Security - Workstation Security Flashcards

1
Q

When you set up Bitlocker, what two volumes are created?

A

– System (boot) volume - contains all Windows boot files and is 100 MB in size. This volume is not encrypted.
– Standard volume contains everything else. This is what is encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The two options BitLocker can use to encrypt the drive are:?

A

– Encrypt the entire drive at once. This is recommended for drives that are already in use. This process can take a very long time depending on the size of the drive.
– The Encrypt Used Space Only option was introduced with Windows 10. It encrypts only the portion of the drive that is currently in use. As data is written to the drive, it is encrypted. This method speeds up the encryption process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does Bitlocker use to generate and store encryption keys?

A

TPM - Trusted Platform Module

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What version does TPM need to be for BitLocker?

A

Version 1.2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

If a computer doesn’t have a TPM how can BitLocker be enabled?

A

First off, the boot files will not be encrypted. And you need to use a startup USB key or have a system volume password enabled to boot into Windows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the purpose of the recovery key that Windows generates during the enabling of BitLocker?

A

It’s used to recover data in the follow circumstances:

– The hard drive is moved to a new system.
– Changes are made to startup files.
– BitLocker goes into a locked state.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What options does BitLocker give to back up the recovery key?

A

– Personal Microsoft account.
– USB drive.
– File on the local computer.
– Printout of the key out.
– Active Directory if the computer is on a Active Directory network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a Data Recovery Agent (DRA)?

A

A special user account on a Windows Active Directory network that can be used to decrypt any encrypted drive on the network. If the hard drive contains the operating system files, it must be installed into a different machine and configured as a data drive before it can be decrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is BitLocker To Go?

A

A special version of BitLocker that is used to encrypt the data stored on a USB drive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the three main methods of encrypting database data?

A

– Transparent data encryption (TDE)
– Column level encryption
– Application level encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is transparent data encryption in a database and why is called that?

A

– It encrypts the entire database and all back ups.
– It encrypts data at rest (data not currently being used)
– It’s called transparent because data is automatically decrypted with an authorized user accesses it. The user does not see the process or do anything to decrypt the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is column level encryption?

A

– Allows the administrator to encrypt each column separately.
– Each column in encrypted using a different key to increase security.
– It causes a hit to the performance of the DB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is application level encryption?

A

– The program used to create or modify the data is responsible for encrypting the data.
– Data is encrypted before going into the DB
– Resources required to setup this method can be prohibitive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the important considerations regarding password length?

A

– Use a minimum of 8 characters
– Increasing the number of characters exponentially increases the time it takes to brute force a password.
– A complex password consisting of 8 characters takes anywhere from a few hours to 6 months to crack.
– A complex password consisting of 12 characters takes approximately 34 thousand years to crack.
– Use a passphrase instead of a password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are important considerations regarding password composition?

A

– Use uppercase, lowercase, numbers, and special characters.
– Don’t set requirements on the number or types of characters to use. This information can be used by a hacker for a brute force attack on the password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are important considerations regarding password reset interval?

A

– Research has shown that this reduces the effectiveness of a password because users will typically keep the same password and just add a number or symbol at the end of the password.
– A better policy is to require stronger passwords and not force users to reset at specific intervals.

17
Q

What are important considerations regarding common passwords?

A

– Don’t allow them. Use resources to check if a password is common.
– Hackers use password lists to crack common passwords.

18
Q

What are important considerations regarding personal information?

A

– Passwords should not include important dates, people, or pet names. Social engineering can be used to gather this info.
– Hackers can also use this info to guess the answers to password reset questions and allow a hacker to reset a password.

19
Q

What does authentication require a user to show?

A

Any one of the following:

  1. Something you are (biometrics)
  2. Something you know (user name and password, security questions).
  3. Something you have (smart card)
20
Q

What is multi-factor authentication?

A

Multi-factor authentication requires users to fulfill any two of the authentication requirements. For example, a user can enter a username and password (something you know) and then a one-time code that is sent to user’s mobile phone (something you have).

21
Q

Why should a BIOS/UEFI password be set?

A

The BIOS/UEFI allows system settings to be changed. Always set a password to prevent unauthorized access to these settings.

22
Q

What workstation safety things should users implement?

A

– Lock the computer (Windows key + L)
– Use a screensaver lock
– Log off when done for the day, or gone for an extended period of time.

23
Q

What considerations surrounding Personally Identifiable Information (PII) safety should be implemented?

A

– Do not write down PII and keep it at your workstation.
– Use a password management program to remember complex passwords.
– Use a polarized privacy filter on the computer screen.

24
Q

What hardware safety considerations should users implement?

A

– Lock phones and laptops when not in use.
– Use cable locks to secure a laptop to a table leg