Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

MIS 320 > Exam 2.1 > Flashcards

Exam 2.1 Flashcards

1
Q

What is required for firmware and software in a secure boot process?

A

Each firmware and software that starts up must be checked to ensure it is approved.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What components are checked in a secure boot process?

A

In a secure boot, all system firmware, bootloaders, kernels, and other startup programs are checked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What must happen for custom hardware, firmware, and software to pass a secure boot process?

A

Custom hardware, firmware, and software may not pass unless they are first approved by system vendors, such as Microsoft.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does Windows OS do in a trusted boot process?

A

In a trusted boot, Windows OS checks each part of the boot process for problems before starting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How does Trusted Boot continue from Secure Boot?

A

Trusted Boot picks up where Secure Boot stops by checking Windows 10 software for issues before loading it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Does Trusted Boot require using a Microsoft OS?

A

Yes, Trusted Boot requires using a Microsoft OS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What happens in a measured boot regarding the boot process and security checks?

A

In a measured boot, the computer’s firmware records the boot process, and the OS can send this record to a trusted server for security checks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which boot process provides the highest degree of security?

A

Measured boot provides the highest degree of security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a potential drawback of using measured boot?

A

Measured boot could slow down the boot process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is needed after boot security is set for computer endpoints?

A

Once boot security is set, the computer endpoints need to be actively protected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What functions can antivirus software perform on a computer?

A

Antivirus software can check a computer for viruses, monitor activity, and scan new documents for potential viruses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the typical options for handling a virus detected by antivirus software?

A

Options usually include cleaning the file, quarantining it, or deleting it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does antivirus software do in signature-based monitoring or static analysis?

A

Antivirus software scans files to match known virus patterns, a process known as string scanning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is wildcard scanning in antivirus software?

A

Wildcard scanning allows skipping bytes instead of needing an exact match

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

mismatches

A

allows some bytes in the string to be any value, no matter where they are.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does heuristic monitoring (or dynamic analysis) look for in antivirus software?

A

looks for signs of a virus rather than matching patterns

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What types of malware does antimalware protect against?

A

Antimalware protects against different kinds of malware, including ransomware, cryptomalware, and Trojans.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Bayesian filtering

A

antimalware technique

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What does Bayesian filtering do with email messages?

A

Bayesian filtering sorts email messages into two groups: spam and non-spam.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

How does a Bayesian filter determine if an email is spam or non-spam?

A

The Bayesian filter checks each word in an email and sees how often it appears in spam versus non-spam messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How does a Bayesian filter evaluate the likelihood of an email being spam?

A

the Bayesian filter looks at the 15 most likely words to decide how likely the message is to be spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is HTTP used for on the web?

A

basic protocol for all data exchanges on the web.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What role does HTTP play in client-server communication?

A

HTTP is a client-server protocol where the client, like a web browser, sends requests to a web server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is a limitation of the HTTP protocol?

A

One limitation of HTTP is that it is a stateless protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What does a stateful protocol do that a stateless protocol does not?

A

A stateful protocol remembers everything that happens between the browser and the server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What happens with a stateless protocol when the session ends?

A

it forgets what happened

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What are three ways HTTP can mimic a stateful protocol?

A
  1. URL Extensions: Including state information in the URL.
  2. Hidden Form Fields: Sending state information in hidden form fields that are sent back to the server.
  3. Cookies: Storing user information in a file on the user’s computer, which is then retrieved later.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is a first-party cookie?

A

A first-party cookie is created by the website the user is currently visiting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

How do first-party cookies help when a user returns to a site?

A

With first-party cookies, when the user returns to the site, the cookie helps the site remember their preferences and customize their experience

30
Q

Where are third-party cookies placed?

A

Third-party cookies are placed on the local hard drive by external parties

31
Q

Where is a session cookie stored?

A

A session cookie is stored in RAM, not on the hard drive.

32
Q

How long does a session cookie last?

A

A session cookie lasts only for the duration of the visit to the website.

33
Q

When is a secure cookie sent to the server?

A

A secure cookie is sent to the server only with an encrypted request over HTTPS.

34
Q

What does a secure cookie prevent?

A

A secure cookie prevents unauthorized people from intercepting the cookie during transmission between the browser and the web server

35
Q

What is the purpose of HTTP Response Headers?

A

HTTP Response Headers inform the browser how to function while communicating with the website.

36
Q

What are the three types of monitoring and response systems for endpoint computers?

A
  1. HIDS (Host-based Intrusion Detection System)
  2. HIPS (Host-based Intrusion Prevention System)
  3. EDR (Endpoint Detection and Response)
37
Q

What is a Host Intrusion Detection System (HIDS)?

