Securing Computers

Question 1

Occurs when a person accesses resources without permission

Answer 1

Unauthorized Access

Question 2

One way to gain unauthorized access

Answer 2

Intrusion

Question 3

Generic term for searching refuse for information. A form of intrusion

Answer 3

Dumpster Diving

Question 4

Technique for gaining unauthorized access. Observing someone’s screen or keyboard to get information, often passwords

Answer 4

Shoulder Surfing

Question 5

The process of using or manipulating people inside the organization to gain access to its network or facilities

Answer 5

Social Engineering

Question 6

Following someone through the door as if you belong. Form of infiltration

Answer 6

Tailgating

Question 7

A small room with a set of two doors, one to the outside, unsecured area and one to the inner, secure area. When walking through one, the outer door must be closed before the inner door can be opened

Answer 7

Mantrap

Question 8

The act of trying to get people to give their usernames, passwords, or other security information by pretending to be someone else electronically

Answer 8

Phishing

Question 9

Term used for targeted attacks, like when a bad guy goes after a specific celebrity

Answer 9

Spear Phishing

Question 10

Uses various methods to overwhelm a system, such as a Web server, to make it essentially nonfunctional

Answer 10

Denial of Service (DoS)

Question 11

Uses many machines simultaneously to assault a system

Answer 11

Distributed DoS (DDoS) attack

Question 12

Composed of interlinked areas that a good security-minded tech should think about: physical security, authentication, users and groups, and security policies

Answer 12

Access Control

Question 13

Can keep someone from quickly walking off with the hardware

Answer 13

Cable Locks

Question 14

Make it harder to plug in a USB drive to load malware for stealing data

Answer 14

USB Locks

Question 15

Limit access to a server’s port and drives. There are also locking rack doors to limit access to the front or back of an entire server rack

Answer 15

Server Locks

Question 16

Block specific computers, adding their MAC addresses to the ranks of the undesired

Answer 16

Blacklist

Question 17

Pre-specify the only MAC addresses allowed access. Not bulletproof since a savvy attacker can spoof an address (they’ll have a much easier time sniffing a valid Wi-Fi MAC address than a wired one, though) from another device accessing the network

Answer 17

Whitelist

Question 18

How the computer determines who can or should access it and, once accessed, what that user can do

Answer 18

Authentication

Question 19

Credit card-sized cards with circuitry that can identify the bearer of the card. Relatively common for tasks such as authenticating users for mass transit systems but are fairly uncommon in computers

Answer 19

Smart Card

Question 20

Devices that store some unique information that the user carries on their person. May be digital certificates, passwords, or biometric data. May also store an RSA token. Most hardware tokens come in the form of key fobs

Answer 20

Security Token

Question 21

Random-number generators that are used with user names and passwords to ensure extra security

Answer 21

RSA Token

Question 22

Devices that require some sort of physical, flesh-and-blood authentication

Answer 22

Biometric Devices/Locks

Question 23

Type of biometric lock where you place your eye up to a scanning device

Answer 23

Retinal Scanner

Question 24

Permissions for activities, as opposed to true permissions, which control access to resources

Answer 24

Policies

Question 25

Organizing data according to its sensitivity. Common scheme classifies documents as public, internal use only, highly confidential, top secret, and so on

Answer 25

Data Classification

Question 26

Members of an organization or company must abide by or comply with all of the rules that apply to the organization or company

Answer 26

Compliance

Question 27

Any data that can lead back to a specific individual. Kind of regulated data

Answer 27

Personally Identifiable Information (PII)

Question 28

Basically any PII that involves a person’s health status, medical records, and healthcare services they have received. Kind of regulated data

Answer 28

Protected Health Information (PHI)

Question 29

A rigorous set of rules for systems that accept, transmit, process, or store credit/debit card payments

Answer 29

Payment Card Industry (PCI)

Question 30

Fairly new law that defines a broad set of rights and protections for the personal information of citizens living in countries in the European Union

Answer 30

General Data Protection Regulation (GDPR)

Question 31

Various forms of this enforce how you use commercial software. Many programs require activation over the Internet or a special account with the copyright holder

Answer 31

Digital Rights Management (DRM)

Question 32

Allow you to take original code and modify it

Answer 32

Open Source Software Licenses

Question 33

Stipulate that you can’t modify the source code or make it part of some other software suite

Answer 33

Closed Source Software Licenses

Question 34

In the security sense means to tell Windows to create an entry in the Security Log when certain events happen, such as when a user logs on or tries to access a certain file or folder

Answer 34

Auditing

Question 35

Defines what actions employees may or may not perform on company equipment

Answer 35

Acceptable Use Policy (AUP)

Question 36

Defines any program or code that’s designed to do something on a system or network that you don’t want done. Comes in a variety of guises: viruses, worms, randomware, spyware, Trojan Horses, keyloggers, and rootkits

Answer 36

Malware

Question 37

A program that has two jobs: to replicate and to activate. Needs human action to spread

Answer 37

Virus

Question 38

Functions similarly to a virus, except it does not need to attach itself to other programs to replicate. Can replicate on its own through networks, or even hardware like Thunderbolt accessories

Answer 38

Worm

Question 39

A piece of malware that appears or pretends to do one thing while, at the same time, it does something evil. May be a game or a fake security program. Doesn’t replicate.

