Módulo 08 - Network and Endpoint Security Flashcards

Question 1

Q

Define: OS Hardening

Answer

A

Enhancing an operating system’s security by removing unnecessary components, limiting access, and applying best practices.

Question 2

Q

Define: Access Control Lists (ACLs)

Answer

A

Rules defining user permissions to resources, such as files or networks, based on identifiers and associated privileges.

Question 3

Q

Define: Full Disk Encryption (FDE)

Answer

A

Encryption that protects all data on a hard drive, including system files and user data, even when the OS is off.

Question 4

Q

Acronym:
PoLP

Answer

A

Principle of Least Privilege.

Question 5

Q

Acronym:
S/MIME

Answer

A

Secure/Multipurpose Internet Mail Extensions.

Question 6

Q

Compare:
Endpoint Protection vs. Patch Management

Answer

A

Endpoint Protection: Focuses on safeguarding devices against malware and threats.

Patch Management: Addresses vulnerabilities by applying updates and patches.

Question 7

Q

List:
Key elements of endpoint hardening.

Answer

A

Remove unnecessary software.
Change default passwords.
Apply configuration enforcement.
Implement encryption techniques.
Use access control policies.
Monitor for changes and compliance.

Question 8

Q

List:
Types of encryption techniques.

Answer

A

Full Disk Encryption (FDE).
Removable Media Encryption.
Virtual Private Networks (VPNs).
Email Encryption.

Question 9

Q

Define:
Implicit Deny ACLs

Answer

A

A rule that denies access unless explicitly allowed, ensuring tighter security by default.

Question 10

Q

Define:
Authorization Creep

Answer

A

Gradual accumulation of unnecessary privileges by a user due to improper privilege management.

Question 11

Q

Define:
Deprovisioning

Answer

A

The process of removing access rights and permissions when an employee or contractor leaves or a project ends.

Question 12

Q

Acronym:
FSRM

Answer

A

File Server Resource Manager.

Question 13

Q

Acronym:
FTPS

Answer

A

FTP Secure

which adds SSL/TLS to FTP for secure logon and data transfer.

Question 14

Q

Acronym:
SFTP

Answer

A

Secure Shell File Transfer Protocol.

Question 15

Q

Define:
FSRM Quotas

Answer

A

Storage limits on a directory.

Hard (Block further storage) or Soft (Only alerts)

Question 16

Q

Define:
File Screens on FSRM

Answer

A

Rules tha restrict file types that might be saved on a directory

Question 17

Q

Define:
NetBIOS

Answer

A

Network protocol for file and printer sharing, quite unsecure.

Question 18

Q

Define:
Tombstone File

Answer

A

File replaced that informs about a violation, keeping the original unaccessible

Question 19

Q

Acronym:
IPSec

Answer

A

Internet Protocol Security

Question 20

Q

Acronym:
SCP

Answer

A

Secure Copy Protocol

Question 21

Q

Define:
Administrative Share

Answer

A

Hidden directory that only admins have access

Question 22

Q

Compare:
SFTP vs. FTPS

Answer

A

SFTP: Secure Shell-based, not related to FTP, uses SSH2 for secure data transfer.

FTPS: FTP with SSL/TLS, requires server certificates for encrypted communication.

Question 23

Q

Compare:
Hard Limit vs. Soft Limit in Quotas

Answer

A

Hard Limit: Prevents users from exceeding the data quota.

Soft Limit: Allows exceeding the quota but sends a warning message.

Question 24

Q

List:
DLP Remediation methods

Answer

A

Alert only: Registra o incidente sem bloquear o acesso.
Block: Impede a cópia, mas mantém o arquivo acessível.
Quarantine: Restringe o acesso ao arquivo original.
Tombstone: Substitui o arquivo por uma mensagem de violação de política.

Question 25

Q

Acronym:
NTFS

Answer

A

New Technology File System.

