Difficult notes for memorization Flashcards
BOOTMGFW
The GUID partition table (GPT) identifies a System Partition. The system partition contains the boot manager and the boot configuration data (BCD). Each Windows installation has a subfolder under \EFI\Microsoft\ that contains a BCD and BOOTMGFW.EFI.
BOOTMGR
During boot, the master boot record (MBR) identifies the boot sector for the partition marked as active. The boot sector loads the boot manager, which for Windows is BOOTMGR.EXE.
NTOSKRNL
The Windows boot manager loads the Windows boot loader WINLOAD.EXE stored in the system root folder on the boot partition. The process then loads the kernel (NTOSKRNL.EXE).
HAL
In a Windows system, the hardware abstraction layer (HAL.DLL) is loaded during the WINLOAD boot process.
POSIX
POSIX (Portable Operating System Interface) is a set of common interface standards designed to facilitate compatibility between different operating systems, including but not limited to Unix-like systems and Windows. Ensuring POSIX compliance allows a Windows system, using NTFS, to interact more seamlessly with a Linux system.
Indexing
Indexing compliance is a useful feature for managing and accessing data on a system, but it does not directly facilitate compatibility between different operating systems like POSIX compliance does.
Journaling
Journaling compliance is an important feature for data integrity and reliability, it is not related to compatibility between operating systems.
Snapshots
Like indexing and journaling, snapshot compliance helps in managing and protecting data, but does not contribute to the interoperability of different operating systems.
devmgmt.msc
The Device Manager (devmgmt.msc) console allows administrators to view, edit, and troubleshoot the properties of installed hardware, update drivers, and remove or disable devices.
diskmgmt.msc
The Disk Management (diskmgmt.msc) console displays a summary of any fixed and removable disks.
dfrgui.exe
The Defragment and Optimize Drives tool (dfrgui.exe) runs various operations to speed up the performance of hard disk drives (HDDs) and solid-state drives (SSDs).
lusrmgr.msc
The Local Users and Groups (lusrmgr.msc) console provides administrators with an advanced interface for creating, modifying, disabling, and deleting user accounts. This console is also useful for resetting the password for an account.
Duress
A duress alarm is triggered manually and could be implemented as a wireless pendant, concealed sensor or trigger, or call contact.
Circuit
A circuit-based alarm sounds when the circuit is opened or closed, depending on the type of alarm. This could be caused by a door opening or by a fence being cut.
Motion
A motion-based alarm is linked to a detector triggered by movement within a room or other area. The sensors in these detectors are either microwave radio reflection or passive infrared (PIR)
Proximity
Proximity alarms use radio frequency ID (RFID) tags and readers that can be used to track the movement of tagged objects within an area.
RAT
A remote access Trojan (RAT) is malware that, once installed, allows the threat actor to access the PC, upload/exfiltrate data files, and install additional malware tools.
Implicit Deny
Implicit deny means that unless there is a rule specifying that access should be granted, any request for access is denied.
Explicit Deny
Explicit deny means that a specific rule is created that denies any access to a system or service.
Windows subsystem for Linux (WSL)
Windows subsystem for Linux (WSL) allows the installation of a Linux distribution and the use of Linux applications.
autorun.inf
In a legacy versions of Windows, an inserted disk (USB or optical) would automatically run commands defined in an autorun.inf file stored in the root of the drive.
Execution control
Execution control refers to logical security technologies designed to prevent malicious software from running on a host regardless of what the user account privileges allow.
Port Forwarding
Port forwarding means that the router takes a request from a host for a particular service and sends the request to another designated host.
Port Triggering
Port triggering is used with applications that require more than one port. When a firewall detects activity on outbound port A, it opens inbound access for the external IP address on port B for a set period.
Resistance
A resistor creates resistance. Resistance is the degree of opposition to the current caused by characteristics of the conductor and is measured in ohms.
Current
Electricity flows in a circuit. Current is the amount of charge flowing through a conductor, measured in amps (A or I).
Voltage
A circuit is made when conductors form a continuous path between the positive and negative terminals of a power source. Voltage is the potential difference between two points.
Watts
A watt is a measure of electrical power. Components such as power supplies and add-on cards are usually rated by how many watts are required or provided.
Port 3389
The Remote Desktop Protocol on a Windows workstation or server runs on TCP port 3389 by default but can be changed to another port.
Port 22
Secure Shell (SSH) is a remote access protocol, but it connects to a command interpreter rather than a desktop window manager. SSH uses TCP port 22 (by default)
Port 5900
Virtual Network Computing (VNC) is a freeware product with similar functionality to the Remote Desktop Protocol (RDP). It works over TCP port 5900.