Final Flashcards
Name 5 types of problems when your Windows software is being attacked
Leaks of sensitive info Password cracks Systems taken down DDOS Remote control being obtained Databases copied or deleted
What types of attacks are there?
Password DDOS Port Penetration SQL Injection Session Hijacking Man-in-the-middle
What commands are built into Windows?
Nbtstat
Netstat
Net
How do you hide a shared folder?
Append the $ character at the end
IPC$
Anonymous connection - A well known vulnerability in Windows (null session)
net use \host name or IP address\ipc$ “” “/user
How can you scan your Windows network shares folder?
Softperfect network scanner
Missing patches are the easiest way to find a vulnerability. Some tools to discover what’s available for exploitation include?
Nexpose
Nessus
What can Win10 enhance that Win7 and Win8 don’t have?
Enterprise patch management Scheduled restarts for Windows patches Bitlocker Better malware protection w/built in Windows defender User Authentication
When you employ physical security what are you protecting against?
Internal malicious user
Which Windows vulnerabilities also translate to Linux?
Leaks of sensitive info
Cracked passwords
Corrupted or deleted databases
Systems taken offline
How can you prevent people from scanning your ports?
Firewall
Don’t let them gain access via wall jack or Wi-Fi
How do you prevent people from scanning your network?
Secure WiFi with strong password Firewalls Intrusion prevention systems Disable unneeded services Software updates are installed
Common security weaknesses include?
Anonymous FTP
Telnet and FTP
Old versions of send mail
Rservices such as rlogin, rdist, rexecd, rsh and rcp
How can you prevent people from booting into safemode?
bcdedit/deletevalue {current} safe boot
What is FTP and what is Telnet?
FTP is one of the most widely used file transfer protocols. Harden it by enabling password compliance policies, require strong encryption ciphers, enforce IP access rules and implement multi-factor authentication