Question 26

Q

Define:
NTFS Permissions

Answer

A

Permissions that control access to files and folders on drives formatted with NTFS, applying both locally and over a network.

Question 27

Q

Define:
Share Permissions

Answer

A

Permissions that control access to shared folders over a network but do not apply to local access.

Question 28

Q

Define:
Inheritance

Answer

A

A feature where folders pass down their permissions to subfolders and files, unless explicitly overridden.

Question 29

Q

Define:
Octal Notation in Permissions

Answer

A

A numeric representation of file permissions where read = 4, write = 2, and execute = 1.

Question 30

Q

Define:
Chmod Command

Answer

A

A Linux command used to change file permissions in symbolic or absolute (octal) mode.

Question 31

Q

Acronym:
DACL

Answer

A

Discretionary Access Control List.

Question 32

Q

True or False:
NTFS permissions apply only to files accessed over the network.

Answer

A

False.
NTFS permissions apply to both local and network access.

Question 33

Q

True or False:
Share permissions can be assigned to individual files.

Question 34

Q

True or False:

In Linux, a file with permissions 755 means the owner has read, write, and execute permissions.

Question 35

Q

Compare:
Share Permissions vs. NTFS Permissions

Answer

A

Share Permissions: Apply only to network access; control at the folder level; limited to Reader, Contributor, and Co-owner.

NTFS Permissions: Apply to both local and network access; can control at the file level; highly granular.

Question 36

Q

Compare:
Symbolic vs. Absolute Mode in chmod

Answer

A

Symbolic Mode: Uses letters (e.g., u=rwx) to specify permissions.

Absolute Mode: Uses octal numbers (e.g., 755) to represent permissions.

Question 37

Q

Example:
Interpret this permission string: drwxr-xr-x.

Answer

A

d: Directory.
Owner: Read, write, execute.
Group: Read, execute.
Others: Read, execute.

Question 38

Q

Define:
Physical Port Hardening

Answer

A

The process of disabling unused physical interfaces, such as USB or HDMI, to reduce physical attack vectors.

Question 39

Q

Define:
Logical Ports

Answer

A

Software-based communication endpoints used for data exchange between applications or services.

Question 40

Q

Define:
Host-Based Firewalls

Answer

A

Firewalls installed on individual devices to control incoming and outgoing network traffic.

Question 41

Q

Define:
Intrusion Prevention System (IPS)

Answer

A

A system that monitors network traffic to detect and prevent potential intrusions.

Question 42

Q

Define:
Service Hardening

Answer

A

Configuring services to minimize vulnerabilities by disabling unnecessary features and applying security updates.

Question 43

Q

Define:
Default-Deny Policy

Answer

A

A security policy that blocks all traffic unless explicitly permitted.

Question 44

Q

Acronym:
UEFI

Answer

A

Unified Extensible Firmware Interface.

Question 45

Q

Acronym:
BIOS

Answer

A

Basic Input/Output System.

Question 46

Q

Acronym:
nmap

Answer

A

Network Mapper

Question 47

Q

Acronym:
ss (Linux Command)

Answer

A

Socket Statistics.

Question 48

Q

Compare:
Host-Based Firewalls vs. Network Firewalls

Answer

A

Host-Based Firewalls: Protect individual devices and filter traffic specific to that host.

Network Firewalls: Protect an entire network and filter traffic entering or leaving the network.

Question 49

Q

Compare:
nmap vs. netstat

Answer

A

nmap: Scans for open TCP/UDP ports on a network.

netstat: Displays active network connections and listening sockets on a system.

Question 50

Q

Example:
What command scans for open TCP ports using nmap?

Answer

A

nmap -sT ipaddress.

Question 51

Q

Example:
How to disable a service in Linux?

Answer

A

Use systemctl disable servicename to prevent the service from starting on boot.

Question 52

Q

Define:
Wireless Access Point (WAP)

Answer

A

A device that broadcasts wireless signals, connects wireless clients to a network, and may link to a wired network.

