Misconfiguration Vulnerabilities 2.3

Question 1

A very common misconfiguration someone might make is not putting any […] on data, leaving it open for anyone to view / modify

Answer 1

Permissions

Question 2

[…] allows an attacker to have full control over an environment. Prevent this by not having an intentionally easy-to-hack or simple password

Answer 2

Unsecure Admin Accounts

Question 3

Best practice involves […] direct access to the admin account so that a user must go through a UAC prompt and enter the admin credentials there.

Answer 3

Disabling

Question 4

Another best practice to protect administrator access is by […] how many accounts actually have admin rights

Answer 4

Limiting

Question 5

[…] create a security risk due to there being no encryption involved, all traffic is sent in the clear

Answer 5

Insecure Protocols

Question 6

New applications and network devices usually come with a preset login, called […], which should be changed immediately upon setup

Answer 6

Default Credentials

Question 7

It’s possible for […] to pose a risk, which can be managed using a firewall to control traffic flows

Answer 7

Open Ports and Services