Topic 3: Threats to system security Flashcards
A virus that can disguise itself by using certain tactics to prevent being detected by antivirus software is known as what?
worm
trojan
polymorphic
stealth
stealth
When should you apply patches to an operating system?
only if you have as security breach
patches? What patches?
when the fixes in the patch apply directly to your system
configuration when they are first released, as quick as you can
when the fixes in the patch apply directly to your system configuration
Why is it important to get the right balance between security and usefulness?
to ensure systems are secure as possible while enabling users to do their job
to ensure all systems are secure completely
it isn’t a necessity as other security mechanisms will protect systems
to ensure users can do whatever they want
to ensure systems are secure as possible while enabling users to do their job
Why is it important to understand how your system works?
in case you need to help someone
because it is your job
to be able to use it better
this provides you with the foundation knowledge on how to protect your system
this provides you with the foundation knowledge on how to protect your system
What is the best protection against viruses and spyware?
personal firewall
IDS
complete AV solution
encryption
complete AV solution
What key combination should be used to close a pop-up window?
A. Windows+R
B. Ctrl+Shift+Esc
C. Ctrl+Alt+Del
D. Alt+F4
D. Alt+F4 is the key combination that is used to close an active window. Sometimes it is okay to click the X, but malware creators are getting smarter all the time; the X could be a ruse.
Which protocol can be used to secure the e-mail login from an Outlook client using POP3 and SMTP?
A. SMTP
B. SPA
C. SAP
D. Exchange
B. SPA (Secure Password Authentication) is a Microsoft protocol used to authenticate e-mail clients. S/MIME and PGP can be used to secure the actual e-mail transmissions.
What are two ways to secure a Microsoft-based web browser? (Select the two best answers.)
A. Set the Internet zone’s security level to High.
B. Disable the pop-up blocker.
C. Disable ActiveX controls.
D. Add malicious sites to the Trusted Sites zone.
A and C. By increasing the Internet zone security level to High, you employ the maximum safeguards for that zone. ActiveX controls can be used for malicious purposes; disabling them makes it so that they do not show up in the browser. Disabling a pop-up blocker and adding malicious sites to the Trusted Sites zone would make a Microsoft-based web browser (such as Internet Explorer) less secure.
Heaps and stacks can be affected by which of the following attacks?
A. Buffer overflows
B. Rootkits
C. SQL injection
D. Cross-site scripting
A. Heaps and stacks are data structures that can be affected by buffer overflows. Value types are stored in a stack, whereas reference types are stored in a heap. An ethical coder will try to keep these running efficiently. An unethical coder will attempt to use a buffer overflow to affect heaps and stacks, which in turn could affect the application in question or the operating system. The buffer overflow might be initiated by certain inputs and can be prevented by bounds checking.
As part of your user awareness training, you recommend that users remove which of the following when they finish accessing the Internet?
A. Instant messaging
B. Cookies
C. Group policies
D. Temporary files
B. The best answer is cookies, which can be used for authentication and session tracking and can be read as plain text. They can be used by spyware and can track people without their permission. It is also wise to delete temporary Internet files as opposed to temporary files.
Which statement best applies to the term Java applet?
A. It decreases the usability of web-enabled systems.
B. It is a programming language.
C. A web browser must have the capability to run Java applets.
D. It uses digital signatures for authentication.
C. To run Java applets, a web browser must have that option enabled. Java increases the usability of web-enabled systems, and Java is a programming language. It does not use digital signatures for authentication.
Which of the following concepts can ease administration but can be the victim of a malicious attack?
A. Zombies
B. Backdoors
C. Buffer overflow
D. Group Policy
B. Backdoors were originally created to ease administration. However, attackers quickly found that they could use these backdoors for a malicious attack.
In an attempt to collect information about a user’s activities, which of the following will be used by spyware?
A. Tracking cookie
B. Session cookie
C. Shopping cart
D. Persistent cookie
A. A tracking cookie will be used, or misused, by spyware in an attempt to access a user’s activities. Tracking cookies are also known as browser cookies or HTTP cookies, or simply cookies. Shopping carts take advantage of cookies to keep the shopping cart reliable.
What is it known as when a web script runs in its own environment and does not interfere with other processes?
A. Quarantine
B. Honeynet
C. Sandbox
D. VPN
C. When a web script runs in its own environment for the express purpose of not interfering with other processes, it is known as running in a sandbox. Often, the sandbox will be used to create sample scripts before they are actually implemented. Quarantining is a method used to isolate viruses. A honey-net is a collection of servers used to attract attackers and isolate them in an area where they can do no damage. VPN is short for virtual private network, which enables the connection of two hosts from remote networks.
How can you train a user to easily determine whether a web page has a valid security certificate? (Select the best answer.)
A. Have the user contact the webmaster
B. Have the user check for HTTPS://
C. Have the user click the padlock in the browser and verify the certificate
D. Have the user call the ISP
C. In general, the user should click the padlock in the browser; this will show the certificate information. Often, the address bar will have different colors as the background; for example, green usually means that the certificate is valid, whereas red or pink indicates a problem. Or, you might have to click the name of the website listed in the address bar just before where it says HTTPS to find out the validity of the certificate. Contacting the webmaster and calling the ISP are time-consuming, not easily done, and not something that an end user should do. Although HTTPS:// can tell a person that the browser is now using Hypertext Transfer Protocol Secure, it does not necessarily determine whether the certificate is valid.