A

software that runs on an endpoint computer and can detect attacks.

38
Q

Host intrusion prevention systems (HIPS)

A

An intrusion prevention system detects and stops harmful activities. A host intrusion prevention system (HIPS) watches over your device, blocks threats, and lets you know if action is needed.

39
Q

A HIDS uses agents installed on the device to monitor its activity closely. It typically tracks:

A

System Calls: Requests made by programs to the operating system. HIDS checks these requests to spot suspicious behavior.

File Access: Ensures that files are accessed for legitimate reasons and not for malicious purposes.

Input/Output: Watches all data exchanges. For example, if a device that doesn’t use instant messaging suddenly tries to connect via IM, HIDS will flag this as unusual.

40
Q

Why is it important to quickly install updates on your computer?

A

hackers often target the weaknesses that updates fix, knowing many people are slow to apply them.

41
Q

What are the two types of tools used in effective patch management?

A

Effective patch management uses two types of tools: one for distributing patches and one for receiving them.

42
Q

What is the purpose of using patch management tools in organizations?

A

To control when updates are applied, ensuring they are thoroughly tested before installation.

43
Q

How can organizations prevent employees from installing new patches prematurely?

A

By using patch management tools that control the timing of when updates are applied.

44
Q

Why is it important to test patches before deployment?

A

To avoid issues with custom applications and ensure compatibility.

45
Q

What does patch management help ensure about updates?

A

That updates are only installed after they’ve been thoroughly tested.

46
Q

What benefit does patch management provide to users?

A

It ensures that all users receive necessary patches.

47
Q

What is the benefit of using an automated patch update service within an organization?

A

It allows the organization to manage patches internally instead of relying on the vendor’s online update service.

48
Q

How do internal servers benefit from an automated patch update service?

A

They can share information with each other, reducing the need for multiple connections to the vendor’s update service

49
Q

How many internal servers need to connect to the vendor’s update service in an automated patch update system?

A

Only one server needs to connect to the vendor’s update service.

50
Q

What is the role of internal servers in an automated patch update system?

A

To share information and manage the distribution of patches within the organization.

51
Q

Why might an organization choose an automated patch update service over a vendor’s online update service?

A

To streamline patch management and reduce dependency on external update services.

52
Q

What does an automated patch update service involve?

A

Installing a component on internal servers that manage and distribute patches.

53
Q

What infrastructure component is essential for an automated patch update service?

A

Internal servers with the installed update management component

54
Q

How does an automated patch update service save time for an organization?

A

By downloading patches from a local server instead of each computer connecting to an external server

55
Q

What control features do administrators have with an automated patch update service?

A

They can approve or decline updates, set deadlines for installation, and get reports on update status.

56
Q

What type of reporting can administrators get with an automated patch update service?

A

Reports on which updates each computer needs.

57
Q

What is the purpose of the “detection-only” option in an automated patch update service?

A

To allow administrators to see which computers need updates without installing them immediately

58
Q

How does the detection-only option benefit administrators?

A

It helps administrators identify which computers need updates before deciding to install them

59
Q

Why is downloading patches from a local server advantageous?

A

It conserves bandwidth and reduces the load on external servers

60
Q

How does an automated patch update service improve update management?
Back: By providing centralized control, efficient bandwidth use, and detailed reporting on update status.

A

By providing centralized control, efficient bandwidth use, and detailed reporting on update status

61
Q

What does the automated patch update service allow administrators to see without immediate installation?

A

It allows them to see which computers need updates through the detection-only option

62
Q

Can users select individual Windows updates to download and install

A

No

63
Q

Can users choose to receive updates for other installed Microsoft products

A

yes

64
Q

Do Windows 10 devices on a network have to download updates individually from the Internet

A

No

65
Q

What is the role of a Workstation OS?

A

A Workstation OS is software that manages hardware and software on a client computer

66
Q

What is an Appliance OS

A

An Appliance OS is an OS embedded in firmware designed to manage a specific device, such as a digital video recorder or video game console

67
Q

What must be protected to ensure the security and integrity of the system

A

The OS itself must be protected

68
Q

What does securing an OS involve?

A

Securing an OS involves proper security configurations and using confinement tools

69
Q

What should a typical OS security configuration include

A

disabling unnecessary ports and services, disabling default accounts/passwords, and employing least functionality

70
Q

What does ‘least functionality’ mean in the context of OS security

A

Least functionality means giving a user the minimum set of permissions required to perform necessary tasks

71
Q
A

MIS 320 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions