Security Technologies

Question 1

Directory permissions: Read

Answer 1

Effect on folder: User can view the contents of a folder and any subfolders.

Effect on file: User can view the contents of the file.

Question 2

Directory permissions: Write

Answer 2

Effect on folder: Read permission, plus the user can add files and create new subfolders.

Effect on file: Read permission, plus the user can make changes (write) to the file.

Question 3

Directory permissions: Read & Execute

Answer 3

Effect on folder: Read permission, plus the user can run executable files contained in the folder. This permission is inherited by any subfolders and files.

Effect on file: Read permission, plus the user can run a file if it is executable.

Question 4

Directory permissions: List Folder Contents

Answer 4

Effect on folder: Read permission, plus the user can run executable files contained in the folder. This permission is inherited by subfolders only.

Effect on file: N/A

Question 5

Directory permissions: Modify

Answer 5

Effect on folder: Read and Write permissions, plus the user can delete the folder.

Effect on file: Read and Write permissions, plus the user can delete the file.

Question 6

Directory permissions: Full Control

Answer 6

Effect on folder: Read, Write, and Modify permissions and the user can delete all files and subfolders.

Effect on file: Read, write, modify, and delete the file.

Question 7

Security Enhanced Linux (SELinux)

Answer 7

A component included with many Linux distributions that allows more options for setting file and folder permissions.

Question 8

Inherited permissions

Answer 8

The permissions assigned to a parent object that flows down and apply to a child object.

Question 9

Credential Manager

Answer 9

A Control Panel utility which allows individual users to access their stored user names, passwords, and certificates.

Question 10

Folder redirection

Answer 10

A flexible approach which allows an administrator to decide which folders are stored only on the network and which are copied locally.

Question 11

Email filtering

Answer 11

A software-based tool that can sort or block emails from being delivered to a user’s inbox based on the configured criteria.

Question 12

Port security

Answer 12

A switch feature that tracks device MAC addresses connected to each port on a switch, and allows or blocks traffic based on source MAC addresses.

Question 13

Proxy server

Answer 13

A server which intercepts and mediates communications between internal and external hosts on the network.

Question 14

File attributes: R

Answer 14

Read-Only - Allows a user or the operating system to read a file, but not write to it.

Question 15

File attributes: A

Answer 15

Archive - Specifies the file should be backed up.

Question 16

File attributes: S

Answer 16

System - Indicates the file is a system file and shouldn’t be altered or deleted. By default, system files are hidden.

Question 17

File attributes: H

Answer 17

Hidden - Suppresses the display of the file in directory lists, unless you issue the command to list hidden files.

Question 18

File attributes: D

Answer 18

Directory - Indicates a folder or sub-folder, differentiating them from files.

Question 19

File attributes: I

Answer 19

Not content-indexed - Windows has a search function that indexes all files and directories on a drive to achieve faster search results.

Question 20

File attributes: C

Answer 20

Compressed - On an NTFS file system volume, each file and directory has a compression attribute. Other file systems may also implement a compression attribute for individual files and directories.

Question 21

File attributes: E

Answer 21

Encrypted - On an NTFS file system volume, each file and directory has an encryption attribute as part of the Encrypting File System (EFS).

Question 22

Linux permissions: Read (r)

Answer 22

User can view the contents of a file.

Question 23

Linux permissions: Write (w)

Answer 23

User can write to (modify) the contents of a file or directory.

Question 24

Linux permissions: Execute (x)

Answer 24

User can run an executable file and view the contents of a directory.

Question 25

Windows security features: Windows registry

Answer 25

A database containing low level settings for all aspects of the Windows operating system as well as for some installed applications. Individual entries or keys in the database can be restricted by ACLs, just like Windows services and NTFS files.

Question 26

Windows security features: Local Users and Groups

Answer 26

A MMC snap-in (also available in Computer Management) which allows you to centrally manage users and groups on the computer. You can use it to create, rename, or delete users and groups; add users to groups; and set other user settings such as password policies, logon scripts, and folder locations.

Question 27

Windows security features: Local Security Policy

Answer 27

A utility which allows you to configure a wide range of security settings for the local computer, including those related to account management, default user rights, network functions, and so on. It works primarily by changing registry settings, but provides a much safer and more focused interface than REGEDIT.

Question 28

Windows security features: Local Group Policy Editor

Answer 28

A utility which allows you to edit group policies for the entire computer. Local group policies include the same settings as the local security policy, but also many other Windows settings. Critically, they can apply to specific users or groups, rather than all users on the computer. Group policies don’t actually edit the registry directly. Instead, when a group policy is loaded its settings override the corresponding registry keys.

Question 29

Windows security features: Security Account Manager

Answer 29

A database which stores user passwords and performs authentication of local users. Users don’t directly interact with the SAM. It just stores passwords in a hashed format that can’t easily be extracted.

Question 30

Windows security features: Credential Manager

Answer 30

A Control Panel utility which allows individual users to access their stored user names, passwords, and certificates. These may be from websites, or from other network services. Unlike SAM, you can view your passwords and other credentials in Credential Manager, but Windows still protects them from view by any other user.

Question 31

Windows security features: User Account Control

Answer 31

Notifies you when an action will change Windows settings and gives you an option to stop. This applies even when you are logged on as an administrator. By default, UAC only notifies you when an application wants to change Windows settings on your behalf, but you can configure it to also notify you when your actions will change system settings.

Question 32

Windows security features: Windows Resource Protection

Answer 32

A feature that runs in the background to protect critical system files, folders, and registry keys from unplanned alterations. WRP uses a combination of ACLs for each resource, and backed up copies of files and settings to restore from in case one is altered. Even the Administrator can’t directly alter resources protected by WRP; instead, changes must go through the Windows Module Installer service.

Question 33

Active Directory security features: Active Directory Lightweight Directory Services (AD LDS)

Answer 33

provides directory services independent of the Windows domain model. You might find it used it networks which need authentication for distributed applications, or when it’s useful to install a directory on a computer that isn’t a domain controller.

Question 34

Active Directory security features: Active Directory Federation Services (ADFS)

Answer 34

a single sign-on system that uses the common internet standard SAML instead of LDAP. Unlike LDAP it is intended for use over the internet, and for integrating services with other organizations. You’re likely to find it used to integrate web applications with Active Directory, especially those which aren’t directly compatible with Windows authentication systems.

Question 35

Active Directory security features: Active Directory Certificate Services (AD CS)

Answer 35

allows the Active Directory network to maintain a public key infrastructure. It creates, validates, and revokes digital certificates wherever they might be needed on the network - to identify users or computers, encrypt files or email, or establish secure VPN connections.

Question 36

Active Directory security features: Active Directory Rights Management Services (AD RMS)

Answer 36

an information rights management service that can encrypt and limit access to specific types of information on the domain, such as emails, Word documents, webpages, and so on. It can be used to centrally secure access to sensitive information wherever it is stored on the domain

Question 37

What is a single sign-on system that uses the common Internet standard SAML instead of LDAP?

Answer 37

ADFS

Question 38

Active Directory Certificate Services (AD CS) allows the Active Directory network to maintain a public key infrastructure. True or False?

Answer 38

True

Question 39

Firewalls: A hardware firewall

Answer 39

A specialized network device that sits between your internal computer network and the Internet. It’s much like a router with security features, and in fact firewalls are commonly built into routers. Hardware firewalls are a great solution for organizations need a single firewall system that protects multiple computers. The downside to them is that they can be expensive, complicated, and difficult to upgrade. They also can’t protect against some attacks, like malicious traffic within the LAN.

Question 40

Firewalls: A software firewall

Answer 40

A traffic control software that you install on an individual device. The benefit of a software firewall is that it is portable and local - it will protect the host on any network, whether attacks come from the internet or the same LAN. Software firewalls are built into most operating systems and available from third parties. Both are easy to update and configure from within the host.

Question 41

Ports: 80

Answer 41

World Wide Web (using the Hyper-Text Transfer Protocol, or HTTP)

Question 42

Ports: 25

Answer 42

E-mail (using the Simple Mail Transfer Protocol, or SMTP)

Question 43

Ports: 20 for data transfer, 21 for control

Answer 43

File transfer (using the File Transfer Protocol, or FTP)

Question 44

Ports: 53

Answer 44

Hostname/IP address translation (using the Domain Name Service, or DNS)

Question 45

Ports: 23 for Telnet, 22 for Secure Shell

Answer 45

Remote terminal access (such as Telnet and Secure Shell)

Question 46

Switch security features: Port security

Answer 46

A switch feature that tracks device MAC addresses connected to each port on a switch, and allows or blocks traffic based on source MAC addresses. This can be used to restrict devices which connect to the network, or to detect and block some attacks using spoofed MAC addresses. It can also prevent multiple MAC addresses from connecting to a single physical port, such as if a user attached an unauthorized hub or switch to a network drop.

Question 47

Switch security features: MAC filtering

Answer 47

On Ethernet networks this is another term for port security, but it’s more commonly used for a similar feature on WAPs. It’s still useful, but much easier to circumvent because a WAP transceiver only has one “port” and it’s easier for an attacker to watch for legitimate MAC addresses to imitate.

Question 48

components to a VPN: A VPN Gateway

Answer 48

A networking device, such as a router, server, firewall, or similar device with internetworking and data transmission capabilities that sits at the external edge of a secure internal network and requires an external device to identify and authenticate itself before the gateway creates a connection allowing access to internal network resources.

Question 49

components to a VPN: Secure transport protocols

Answer 49

Communications protocols that provide secure data transmission over an unsecured network. Data is commonly secured using an encryption protocol such as IPsec or a tunneling protocol such as SSL/TLS.

Question 50

RADIUS

Answer 50

Remote Authentication Dial-In User Service

Question 51

RADIUS parts: Users

Answer 51

Endpoints that connect to the system. For a remote access VPN or WAP, users are individual workstations and mobile devices.

Question 52

RADIUS parts: RADIUS Server

Answer 52

A server on the internal LAN which provides AAA functions.

Question 53

RADIUS parts: NAS

Answer 53

The network access server relays all communication between users and the RADIUS server. It’s the device users directly connect to, like a dial-in server, VPN endpoint, or WAP.

Question 54

Other Protocols: TACACS+

Answer 54

Terminal Access Controller Access Control System is a proprietary Cisco protocol with some performance and security benefits over RADIUS. Drawbacks include more complex configuration, and incompatibility with some network configurations.

Question 55

Other Protocols: Diameter

Answer 55

An open standard with similar improvements to TACACS+, named for being supposedly twice as good as RADIUS. While it has a broad feature set, it’s also harder to configure and maintain. This means it’s more often used on large carrier networks than in typical enterprise situations.

Question 56

Security appliances: WAF

Answer 56

Web application firewalls are specialized firewalls that can evaluate rules based on higher level protocols used by web servers. They have some overlap with IDS in that they are designed to recognize web attacks. A WAF can be placed protecting a single web server or a subnet with multiple web servers.

Question 57

Security appliances: Network antimalware

Answer 57

Describes a variety of roles ranging from appliances that monitor network traffic for virus-related activity, to appliances that centrally monitor and update antivirus suites on all network hosts. If your organization uses network antimalware, make sure that hosts are configured to take advantage of it.

Question 58

Security appliances: Spam filter

Answer 58

Performs ingoing and outgoing email filtering for an entire organization, usually by connection to a specific email server. Misconfigured spam filters can block important emails or allow excessive spam through.

Question 59

Security appliances: Content filter

Answer 59

Filters designed to prevent access to certain types of content. Spam filters are one kind of content filter; others block user access to content judged inappropriate for workplace use - adult websites, digital piracy tools, or social media. Poorly configured content filters can block access to legitimate sites.