Question 53

Q

Define:
Thin Access Point

Answer

A

A WAP that relies on a wireless controller for management and client handling.

Question 54

Q

Define:
Wireless LAN Controller (WLC)

Answer

A

A device used to manage multiple access points in an enterprise environment.

Question 55

Q

Define:
Service Set Identifier (SSID)

Answer

A

The name of a wireless network that allows users to identify and connect to it.

Question 56

Q

Define:
WPA2-PSK

Answer

A

A Wi-Fi security protocol using a pre-shared key for group authentication.

Question 57

Q

Define:
Simultaneous Authentication of Equals (SAE)

Answer

A

A WPA3 protocol for secure password exchange, resistant to offline brute force attacks.

Question 58

Q

Define:
Heat Map

Answer

A

A visual representation showing wireless signal strength across an area.

Question 59

Q

Acronym:
WAP

Answer

A

Wireless Access Point.

Question 60

Q

Acronym:
WLC

Answer

A

Wireless LAN Controller.

Question 61

Q

Acronym:
WDS

Answer

A

Wireless Distribution System.

Question 62

Q

Acronym:
WPS

Answer

A

Wi-Fi Protected Setup.

Question 63

Q

Acronym:
DPP

Answer

A

Device Provisioning Protocol.

Question 64

Q

Acronym:
RADIUS

Answer

A

Remote Authentication Dial-In User Service.

Answer 63

A

Extensible Authentication Protocol.

Answer 64

A

False.
Thin access points rely on a WLC for client management.

Answer 65

A

True.
WPA3-Enterprise mandates 192-bit AES encryption.

Answer 66

A

True.
WPA2-PSK uses a pre-shared key for group authentication.

Answer 67

A

False.
Site surveys are essential for ensuring optimal WAP placement and coverage.

Answer 68

A

Fat Access Points: Standalone devices that manage clients and broadcast the network independently.

Thin Access Points: Require a wireless LAN controller for client and network management.

Answer 69

A

WPA2: Uses AES with CCMP for encryption and is vulnerable to handshake attacks.

WPA3: Introduces SAE for secure password exchange and enhanced encryption protocols.

Answer 70

A

PSK: Uses a shared passphrase, vulnerable to brute force attacks.

SAE: Uses a secure handshake resistant to offline attacks.

Answer 71

A

Simultaneous Authentication of Equals (SAE).
Enhanced Open for encryption on open networks.
Updated cryptographic protocols using AES-GCMP.
Support for Wi-Fi Easy Connect for simplified configuration.

Answer 72

A

Personal (PSK or SAE).
Open (unencrypted or Enhanced Open).
Enterprise (RADIUS with unique credentials).

Answer 73

A

WPA3-SAE uses a secure handshake to prevent offline attacks, unlike WPA2-PSK, which is vulnerable to brute force.

Answer 74

A

By connecting two wireless networks through a wired or wireless distribution system (WDS).

Answer 75

A

To visualize signal strength and channel overlap for optimizing WAP placement.

Answer 76

A

A replay attack targeting the WPA and WPA2 4-way handshake, allowing offline brute-force attempts to recover keys.

Answer 77

A

An attack where a rogue access point mimics a legitimate network to intercept user data.

Answer 78

A

A cryptographic attack exploiting the reuse of initialization vectors in WEP encryption to decrypt keys.

Answer 79

A

Sending unsolicited messages to nearby Bluetooth devices in discovery mode.

Answer 80

A

Exploiting vulnerabilities in Bluetooth to access sensitive data on a paired device.

Answer 81

A

Using an RFID reader to intercept communication between a tag and a legitimate scanner.

Answer 82

A

Capturing NFC data in transit to impersonate the original device.

Answer 83

A

Wired Equivalent Privacy.

Answer 84

A

Near Field Communication.

Answer 85

A

Radio Frequency Identification.

Answer 86

A

False. WPA3 addresses the vulnerabilities exploited in KRACK attacks.

