Security Applications and Devices

Question 1

Personal Firewalls

Answer 1

§ Software application that protects a single computer from unwanted Internet traffic
§ Host-based firewalls
§ Windows Firewall (Windows)
§ PF and IPFW (OS X)
§ iptables (Linux)

Question 2

IDS

Answer 2

Intrusion Detection System
Device or software application that monitors a system or network and analyzes the data passing through it in order to identify an incident or attack

Question 3

HIDS

Answer 3

Host-based IDS

Question 4

NIDS

Answer 4

Network-based IDS

Question 5

Intrusion Detection Methods

Answer 5

Signature-based
Policy-based
Anomaly-based

Question 6

Loss Prevention (DLP)

Answer 6

Monitors the data of a system while in use, in transit, or at rest to detect attempts to steal the data

Question 7

Endpoint DLP System

Answer 7

Software-based client that monitors the data in use on a computer and can stop a file transfer or alert an admin of the occurrence

Question 8

Network DLP System

Answer 8

Software or hardware-based solution that is installed on the perimeter of the network to detect data in transit

Question 9

Storage DLP System

Answer 9

Software installed on servers in the datacenter to inspect the data at rest

Question 10

Cloud DLP System

Answer 10

Cloud software as a service that protects data being stored in cloud services

Question 11

Trusted Platform Module (TPM)

Answer 11

Chip residing on the motherboard that contains an encryption key

Question 12

Endpoint analysis

Answer 12

Anti-virus (AV)
Host-based IDS/IPS (HIDS/HIPS)
Endpoint Protection Platform (EPP)
Endpoint Detection and Response (EDR)
User and Entity Behavior Analytics (UEBA)

Question 13

Bluetooth Attacks

Answer 13

Bluejacking

Bluesnarfing

Question 14

Bluejacking

Answer 14

Sending of unsolicited messages to Bluetooth-enabled devices

Question 15

Bluesnarfing

Answer 15

Unauthorized access of information from a wireless device over a Bluetooth connection