Question 60

Security appliances: Proxy server

Answer 60

Intercepts and mediates communications between internal and external hosts on the network. Often a proxy server also performs network address translation.

Question 61

What describes a network scenario where a secure connection to your internal network is made over an insecure external network?

Answer 61

Virtual private network (VPN)

Question 62

What enables a server to provide standardized and centralized authentication for remote users?

Answer 62

RADIUS

Question 63

What refers to a single security solution that provides multiple security functions at a single point on the network?

Answer 63

UTM

Question 64

You want to replace the network firewall, IDS, and content filter with a single device which will provide comprehensive network security protection. What sort of product should you look for?

Answer 64

UTM

Question 65

IDS

Answer 65

Intrusion detection systems

Question 66

IPS

Answer 66

intrusion prevention systems

Question 67

Firewall controls incoming and outgoing traffic. True or False?

Answer 67

True

Question 68

Firewall hardware firewall is a traffic control program that is installed on an individual device. True or False?

Answer 68

False

Question 69

Firewall software firewall is a specialized network device that sits between the internal computer network and the Internet. True or False?

Answer 69

False

Question 70

Firewalls prevents unauthorized access to or from the network. True or False?

Answer 70

True

Question 71

Firewalls are part of the digital security protection program. True or False?

Answer 71

True

Question 72

Easier for an attacker to watch for legitimate MAC addresses to imitate - Port security or MAC filtering?

Answer 72

MAC filtering

Question 73

Prevents multiple MAC addresses from connecting to a single physical port - Port security or MAC filtering?

Answer 73

Port security

Question 74

Tracks device MAC addresses connected to each port on a switch and allows or blocks traffic based on source MAC addresses - Port security or MAC filtering?

Answer 74

Port security

Question 75

Used to restrict devices which connect to the network or to detect and block some attacks using spoofed MAC addresses - Port security or MAC filtering?

Answer 75

Port security

Question 76

Used for WAPs and much easier to circumvent because a WAP transceiver only has one port - Port security or MAC filtering?

Answer 76

MAC filtering

Question 77

Proxy Server

Answer 77

Intercepts and mediates communications between internal and external hosts on the network.

Question 78

Network Antimalware

Answer 78

Describes roles ranging from appliances that monitor traffic for virus-related activity to appliances that monitor and update antivirus suites on all hosts

Question 79

Content Filter

Answer 79

Filters designed to prevent access to certain types of subject matter.

Question 80

WAF ( web application firewall )

Answer 80

Specialized firewalls that can evaluate rules based on higher level protocols used by web servers

Question 81

Spam Filter

Answer 81

Performs ingoing and outgoing email filtering for an entire organisation, usually by connection to a specific email server.

Question 82

Which security appliance intercepts and mediates communications between internal and external hosts on a network?

Answer 82

Proxy server

Question 83

Which Windows security feature notifies you when an action will change Windows settings and gives you an option to stop?

Answer 83

User Account Control

Question 84

Which Windows security feature runs in the background to protect critical system files, folders, and registry keys from unplanned alterations?

Answer 84

Windows Resource Protection

Question 85

What is the function of a web application firewall (WAF)?

Answer 85

It evaluates rules based on higher level protocols used by web servers.

Question 86

What is the purpose of the Archive (A) file attribute?

Answer 86

Specify that the file should be backed up.

Question 87

What command allows you to copy objects while preserving their existing permissions?

Answer 87

xcopy

Question 88

Which of the following is used to restrict devices which connect to the network or to detect and block some attacks using spoofed MAC addresses?

Answer 88

Port security

Question 89

Which file attribute suppresses the display of the file in directory lists?

Answer 89

Hidden

Question 90

Which of the following is used to monitor and analyze network traffic to protect a system from network-based threats?

Answer 90

NIDS

Question 91

The VPN protocols are managed either by software running on a host or router, or on a specialized hardware appliance known as ________.

Answer 91

VPN concentrator

Question 92

Which of the following is used to monitor network traffic to look for signs of intrusion or other unwanted activities?

Answer 92

IDS