T4 - Preventing vulnerabilities:

Question 1

Penetration testing

Answer 1

‘Pen’ testing is the practice of deliberately trying to find security holes in your own systems

Question 2

Penetration testing goal

Answer 2

Goal:
identify the targets of potential attacks
identify possible entry points
attempt to break in
report back the findings

Question 3

Anti-malware software detects:

Answer 3

will detect malware such as viruses, worms, trojans, and spyware

Question 4

what happens when viruses are detected by anti-malware software

Answer 4

-When a virus is detected
-it is sent to the anti-virus company
-They verify it is malware
- create a signature (cure) of the virus
-They then add it to their virus database
- tell computers to run an update

Question 5

Encryption:

Answer 5

way of securing data so that it cannot be read without the encryption key
computer drives can be encrypted so that a password is needed to access the information
Cannot be accessed even if removed

Question 6

Firewalls:

Answer 6

Separate a trusted network from an untrusted network
sent around a network in small packets of information
Checked to see where they are coming from and going to

Question 7

Packet filtering is -

Answer 7

When packets that don’t match filtering rules are dropped

Question 8

Encryption - web pages

Answer 8

Your web browser sends its key and form data, encrypting it with the server’s key
The server encrypts the web page you request using your web browser’s key
Files can be encrypted individually on a computer using a password

Question 9

Firewall can…

Answer 9

be built into hardware and detect packets from malicious computers

Question 10

Firewall features:

Answer 10

• Prevents attackers from gaining access to computers on a network
• Can block certain malicious computers by filtering packets
  Malicious or inappropriate websites can be blocked

Question 11

User access levels:

Answer 11

Access rights may be set on disks, folders and even individual files

Question 12

Password policy:

Answer 12

checked as they are created to make sure that the conform to the parameters given in a required policy

Question 13

Firewalls = port blocking

Answer 13

Port blocking - Can prevent access to certain ports on the network.

Question 14

Firewalls cons

Answer 14

Dedicated hardware firewalls are expensive
Software firewalls will slow down a computer

Question 15

Physical security:

Answer 15

where hardware, software and networks are protected by physical methods

Question 16

Physical security eg

Answer 16

security lighting
CCTV
Intruder alarms
Locks on doors or cabinets
Fences, walls, barbed wire
Security guards
ID cards and signs

Question 17

Why do new signatures need to made for new viruses

Answer 17

Viruses can morph to avoid detection. This makes it harder to create a signature