Security Flashcards
What is a code that runs on a computer without the users knowledge; it infects the computer when the code is accessed and executed?
Virus
What is similar to viruses except that it self replicates whereas a virus does not?
Worm
What appears to perform a desired functions but are actually performing malicious functions behind the scenes?
Trojan horse
What malicious software either downloaded unwittingly from a website or installed along with some other third-party software?
Spyware
What software designed to gain administrator local control over a computer system without being detected?
Rootkit
What is the abuse of electronic messaging system such as email, broadcast media, and instant messaging?
Spam
Some ways to prevent and troubleshoot viruses are:
Antivirus software. Update the antivirus software. Make sure the computer has the latest service packs and updates. Run Windows Update. Make sure a firewall is enabled and up to date.
You should also disable Autorun for CD, DVD, and Blu-ray.
To disable AutoRun in Windows 7:
Click Start and type gpedit.msc
Go to Computer Configuration > Administrative Templates > Windows Components > Autoplay Policies
Double click the Turn Off Autoplay setting. Click Enabled radio button and click OK.
Some symptoms of viruses are:
Computer runs slower than usual. Computer locks up frequently. Computer restarts on its own or crashes frequently. Strange sounds occur. Antivirus programs won't run.
If a system is infected with a virus:
Disconnect the network cable from the computer. Make sure you back up critical data. Run a thorough scan with the antivirus program.
Preventing and troubleshooting Spyware:
Download and install anti-spyware protection software.
Adjust Internet Explorer security settings.
Turn on the Phishing filter in IE.
Uninstall unnecessary application’s.
Educate users on how to surf the web safely.
Consider technologies that discourage spyware.
Some symptoms of spyware are:
The web browser’s default homepage has been modified.
A particular website comes up every time you perform search.
Excessive pop up windows appear.
The network adapter’s activity LED blinks frequently even when the computer is not transmitting data.
To repair Spyware:
First disconnect the system from the Internet.
Then try uninstalling the program from Control Panel > Programs and Features in Windows 7/Vista, and Add/Remove Programs in XP.
Then reboot the computer.
You can use HijackThis program.
Preventing and troubleshooting rootkits:
The best way to identify root kit is to use removable media to boot the computer. Reinstall all software.
Preventing and troubleshooting spam:
Use a strong password.
Use a spam filter.
Use whitelists and blacklists.
Train your users.
What is access to an organization’s premises, computer resources and date out without consent of the owner?
Unauthorized access
Unauthorized access can be prevented through the use of authentication.
Something that the user knows, for example, a password or PIN.
Something that user has, for example a smart card or other security token.
Something that user is, for example the biometric reading of a fingerprint or retina scan.
Something that user does, for example a signature or speaking words.
You should always lock rooms and closets and you can even lock PCs and laptops.
Configure the BIOS to lock whether someone opened the case of the computer.
This is logged as chassis intrusion.
What is software designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent?
Malware
The most common electronic entry system is the card key system.
Other electronic systems will use key towards incorporate a photo ID, or magnetic stripe, barcode, or a radio frequency identification chip (RFID).
Some organizations will design what is known as a mantrap, an area with two locking doors.
What is the science of recognizing humans based on one or more physical characteristics?
Biometrics
An example of biometric hardware is the Microsoft Fingerprint Scanner.
Protecting data physically:
Password should not be written down and not left on the desk or taped to a monitor.
Users should lock their computers when they leave their workstation.
What is the act of manipulating users into revealing confidential information or performing other actions detrimental to the user?
Social engineering
What is the attempt at fraudulently obtaining private information?
Phishing
An example of phishing would be an email that requests verification of private information.
What is when a person uses direct observation to find out a target’s password, PIN, or other such authentication information?
Shoulder surfing
What is when an unauthorized person tags along with an authorized person to gain entry to a restricted area usually with the person’s consent?
Piggybacking
When a hard drive is removed from my computer it either needs to be recycled or disposed of in a proper manner.
Sanitizing the hard drive is a common way of removing data.
What are three options for data removal?
Clearing: this is the removal of data with a certain amount of assurance that it cannot be reconstructed.
Purging: this is the removal data done in such a way so that I cannot be reconstructed by any known technique. The media is released outside the company.
Destruction: this is when the storage media is physically destroyed through pulverizing, drilling holes through the platters, and so on.
Which of the following malware self replicates?
A. Virus
B. Worm
C. Trojan
D. Rootkit
B. Worm
What type of malware is the abuse of electronic messaging?
A. Virus
B. Spyware
C. Spam
D. Worm
C. Spam
Which is the following are symptoms of viruses? (Select the the best answers.)
A. Computer runs slowly. B. Computer locks up. C. Excessive pop-up windows appear. D. A strange website is displayed when a seedy is done. E. Unusual error messages are displayed.
A, B, and E.
Which of the following is the science of recognizing humans based on physical characteristics?
A. Mantraps
B. Biometrics
C. Tailgating
D. Something a person is
B. Biometrics
A hard drive needs to be disposed of in a way so that no one can access the data. Which method should you use?
A. Phishing
B. Cleaning
C. Shoulder surfing
D. Destruction
D. Destruction
Which of the following is the best mode to use when scanning for viruses?
A. Safe Mode
B. Last Known Good Configuration
C. Command Prompt only
D. Boot into Windows normally
A. Safe Mode
Which of the following is one way to prevent spyware?
A. Use firewall exceptions
B. Adjust Internet Explorer settings
C. Adjust the Internet Explorer homepage
D. Remove the spyware from Add/Remove Programs
B. Adjust Internet Explorer settings
One of your customers tells you that a bank employee called and asked for the person’s bank balance and telephone number. What is this an example of?
A. Spam
B. Virus
C. Social Engineering
D. Trojan
C. Social Engineering
There are four types of user accounts:
Administrator
User
Power User
Guest
This account has full control of an operating system.
Administrator
This account is the normal standard account for a person on a network.
User
This account has the ability to do some admin tasks but not full control.
Power User
This account has limited access to the system.
Guest
What is required for a strong password?
At least 8 characters, including 1 uppercase letter, 1 number, and 1 special character.
How do you access Password Policy?
Start > All Programs >Administrative Tools > Local Security Policy > Security Settings > Account Policies > Password Policy
Enforce password history:
When this is defined users cannot use any of the passwords that are remembered in the history. If you see the history to 3, then the last 3 passwords cannot be used again when it is time to change the password.
Maximum and minimum password age:
This defines exactly how long a password can be used.
Minimum password length:
This requires that the password must be at least a specified amount of characters. For a strong password policy, set this to between 8 and 14.
Passwords must meet complexity requirements:
Uppercase characters, lowercase characters, digits between 0 and 9, and special characters.
Rename and password protect the administrator account:
Computer Management > System Tools > Local Users and Groups > Users and locate the Administrator account. Right click and then rename it and give it a password.
To enable the administrator account:
Open command line and type:
net user administrator /active:yes
Verify that the Guest account is disabled:
Local Users and Groups > Users, and right click account, select Properties, and then check the box named Account is Disabled.
Set the account lockout threshold:
Local Security settings window.
Security Settings > Account Policies > Account Lockup Policy
To turn on/off UAC:
Start > Control Panel > User Accounts and Family Safety. Then select User Accounts, and click the Change User Account Control settings.
To view files sigh as bootmgr, pagefile.sys, and hiberfil.sys:
Deselect the Hide Protected Operating System Files check box.
Go to Windows Explorer > Tools menu, and click Folder Options. Then select View tab and under Hidden Files and Folders select the Show Hidden Files button.
Administrative shares can be created by simply adding what?
Adding a $ to the end of the share name when enabling the share.
Where are NTFS permissions modified?
In the Security tab of the folder’s Properties window.
What is the process of converting information, with the use of a cipher (algorithm), making it unreadable by other users unless they have the correct key to the information?
Encryption
To encrypt a file in Windows:
Locate the file, right-click and select Properties.
At the bottom of the General tab, click the Advanced button.
Check the box labeled Encrypt Contents to Secure Data.
Click OK for both windows.
The requirements for BitLocker encryption are:
A Trusted Platform Module: a chip residing on the motherboard that actually stores the encrypted keys.
An external USB key to store the encrypted keys.
A hard drive with two volumes, preferably created during the installation of Windows.
One volume for the operating system and the other is the active volume that remains unencrypted so that the computer can boot.
BitLocker software is based on the Advanced Encryption Standard (AES):
It uses a 128-bit key.
What is meant to protect client computers from malicious attacks and intrusions?
Windows Firewall
Enforce password history:
When this is defined users cannot use any of the passwords that are remembered in the history. If you see the history to 3, then the last 3 passwords cannot be used again when it is time to change the password.
Maximum and minimum password age:
This defines exactly how long a password can be used.
Minimum password length:
This requires that the password must be at least a specified amount of characters. For a strong password policy, set this to between 8 and 14.
Passwords must meet complexity requirements:
Uppercase characters, lowercase characters, digits between 0 and 9, and special characters.
Rename and password protect the administrator account:
Computer Management > System Tools > Local Users and Groups > Users and locate the Administrator account. Right click and then rename it and give it a password.
To enable the administrator account:
Open command line and type:
net user administrator /active:yes
Verify that the Guest account is disabled:
Local Users and Groups > Users, and right click account, select Properties, and then check the box named Account is Disabled.
Set the account lockout threshold:
Local Security settings window.
Security Settings > Account Policies > Account Lockup Policy
To turn on/off UAC:
Start > Control Panel > User Accounts and Family Safety. Then select User Accounts, and click the Change User Account Control settings.
To view files sigh as bootmgr, pagefile.sys, and hiberfil.sys:
Deselect the Hide Protected Operating System Files check box.
Go to Windows Explorer > Tools menu, and click Folder Options. Then select View tab and under Hidden Files and Folders select the Show Hidden Files button.
Administrative shares can be created by simply adding what?
Adding a $ to the end of the share name when enabling the share.
Where are NTFS permissions modified?
In the Security tab of the folder’s Properties window.
What is the process of converting information, with the use of a cipher (algorithm), making it unreadable by other users unless they have the correct key to the information?
Encryption
To encrypt a file in Windows:
Locate the file, right-click and select Properties.
At the bottom of the General tab, click the Advanced button.
Check the box labeled Encrypt Contents to Secure Data.
Click OK for both windows.
The requirements for BitLocker encryption are:
A Trusted Platform Module: a chip residing on the motherboard that actually stores the encrypted keys.
An external USB key to store the encrypted keys.
A hard drive with two volumes, preferably created during the installation of Windows.
One volume for the operating system and the other is the active volume that remains unencrypted so that the computer can boot.
BitLocker software is based on the Advanced Encryption Standard (AES):
It uses a 128-bit key.
What is meant to protect client computers from malicious attacks and intrusions?
Windows Firewall
How do you access Windows Firewall?
Start > Control Panel > Windows Firewall
Which of the following is the strongest password?
A. |ocrian#
B. Marqu1sD3S0d
C. ThisIsV#ryS3cure
D. Thisisverysecure
C.
Which of these is a security component of Windows 7/Vista?
A. UAC
B. UPS
C. Gadgets
D. Control Panel
A. UAC
A customer complains that while away at lunch someone used his computer to send emails to other coworkers without his knowledge. What should you recommend?
A. Enable a screensaver.
B. Unplug the network cable before leaving for lunch.
C. Use the Windows Lock feature.
D. Enable the out of office message in email when leaving for lunch.
C. Use the Windows lock feature.
Which of the following best describes encryption?
A. Prevents unauthorized users from viewing or reading data.
B. Prevents unauthorized users from deleting data.
C. Prevents unauthorized users from posing as the original source sending data.
D. Prevents unauthorized users from decompressing files.
A.
One of the users on your network is trying to access the files shared on a remote computer. The files share for missions allow the user Full Control. But, the NTFS permissions allow the user Read access. What will be the resulting access for the user?
A. Full Control
B. Modify
C. Read
D. Write
C. Read
You are the administrator for your network. You set up an administrative share called Data$. What is necessary for another user to access the share? (Select the two best answers.)
A. The user must be part of a HomeGroup.
B. The user must have permissions to access the share.
C. The user must know the decryption key.
D. The user must know the exact network path to the share.
E. The user must enable File Sharing in the Network and Sharing Center.
B and D.
Always remember to change what first before anything else on a router?
The admin password
Wireless Encryption Methods:
WEP: 64-bit WPA: 128-bit WPA2: 256-bit TKIP: 128-bit CCMP: 128-bit AES: 128, 192, and 256-bit
What filters out which computers can access the wireless network?
MAC Filtering
What was originally intended to make connecting to a wireless access point easier for the average user?
WPS (Wi-Fi Protected Setup)
Which of the following describes an attempt to guess a password by using a combination of letters and numbers?
A. Brute force
B. Social Engineering
C. WPS
D. War driving
A. Brute force
Which of the following will help to secure a SOHO router? (Select the three best answers)
A. Change default passwords B. Enable SSID C. Enable MAC filtering D. Enable WPS E. Enable WPA2
A, C, and E.
Which is the strongest form of wireless encryption?
A. WPA
B. WEP
C. AES
D. TKIP
C. AES
You want to prevent rogue employees from connecting a laptop to the SOHO router and accessing the network. How can you accomplish this? (Select the two best answers)
A. Enable MAC filtering
B. Create a DMZ.
C. Configure a complex SSID.
D. Disable physical ports.
A and D.
Android settings can be backed up and restored by:
Settings > Privacy
How do you update an Android device?
Settings > System Updates > Software Update.
How do you update an iOS device?
Settings > General > Software Update
What is the process of removing the limitations that Apple imposes on its devices that run iOS?
Jailbreaking
What is software that takes care of pushing updates and configuring hundreds of mobile devices from a central location?
Mobile Device Management (MDM) suite