Answer 87

A

True. Non-malicious interference can come from devices like microwave ovens or cordless phones.

Answer 88

A

False. Disassociation attacks exploit unencrypted management frames.

Answer 89

A

True. Passive RFID tags rely on energy from the scanner.

Answer 90

A

Rogue Access Point: Any unauthorized access point on a network.

Evil Twin: A rogue access point designed to mimic a legitimate one.

Answer 91

A

RFID: One-way communication; longer range.

NFC: Two-way communication; very short range.

Answer 92

A

Wireless denial-of-service (DoS).
Evil twin attack.
Initialization vector (IV) attack.
Jamming attack.
Disassociation/deauthentication attack.
Replay and key recovery attacks.

Answer 93

A

An unauthorized device providing wireless access, potentially used for malicious purposes.

Answer 94

A

A replay attack exploiting weaknesses in WPA2’s 4-way handshake.

Answer 95

A

By creating a rogue access point with the same SSID as a legitimate one to capture user data.

Answer 96

A

Disabling the broadcast of the network’s SSID to make it less visible to nearby devices, though determined hackers can still detect it.

Answer 97

A

Restricting network access to specific MAC addresses, which can be bypassed by spoofing a valid MAC address.

Answer 98

A

Reducing a WAP’s broadcast strength to limit signal emanation outside the intended area, enhancing security.

Answer 99

A

A wireless security protocol using AES-CCMP for encryption and a 4-way handshake for authentication.

Answer 100

A

A wireless security protocol that replaces WPA2’s 4-way handshake with Simultaneous Authentication of Equals (SAE), providing Perfect Forward Secrecy.

Answer 101

A

Service Set Identifier.

Answer 102

A

Media Access Control

Answer 103

A

Simultaneous Authentication of Equals.

Answer 104

A

WPA2-Personal: Uses a pre-shared key for authentication.

WPA2-Enterprise: Uses a RADIUS server to authenticate individual users.

Answer 105

A

WPA2: Uses a 4-way handshake, vulnerable to offline attacks.

WPA3: Uses SAE for secure authentication and Perfect Forward Secrecy.

Answer 106

A

SSID Broadcast: Makes the network easily discoverable.

SSID Suppression: Hides the network’s SSID but does not make it entirely undetectable.

Answer 107

A

A passphrase used for wireless network access; the most commonly used access method.

Answer 108

A

A method to connect devices securely to a network using PSK and WPA2 by pushing buttons or entering a unique PIN.

Answer 109

A

A wireless network with no authentication, allowing unrestricted access; suitable for public spaces.

Answer 110

A

A mechanism forcing users to interact with a web page before granting network access, often for agreement or payment.

Answer 111

A

A framework supporting multiple authentication methods, enabling secure communication between client and server.

Answer 112

A

EAP with SSL/TLS tunnel for secure authentication using a server-side certificate.

Answer 113

A

EAP with a Protected Access Credential (PAC) to authenticate users in a TLS tunnel; mitigates PAC compromise risks.

Answer 114

A

An EAP standard requiring client- and server-side certificates, known for its robust security.

Answer 115

A

An updated version of EAP-TLS that simplifies deployment by only requiring a server-side certificate.

Answer 116

A

Restricting network access to specific MAC addresses; prone to spoofing but adds an extra layer of control.

Answer 117

A

A standard requiring authentication when a device connects to a switch port, using EAP and RADIUS for validation.

Answer 118

A

The device requesting access, such as a PC or laptop.

Answer 119

A

A network device like a switch that forwards authentication requests between the supplicant and the authentication server.

Answer 120

A

The server validating authentication requests and managing authorization decisions in 802.1X.

Answer 121

A

A host physically isolated from any network to prevent unauthorized access, often used in high-security environments.

Answer 122

A

A network isolated from others, allowing communication only within itself; used in military or industrial facilities.

Answer 123

A

By pushing buttons on the access point and device or entering a PIN.

