Part 4

Question 1

When an antivirus program detects a virus an option may be given to an administrator to remove, clean or ____ a file.

Answer 1

Quarentine

Question 2

There are occasions when a file or program may exhibit behavior or coding that triggers a signature or behavior alert from an antimalware system often called?

Answer 2

False Positive

Question 3

An algorithm or hash that is unique to a specific attack method or virus?

Answer 3

Signature

Question 4

What scans continuously inspect files and email data for viruses as they are read from or written to a computer?

Answer 4

Auto Protect

Question 5

What does the effectiveness of VSE depend on?

Answer 5

Scanning engine and definition DAT files

Question 6

What prevents unwanted changes to your computer by retricting access to specified ports, files, shares etc?

Answer 6

Access Protection

Question 7

How often on COMPOSE do Anti Virus scans run?

Answer 7

Daily

Question 8

What is real time monitoring for malicious activities?

Answer 8

Behavioral

Question 9

What is a program that attaches itself to a file or another program?

Answer 9

Virus

Question 10

What is a program that replicates and propogates itself without having to attach itself to a file or program.

Answer 10

Worm

Question 11

What are three reasons privilage escalation can occur?

Answer 11

• Error by administrator
• weak password policy
• bad coding in software

Question 12

What are additional security settings required?

Answer 12

• Account lockout duration
• minimum password length
• disabling unnecessary services
• “Allow administration by” option

Question 13

What are 4 types of Trojans?

Answer 13

Remote Access Trojan (RAT) : full or partial access to victim’s system

Data Sending : sends key strokes, passwords, cookies via email or back door

Destructive : deleting files, corrupting the OS, crashing the system, disable AV on the firewall

Proxy : jumping point for an attacker on another system to mask identity

Question 14

What is the purpose of Denial of Service attack?

Answer 14

Deny legitimate users from accessing infomation or resources

Question 15

What are some signs of Denial of Service attack?

Answer 15

• Spam
• Unavailable website

“Flood”, slowing or stopping data transfer, consumption of disk space or processor time, disrupting routing info, disrupting physical network components

Question 16

What involves exploiting the session between devices?

Answer 16

Session hijacking

Question 17

How can you prevent session hijacking?

Answer 17

• Use encryption
• use secure protocol
• limit incoming connections
• minimize remote access
• strong authentication
• using switches over hubs
• user training

Question 18

How many user accounts should an admin have at minimum?

Answer 18

2

User and administrator

Question 19

What command line run script launches GPO editor?

Answer 19

gpedit.msc

Question 20

What provides the configuration setting of RBAC settings for installed applications?

Answer 20

Authorization Manager

Question 21

What analyizes system configuration and applies security templates?

Answer 21

Security Configuration and Analysis

Question 22

On a windows system, GPO editor seperates the local computer policy into two sections?

Answer 22

• Computer configuration

- User configuration

Question 23

What provides the options for setting system auditing, rights assigned to groups, and their users and security features such as device settings, log on requirements, account settings, network access etc?

Answer 23

Local Policies

Question 24

What provides options for setting password complexity and length requirements as well as account lockout lengths and attempt frequencies?

Answer 24

Account Policies

Question 25

Database cryptography must be compliant against what for authentication of DBMS?

Answer 25

FIPS 140-2

Question 26

How can you protect databases from Denial of Service attacks?

Answer 26

• Limit the number of connections

- Database clustering

Question 27

What should be implemented to limit exposure?

Answer 27

Role Based Access Control Policy

Question 28

What are password complexity requirements?

Answer 28

• minimum length
• # of upper and lower case letters
• # of numeric characters
• # of special characters
• password history or reuse

Question 29

How long can an account be inactive before it should be disabled?

Answer 29

35 days

Question 30

What kind of permissions should a bind account have?

Answer 30

Full administrative access to the database

Question 31

What type of account is used to connect an application to its database?

Answer 31

Bind account

Question 32

Where do databases fall under?

Answer 32

Application Core SRG

Question 33

What are the 4 core SRGs?

Answer 33

• Application
• network infrastructure
• operating system
• policy

Question 34

What are collections of requirements applicable to a given technology family?

Answer 34

SRG- Security Requirement Guides

Question 35

What could result in the loss of privacy, corruption of data, breach national security?

Answer 35

Attack on DBMS

Question 36

What is the default admin account created during a COMPOSE install?

Answer 36

Compinstaller

Question 37

What determines the service configuration for a computer is controlled by the role the machine will serve on the network?

Answer 37

Core Services Installation stage of install

Question 38

What are the 4 modules of COMPOSE?

Answer 38

Baseline Configuration Module (BCM)
Domain Configuration Module (DCM)
Core Services Installation Module (CSIM)
Security Configuration Module (SCM)

Question 39

What sets the policies for the built in IPSec Software?

Answer 39

IP Security Policy on Location Computer

Question 40

What provides the ability to configure EFS, Bit Locker, and the built in cryptographic capabilities?

