CHAPTER 7: Windows 7 Security Features Flashcards
A collection of settings, such as lockout duration, that control account lockouts.
account lockout policy
An XML fi le that describes the structure of an application, including required DLL fi les and privilege requirements.
application manifest
A new feature in Windows 7 that is used to defi ne which programs are allowed to run. This is a replacement for the software restriction policies found in Windows XP and Windows Vista.
AppLocker
An encryption algorithm that uses two keys to encrypt and decrypt data. Data encrypted with one key is decrypted by the other key.
asymmetric encryption algorithm
The settings that defi ne which operating system events are audited.
audit policy
The security process that records the occurrence of specifi c operating system events in the Security log.
auditing
A feature in Windows 7 that can encrypt the operating system partition of a hard drive and protect system fi les from modifi cation. Other partitions can also be encrypted.
BitLocker Drive Encryption
A new feature in Windows 7 that allows you to encrypt removable storage.
BitLocker To Go
An encryption technology for individual fi les and folders that can be enabled by users
Encrypting File System (EFS)
The key used to encrypt the VMK when BitLocker Drive Encryption is enabled.
Full Volume Encryption Key (FVEK)
A one-way encryption algorithm that creates a unique identifi er that can be used to determine whether data has been changed.
hash encryption algorithm
A set of security confi guration options in Windows 7. These options are used to control user rights, auditing, password settings, and more.
local security policy
Malicious software designed to perform unauthorized acts on your computer. Malware includes viruses, worms, and spyware.
malware
Free antivirus software that is available if your copy of Windows 7 is genuine.
Microsoft Security Essentials
A computer authorization system for networks that prevents unhealthy computers from accessing the network.
Network Access Protection (NAP)
A collection of settings to control password characteristics such as length and complexity
password policy
A command-line tool that is used to apply, export, or analyze security templates.
Secedit
An MMC snap-in that is used to apply, export, or analyze security templates.
Security Configuration and Analysis tool
An .inf fi le that contains security settings that can be applied to a computer or analyzed against a computer?s existing confi guration.
security template
An encryption algorithm that uses the same key to encrypt and decrypt data.
symmetric encryption algorithm
A motherboard module that is used to store encryption keys and certifi cates.
Trusted Platform Module (TPM)
A feature in Windows 7 that elevates user privileges only when required.
User Account Control (UAC)
The key used to encrypt hard drive data when BitLocker Drive Encryption is enabled.
Volume Master Key (VMK)
Anti-spyware software included with Windows 7.
Windows Defender
A service that collects and distributes patches to Windows workstations by using the automatic updates process.
Windows Server Update Services (WSUS)