Answer 124

A

It redirects users to a page for terms agreement or payment before granting internet access.

Answer 125

A

The supplicant’s credentials are sent to the authentication server via the authenticator for validation.

Answer 126

A

PSK: Requires manual entry of a passphrase.

WPS: Automates connection using buttons or PIN.

Answer 127

A

Air-Gapped Host: A single device isolated from any network.

Air-Gapped Network: A group of devices communicating only within their isolated network.

Answer 128

A

A secure tunnel over a public network connecting a user’s PC or smartphone to a private network.

Answer 129

A

Remote Desktop Protocol

Answer 130

A

Accessing a physical machine on a one-to-one basis by transferring screen, audio, and input data.

Answer 131

A

A clientless remote desktop gateway using a web browser and WebSocket protocol for bidirectional communication.

Answer 132

A

A secure protocol for remote administration and file transfer, widely implemented via OpenSSH.

Answer 133

A

A public/private key pair identifying an SSH server for secure client-server communication.

Answer 134

A

A method where a remote user’s public key is authorized on the server for secure access.

Answer 135

A

ssh username@host

Answer 136

A

ssh-keygen -t rsa

Answer 137

A

ssh-copy-id username@host

Answer 138

A

A protocol for exchanging web content; uses plaintext and is unsecured.

Answer 139

A

HyperText Transfer Protocol Secure; uses SSL/TLS to encrypt data and operates on TCP port 443.

Answer 140

A

By the “https://” URL prefix or a lock icon in the address bar.

Answer 141

A

Secure HyperText Transfer Protocol; provides message security but is not widely used or as secure as HTTPS.

Answer 142

A

HTTPS: Encrypts the entire session, uses port 443, and is stateful.
S-HTTP: Secures only messages, does not use port 443, and is connectionless.

Answer 143

A

Username/Password – Standard credentials.

Public Key Authentication – Using a public key authorized on the server.

Kerberos – Authentication via Ticket Granting Tickets.

Answer 144

A

Client-to-Site VPN: Allows individual users to connect securely to a corporate network.
Site-to-Site VPN: Connects two private networks automatically via secure gateways.
Host-to-Host Tunnel: Secures traffic between two specific computers.

Answer 145

A

They do not provide adequate security compared to modern protocols like TLS and IPsec.

Answer 146

A

Using digital certificates, with server certificates identifying the VPN gateway and optionally client certificates for mutual authentication.

Answer 147

A

A version of TLS over UDP, offering improved performance for latency-sensitive traffic like voice and video.

Answer 148

A

Datagram TLS

Answer 149

A

TLS 1.3 and TLS 1.2. Versions earlier than TLS 1.2 are deprecated.

Answer 150

A

Authentication Header (AH): Provides packet integrity but not confidentiality.

Encapsulating Security Payload (ESP): Encrypts packet data and provides confidentiality and integrity.

Answer 151

A

Transport Mode: Encrypts only the payload, leaving the IP header intact.

Tunnel Mode: Encrypts the entire packet, including the IP header.

Answer 152

A

It establishes mutual authentication, negotiates cryptographic settings, and creates a secure channel for key exchange.

Answer 153

A

Phase I: Establishes identity, performs key agreement, and creates a secure channel.

Phase II: Negotiates ciphers and key sizes for the IPsec session.

Answer 154

A

IKEv2 supports EAP authentication, NAT traversal, and MOBIKE multihoming, making it more suited for remote access VPNs.

Answer 155

A

TLS: Operates at the application layer, suitable for specific applications like HTTPS.

IPsec: Operates at the network layer, providing broader support for all traffic types.

Answer 156

A

Digital Certificates and Pre-Shared Key (PSK)

Answer 157

A

A cryptography method that generates unique keys for each session, ensuring that past communications remain secure even if a key is compromised.

Answer 158

A

A framework supporting multiple methods

Used in:
- WPA2/WPA3-Enterprise
- 802.1X.