Answer 40

Public Key Policies

Question 41

What are the 4 distributions of Linux?

Answer 41

RedHat
Solaris
HP UX
IBM AIX

Question 42

What are two ways to interact with Linux?

Answer 42

Command Line Interface (CLI)

Graphic User Interface (GUI)

Question 43

Linux considers everything a what?

Answer 43

File

Question 44

What is the file path from the root?

Answer 44

Absolute

Question 45

What is the file path from present working directory or otherwise?

Answer 45

Relative

Question 46

How do you find out what directory you are in?

Answer 46

Pwd

Present working directory

Question 47

What is the format for a command?

Question 48

What is the command for Top processes?

Answer 48

Top

Question 49

What shows the top lines?

Answer 49

Head

Question 50

What shows you the bottom lines?

Answer 50

Tail

Question 51

What shows you all the files in a directory?

Answer 51

Ls

Lists all the files

Question 52

What shows you the permission set details of all the files in a directory?

Answer 52

Ls -l

Long list

Ls -a

Long list all

Question 53

What command is a scripting tool and can be used for an advanced search?

Answer 53

-awk

Question 54

What command changes ownership of a file?

Answer 54

Chown

Question 55

What command modifies permissions of a file?

Answer 55

Chmod

Question 56

What command searches for string following command?

Answer 56

Grep

Question 57

Ownership

Answer 57

User and group sets

Question 58

What are 4 digit octal codes?

Answer 58

SUID SGID

Question 59

What ensures owner cannot delete file from other users?

Answer 59

Sticky bit

Question 60

What identifies a file serial number?

Answer 60

Inode

Question 61

What are two types of file serials?

Answer 61

Symbolize - name

Hard link - inode serial #

Question 62

What is after the user to indicate shadow file in use?

Answer 62

X

Question 63

What command changes the password?

Answer 63

Passwd

Question 64

What command references services?

Answer 64

Daemon

Question 65

What user id code does root have?

Answer 65

0

Question 66

What command is start up and shut down?

Answer 66

Initid

Question 67

Where are log files stored?

Answer 67

Var

Question 68

What are the SIU findings priorties?

Answer 68

5- routine action
4- undocumented 
3- not found in the fleet
2- yellow
1- red remove immediately

Question 69

Three sub caregories?

Answer 69

New
Old
Check version

Question 70

What version of TLS for web servers?

Answer 70

TLS 1.0 or greater

Question 71

What must be placed so the user knows what they are accessing?

Answer 71

Banner page

Question 72

Two types of webpages?

Answer 72

Static

Dynamic- accept and retrieve from the user

Question 73

How did Linux start?

Answer 73

As personal computers

Question 74

Where can linux configurations be found?

Answer 74

/etc

Question 75

What is the /root

Answer 75

Home directory

Question 76

What are two text editors?

Answer 76

Nano

Vi editor

Question 77

Where can you find a linux password has expired?

Answer 77

Shadow file

Question 78

Where can you start and stop running scripts or start up scripts?

Answer 78

Init.d

Question 79

How do you make a directory?

Answer 79

mk dir

Question 80

How do you remove?

Answer 80

Rm

Question 81

How do you read text based files?

Answer 81

More

Cat

Question 82

How do you search

Answer 82

Find

Question 83

How do you see what is most cpu intensive?

Answer 83

TOP

Question 84

What are files that list other files?

Answer 84

Directories

Question 85

Where are common user shared files?

Answer 85

Bin

Question 86

Where are start files kernel?

Answer 86

Boot

Question 87

What are two ownership types?

Answer 87

User

Group

Question 88

What is used to ensure programs operate within intended use?

Answer 88

Behavior

Question 89

What is a unique hash?

Answer 89

Signature

Question 90

What scans emails inspecting for viruses?

Answer 90

Auto Protect

Question 91

What are 3 things about encryption?

Answer 91

Sensitivity
Classification of network
Need to know between the user and the data

Question 92

Threats to webservers?

Answer 92

AV is out of date
cross site scripting
Instant messaging
Lack of back up logs

Question 93

What is sensitive non approved

Answer 93

Private webserver

Question 94

What has no need to know

Answer 94

Public webserver

Question 95

2 defaults

Answer 95

Disable services

Limit # of simultaneous requests from / to web server

Question 96

Directory + file access controls?

Answer 96

Files directories

Question 97

Certificates- approved must use

Answer 97

Private

Question 98

Crl-

Answer 98

Crl checking using ocsp and crls

Question 99

Auditing

Answer 99

Use attempted use, potential problems, tool

Auditing unusual conditions

Question 100

Before web authors upload scan for viruses

Answer 100

Mobile code

Question 101

Dmz

Answer 101

Specific is isolated

Question 102

What are 4 ways to mitigate threats to web servers?

Answer 102

Permisive router filtering
Intrustion detection
Firewall protection
Connections to internal hosts and support services