information from being viewed or stolen by unauthorized parties
Data loss/leakage prevention (DLP) goes beyond normal digital security methods such as firewalls and antivirus software by:
observing and analyzing unusual patterns of data access, email, and instant messaging, whether the data is going into or out of an organization’s network
Access control lists (ACLs) are:
lists of permissions or restriction rules for access to an object such as a file or folder
Access control lists (ACLs) controls:
which users or groups can perform specific operations on specified files or folders
Smart cards can be used to enable:
logins to a network, encrypt or decrypt drives, and provide digital signatures when supported by the network server
Email filtering can be used to:
organize email into folders automatically
block spam and potentially dangerous messages
Email filtering can be performed at:
the point of entry to a network with a specialized email filtering server or appliance as well as by enabling the spam and threat detection features that are built into email clients or security software
Applying the principle of least privilege means:
giving a user access to only what is required to do his or her job
An encrypted wireless network relies on:
the exchange of a passphrase between the client and the wireless access point (WAP) or router before the client can connect to the network
There are several standards for encryption for a network connection. They are:
WEP
WPA versions
TKIP
AES
There are four different authentication methods for access to a wireless network, they are:
single-factor
multifactor
RADIUS
TACACS
Single-factor authentication is basic:
username and password access to a computer or network
A multifactor authentication system uses:
two or more authentication methods and is far more secure than single-factor authentication
Multifactor authentication is a:
combination of the password and the digital token, which makes it very difficult for imposters to gain access to a system
A Remote Authentication Dial-In User Service (RADIUS) Servers is used for a:
user who wants to access a network or an online service. They enter a username and password when requested
With Terminal Access Controller Access Control System (TACACS) a user:
who was already authenticated into the network was automatically logged into other resources in the system as well
Malicious software, or malware is:
software designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent
Malware is a broad term used by computer professionals to includes:
viruses
worms
Trojan horses
spyware
rootkits
keyloggers
adware
other types of undesirable software