Answer 159

A

Method of establishing direct communication between two network endpoints over a network utilizing NAT

UDP punching hole

Answer 160

A

An IKEv2 feature that maintains VPN connections during network changes (e.g., Wi-Fi to cellular) and supports multiple active interfaces.

Answer 161

A

Extra data (e.g., headers, encryption) added to packets for transmission, affecting payload size and bandwidth usage.

Answer 162

A

A web browser retrieves and displays internet information, but it can also pose security risks to a network.

Answer 163

A

Unexpected domain names in URLs
Altered menu bars
Unlocked status line when SSL should be in use.

Answer 164

A

Browsing and download histories,
Cookies
Cached files
Passwords
Auto-fill data
Site permissions
Hosted app data.

Answer 165

A

Cookies store preferences and identify you to websites but can be misused to collect personal data or track activities.

Answer 166

A

First-party cookies come from the visited site; third-party cookies come from linked sites like ads.

Answer 167

A

A cache stores reusable data like images and passwords. It should be cleared on public computers to protect personal information.

Answer 168

A

Enable warnings for site add-ons
Web filtering,
No storing passwords.
Block pop-ups
No third-party cookies
Ask where to save files.

Answer 169

A

Add-ons add browser functionality but can be malicious. Review and uninstall unnecessary or inappropriate ones.

Answer 170

A

Horizontal: Accessing another user’s data with the same privilege level.

Vertical: Gaining elevated privileges, such as administrative access.

Answer 171

A

Retrieving a value stored in memory via a pointer.

Answer 172

A

It can lead to a denial-of-service (DoS) attack or kernel exploitation. (NullPointer)

Answer 173

A

An overflow occurs when more data is stored than a buffer can handle, potentially allowing arbitrary code execution or DoS.

Answer 174

A

Depleting system resources, like memory or CPU, to cause a denial-of-service.

Answer 175

A

They lead to resource exhaustion and can enable exploitation under low-memory conditions.

Answer 176

A

A vulnerability where multiple processes are exploited to perform unauthorized actions.

Such as multiple process accessing the same data simultaneously

Answer 177

A

Lock files, use file handles instead of names, and prevent changes between system calls.

Answer 178

A

Displaying detailed error messages that reveal sensitive information attackers can exploit.

Answer 179

A

Failing to validate or sanitize input data, leading to vulnerabilities like SQL injection or buffer overflows.

Answer 180

A

Intercepting and replaying network traffic to impersonate the sender.

Answer 181

A

Use strong digital signatures, timestamps, and sequence numbers.

Answer 182

A

Using stored password hashes from a compromised machine to access other systems.

Answer 183

A

Limit domain admin access
Disable remote desktop
Use separate accounts for admin tasks.

Answer 184

A

Exploiting vulnerabilities in APIs to gain unauthorized access or data.

Answer 185

A

Implement rate limiting, monitor logs, and validate input data.

Answer 186

A

Downgrading an HTTPS connection to HTTP to intercept user data.

Answer 187

A

Use HSTS, encrypt all site elements, and add the domain to the HSTS preload list.

Answer 188

A

Altering or adding malicious functionality to device drivers.

Answer 189

A

Modifying driver code internally without changing its external behavior to hide malicious actions.

Answer 190

A

Using or modifying intermediary code between older APIs and updated systems to inject malicious functionality.

Answer 191

A

Client-side: Prevent errors locally.

Server-side: Validate data after submission to prevent bypassing safeguards.

Answer 192

A

DNSSEC: Ensures secure connections with digital certificates.

HTTPS: Encrypts HTTP traffic for secure communication.

Answer 193

A

A linear model where each step (Requirements, Design, Implementation, Testing, Deployment, Maintenance) must be completed before moving to the next.

Answer 194

A

Sequential steps, slow progress, limited flexibility, and fixed requirements.

Answer 195

A

A model that breaks development into smaller, iterative cycles called Sprints, focusing on continuous updates and testing.

