Security+ Chapter 2

Card Set Information

Security+ Chapter 2
2013-12-14 16:04:17
Security Chapter
Security+ Chapter 2
Show Answers:

  1. Least Privilege.
    The principle of least privilege is an example of a technical control. It specifies that individuals orprocesses are granted only the rights and permissions needed to perform their assigned tasks or functions, but no more. Leastprivilege is covered in greater depth in the “Understanding Logical Controls” section later in this chapter
  2. Antivirus software.
    Once installed, the antivirus software provides protection against infection.
  3. Intrusion detection systems (IDSs).
    An IDS can monitor a network or host for intrusions and provide ongoing protection against various threats.
  4. Firewalls.
    Firewalls restrict network traffic going in and out of a network.
  5. Risk assessments.
    These help quantify and qualify risks within an organization so that they can focus on the seriousrisks. For example, a quantitative risk assessment uses cost and asset values to quantify risks based monetary values. Aqualitative risk assessment uses judgments to categorize risks based on probability and impact.
  6. Vulnerability assessments.
    A vulnerability assessment attempts to discover current vulnerabilities. Whennecessary, additional controls are implemented to reduce the risk from these vulnerabilities.
  7. Awareness and training.
    The importance of training to reduce risks cannot be overstated. Training helps users maintain password security, follow a clean desk policy, understand threats such as phishing and malware, and much more.
  8. Configuration management.
    Configuration management often uses baselines to ensure that systems start in asecure, hardened state. Change management helps ensure that changes don’t result in unintended configuration errors.
  9. Media protection.
    Media includes physical media such as USB flash drives, external and internal drives, and backuptapes.
  10. Physical and environmental protection.
    This includes physical controls such as cameras, door locks, and environmental controls such as heating and ventilation systems.
  11. role based access control (RBAC)
    uses roles (often implemented as groups) to grant access by placing users into roles based on their assigned jobs, functions, or tasks. Roles, or groups, simplify administration. RBAC supports the use of user templates to enforce least privilege.
  12. rule based access control (RBAC)
    is based on a set of approved instructions, such as access control list rules in a firewall.
  13. discretionary access control (DAC)
    model, every object has an owner. The owner has explicit access andestablishes access for any other user. Microsoft’s NTFS uses the DAC model, with every object having a Discretionary AccessControl List (DACL). The DACL identifies who has access and what access they are granted. A major flaw of the DAC model is itssusceptibility to Trojan horses.
  14. Mandatory access control (MAC)
    uses security or sensitivity labels to identify objects (what you’ll secure) and subjects(users). The administrator establishes access based on predefined security labels that are typically defined with a lattice tospecify the upper and lower security boundaries.
  15. Cipher locks and proximity cards
    are two examples of systems that control access at a door. In the event of a fire, they should allow personnel to exit the building without any form of authentication. Data centers and server rooms should have only a single entrance and exit.
  16. Security guards
    are a preventative physical security control, and they can prevent unauthorized personnel from entering a secure area.
  17. Closed-circuit television (CCTV)
    systems provide video surveillance. They provide reliable proof of a person’s locationand activity, and can be used by an organization to verify if any equipment or data is being removed.
  18. Tailgating (also called piggybacking) occurs when
    one user follows closely behind another user without using credentials.A mantrap can prevent tailgating. Security guards should be especially vigilant to watch for tailgating in high traffic areas.
  19. Physical security also includes
    basic locks on doors and cabinets. Locked cabinets can prevent the theft of unusedresources. Cable locks secure mobile computers.
  20. Password policies
    • provide a technical means to ensure users employ secure password practices.
    • • Password length specifies minimum number of characters.
    • • Password history remembers past passwords and prevents users from reusing passwords.
    • • Minimum password age is used with password history to prevent users from changing their password repeatedly to get back to the original password.
    • • Maximum password age or password expiration forces users to change their password periodically. Whenadministrators reset user passwords, the password should be immediately expired.
  21. An account disablement policy
    ensures that inactive accounts are disabled. Accounts for employees that either resign or are terminated should be disabled. Temporary accounts should be set to automatically disable when possible.
  22. Time restrictions
    can prevent users from logging in or accessing network resources during specific hours.
  23. Account logon events
    include when a user logs on locally, and when the user accesses a resource such as a server over the network. These events are logged and can be monitored.