Answer 39

Trojan Horse

Question 40

Malware that records the user’s keystrokes and makes that information available to the programmer. A lot of parental control tools use these

Answer 40

Keylogger

Question 41

A program that takes advantage of very low-level OS functions to hide itself from all but the most aggressive of anti-malware tools. Gains privileged access to the computer. Can strike OSes, hypervisors, and even firmware

Answer 41

Rootkit

Question 42

Malicious software, generally installed without your knowledge, that can use your computer’s resources to run distributed computing apps, capture keystrokes to steal passwords, or worse. Classic ones often sneak onto systems by being bundled with legitimate software

Answer 42

Spyware

Question 43

Malicious software that encrypts all the data it can gain access to on a system

Answer 43

Ransomware

Question 44

A network in infected computers (zombies) under the control of a single person or group, with sizes easily growing into the millions of zombies for the largest networks. One of the most common uses: sending spam

Answer 44

Botnet

Question 45

The route the malware takes to get into and infect the system

Answer 45

Attack Vector

Question 46

An attack on a vulnerability that wasn’t already known to the software developers

Answer 46

Zero-Day Attack

Question 47

The process of pretending to be someone or something you are not by placing false information into your packets

Answer 47

Spoofing

Question 48

An attacker taps into communications between two systems, covertly intercepting traffic thought to be only between those systems, reading or in some cases even changing the data and then sending the data on

Answer 48

Man-in-the-middle (MITM) Attack

Question 49

Tries to intercept a valid computer session to get authentication information. Only tries to grab authentication information

Answer 49

Session Hijacking

Question 50

A special value, saved by the authentication system, computed from the password; each time the user logs in, the system re-computes this special value and compares it with the saved copy. Computation that creates them is irreversible; the only way to figure out what password produced a given one is to guess a password, perform the same computation, and see if they match

Answer 50

Hash

Question 51

Use complicated math to co dense dictionary tables with hashed entries dramatically. Binary files, not text files, and can store amazing amounts of information in a relatively small size

Answer 51

Rainbow Tables

Question 52

Unwanted, unknown, or unplanned file downloads like from a pop-up

Answer 52

Drive-By Downloads

Question 53

Protects your PC in two ways: working in an active seek-and-destroy mode and in a passive sentry mode

Answer 53

Anti-Malware Program

Question 54

The program scans the computer’s boot sector and files for viruses and, if it finds any, present you with the available options for removing or disabling them

Answer 54

Seek-and-Destroy Mode

Question 55

Passively monitors a computer’s activity, checking for viruses only when certain events occur, such as a program execution or file download

Answer 55

Virus Shield

Question 56

The code pattern of a known virus

Answer 56

Signature

Question 57

Attempts to change its signature to prevent detection by antivirus programs, usually by continually scrambling a bit of useless code. Fortunately, the scrambling code itself can be identified and used as the signature - once the antivirus makers become aware of the virus

Answer 57

Polymorphic Virus/Polymorph

Question 58

Number generated by the software based on the contents of the file rather than the name, date, or size of that files. Every time a program is run, the antivirus program calculates a new one and compares it with the earlier calculation. If they are different, it is a sure sign of a virus

Answer 58

checksum

Question 59

Boot sector viruses that use various methods to hide from antivirus software

Answer 59

Stealth Virus programs

Question 60

Describes software or a remote DNS provider that implements some additional filtering to block your devices from visiting all kinds of malicious Web sites

Answer 60

SecureDNS

Question 61

The list of virus signatures your antivirus program can recognize. Must be kept up to date so your antivirus software has the latest signatures

Answer 61

Definition File

Question 62

Core anti-malware programming

Answer 62

Engine

Question 63

Fixing things the virus or other malware harmed. Can mean replacing corrupted Windows Registry files or even startup files

Answer 63

Remediation

Question 64

Devices or software that protect an internal network from unauthorized access to and from the Internet at large. Use a number of methods to protect networks, such as hiding IP addresses and blocking TCP/IP ports

Answer 64

Firewalls

Question 65

Used by hardware firewalls to inspect each incoming packet individually. Also blocks any incoming traffic that isn’t in response to your outgoing traffic

Answer 65

Stateful Packet Inspection (SPI)

Question 66

Enables you to open a port in the firewall and direct incoming traffic on that port to a specific IP address on your LAN

Answer 66

Port Forwarding

Question 67

Enables you to open an incoming connection to one computer automatically based on a specific outgoing connection

Answer 67

Port Triggering

Question 68

The outgoing connection

Answer 68

Trigger Port

Question 69

The incoming connection

Answer 69

Destination Port

Question 70

An Internet application that inspects packets, looking for active intrusions. Functions inside the network, watching for threats that a firewall might miss, such as viruses, illegal logon attempts, and other well-known attacks. Inspects traffic inside the network so it can discover internal threats. Always has some way to let the network administrators know if an attack is taking place: at the very least the attack is logged, but some offer a pop-up message

Answer 70

Intrusion Detection System (IDS)

Question 71

Similar to an IDS but this sits directly in the flow of the network traffic. Can stop an attack while it is happening. The network bandwidth and latency can take a hit. If it goes down, the network link may go down too. Some can block incoming packets on-the-fly based on IP address, port number, or app type

Answer 71

Intrusion Protection System (IPS)

Question 72

Takes the traditional firewall and packages it with many other security services such as IPS, VPN, load balancing, antivirus, and many other features depending on the make and model

Answer 72

Unified Threat Management (UTM)

Question 73

Derived from IP security, is Microsoft’s encryption method of choice for networks consisting of multiple networks linked together by some sort of private connection. Provides transparent encryption between the server and the client

Answer 73

IPsec

Question 74

Signed by a trusted certificate authority (CA) that guarantees that the public key you are about to get is actually from the Web server and not from some evil person trying to pretend to be the Web server

Answer 74

Digital Certificate