Answer 196

A

Each Sprint lasts 2–3 weeks, focuses on a specific feature, and includes regular testing and iterative improvement.

Answer 197

A

Errors during the code-building phase, preventing the program from running.

Answer 198

A

Errors that occur when a program is running, often called bugs.

Answer 199

A

Programming techniques to manage unexpected issues without crashing or exposing vulnerabilities.

Answer 200

A

It limits the information disclosed to attackers, avoiding exposure of sensitive details.

Answer 201

A

Reviewing source code for vulnerabilities and errors before deployment.

Answer 202

A

Early bug detection, improved security, enforced coding standards, and developer education.

Answer 203

A

Black-box testing of applications after deployment to find vulnerabilities externally.

Answer 204

A

White-box testing that analyzes source code early in development to find vulnerabilities like SQL injection.

Answer 205

A

A hybrid testing method combining runtime and static analysis to identify vulnerabilities during runtime.

Answer 206

A

Isolating processes to restrict their access to the system, preventing widespread damage from malicious or faulty software.

Answer 207

A

Each tab and extension runs in an isolated process, preventing one from affecting others.

Answer 208

A

Apps are confined to their own data and resources, limiting access to other apps or system resources.

Answer 209

A

They isolate environments, ensuring a breach in one does not affect others or the host.

Answer 210

A

A process that reorganizes data to eliminate redundancy, improve performance, and reduce exploitation risks.

Answer 211

A

Predefined database statements that centralize logic, prevent code duplication, and mitigate injection attacks.

Answer 212

A

Deliberate creation of hard-to-understand code to prevent reverse engineering and tampering.

Answer 213

A

Vulnerabilities in reused code can propagate if not tested thoroughly before sharing or adapting.

Answer 214

A

Unused or non-executable code that should be removed to eliminate security risks.

Answer 215

A

Allocating and releasing memory efficiently to prevent vulnerabilities like buffer overflows or memory leaks.

Answer 216

A

Incorrect buffer size calculation, unchecked input size, and uncontrolled format strings.

Answer 217

A

Prewritten code or tools from external sources, which must be tested for flaws and unnecessary code.

Answer 218

A

Encrypt data in transit and at rest, disable form caching, and use salted, hashed passwords.

Answer 219

A

A technique providing random or unexpected input to applications to identify vulnerabilities.

Answer 220

A

Digital signatures verify a software’s integrity and origin but don’t guarantee its security.

Answer 221

A

Cookies configured with attributes like Secure, HttpOnly, and SameSite to prevent attacks like session hijacking and CSRF.

Answer 222

A

Ensures cookies are sent only over HTTPS connections, protecting them from interception.

Answer 223

A

Prevents client-side scripts from accessing cookies, mitigating XSS attacks.

Answer 224

A

Restricts cookies to same-site requests, mitigating CSRF attacks.

Answer 225

A

To restrict their usable life and reduce the risk of long-term exploitation.

Answer 226

A

Assume all installed applications are flawed.

Answer 227

A

Remove all unused applications from the system.

Answer 228

A

To reduce the potential attack surface and prevent unauthorized access.

Answer 229

A

Process spawning creates a new child process; blocking it prevents process-spawning attacks.

Answer 230

A

To protect them from modification by removing Write permissions for applications.

Answer 231

A

A feature that prevents applications from executing code in memory designated for data storage.

Answer 232

A

Administrators can bypass specific hardening rules for legitimate application needs.

Answer 233

A

To apply specific hardening rules to applications, libraries, and SDKs.

Answer 234

A

Captures important events for audits, incident response, and system troubleshooting.

Answer 235

A

To detect potential threats, such as repeated failed login attempts or unusual data transfers.

Answer 236

A

Masks sensitive debugging information to minimize risks of exploitation.

Brainscape's Knowledge GenomeTM

Módulo 08 - Network and Endpoint Security Flashcards

Brainscape's Knowledge Genome^TM