Flash Cards Security +.txt
Card Set Information
Flash Cards Security +.txt
A computer virus is what?
Viruses attack what?
by attaching to files and folders
Do Viruses replicate?
Yes - self replicate
How are viruses made?
Specifically designed to attack systems in a particular way
Whats a resident virus?
Operates in RAMC (attaching itself to Ram)
Whats a direct action virus?
An aggressive virus - Triggered by date or even
Whats a overwrite virus?
Can partially or completely delete info contained in the files it infects.
Whats a macro virus
Targets applications to replace macros w/ code.
Whats a polymorphic virus?
Avoids detection by cyclic changes
Whats file infectors?
Traditional virus that targets .exe
Trusted computer system eval criteria
Whats TCSEC also known as?
The orange book
Is TCSES an old or new standard?
Whats ITSEC mean?
Information technology security Eval Criteria
What is IT (ITSEC)?
European security criteria based on TCSEC
Whats CTCPEC stand for?
Canadian Trusted Computer Product Eval Critiera
Whats CTCPEC comparable to?
TCSEC / Orange book
Whats (CC) mean?
What standard is it (CC) ??
An international standard
Whats (CC) ISO standard?
Does the international community follow CC?
Entry into the security fields begin with what?
Identifying local system threats
What account is ideal for an attacker?
Whats a privilege escalation attack?
An attack exploits a configuration error.
Whats a companion virus?
Typical virus infector once executed
Whats a boot sector virus?
boot sector virus on storage drives
Whats does worms do that viruses do not do?
Replicate directly across network media
What does spyware do?
Harvest personal info, invades privacy & manipulates browser activity
unsolicited bulk email messages
Whats adware? No the program
advertising - support software
What a root kit?
malware cnsisting of a program - to hide one's presence and activity.
Whats a botnet?
collection of compromised computers
Whats a logic bomb?
any malicious code that lies dormant until triggered by some condition
Bios prepares what during booting?
boot strapping or just booting
Can bios be bypassed?
Whats a common way to secure bios?
What should you do for USB drives to ensure security?
Are mobile phones a security threat?
Whats bad about NAS?
W/out proper permissions, unauthorized users have access to files and data
Network attached storage
Whats system hardening practices?
Series of proocols, procedures, & policies that define and describe system security
What extra things can you do extra for system hardening?
Blocking unused ports, removing unnecessary services, deleting unused applications
Whats a hotfix?
cumulative package that solves problems in software products
A patch management?
Routine manit and upkeep of application, services, & system patches
FRONT: Why do organizaions utilize group policies?
: retain and restrict actions that might pose a security risk
What does windows server use to increase network security?
Predefined security templates
What does Linux systems use for network security?
A configuration baseline is what?
basic principles and best practices
Baselines are ideal for establishing what?
security templates across several devices
Who developed the active X component object model?
What does COM stand for?
Component object model
Active X controls are ___ building blocks use to ___ distributed ___ that work over the internet through ___ ___
SMAIL, Create, applications, web, browsers
Active X Security relies solely upon what?
End user discretion and judegement
Active X controls are digitally what??
Active X Components are ___ ____?
Malware can redirect your ___ to an untrusted ___ that prevents itself as a ___ ___??
system, site, trusted party
Scripts are generally permitted access on to data relevant to what?
current document but not to local file system
Java and Java scripts applets are all considered what?
A buffer overflow attack does what?
By overfilling the boundaries of a stack or memory storage region.
Buffer overflow attakcs what?
Applications, services & O.S. code (kernel)
Are internet cookies trusted?
An open mail relay is what?
Any SMTP server permissively configured to allow any unauthorized source from the internet to pass email.
Like MSN Messenger - is often what kind of target for vector attacking the network?
What does XSS stand for?
What kind of webpage contents is found in dynamically generated pages?
Redirection and mis-direction are a major component of what?
What does HIDS stand for?
Host-based intrusion Detection System
HIDS work with what?
HIDS analyzes & monitors ___ ___ interaction and observe the ___ of the computer at all times.
internet system, state
Whats the primary purpose of a network firewall?
Logically segregate public and private networks
What allow admins to enable ACL's & security policies to network traffic?
What OSI layer is Apllication level proxy?
Layer 7 - Apllication Layer
What circuit-level proxy is on the OSI?
OSI Layer 3 (Network)
Packet filtering is on what layer of the OSI?
OSI Layer 3 (Network)
Stateful filtering does what?
advanced packet filtering that maintains connections state
How many different waysare their to identifying viruses and malware?
What methods are used for identifying viruses and malware?
Signutre-based, behavioral-based, heuristics based detection
Anti-Spam techniques attempt to detect what?
What is DNS blacklist, country/network block filtering?
Ways to detect spam
Virtualization maximizes what?
What provides the most efficient use of singular system hardware resources?
What is everynetwork architecturally defined by?
Apps, connections, equipment, interfaces, protocols, standards, services and topologies
What involved an attacker forcibly gaining control over a legitimate conversaton between a trusted two party connections?
What intercept transmission details between the two sources?
What attack targets unprotected windows IPC shares and provides unauthorized remote access?
Whats a spoofing attack?
form of abuse on identity & trust
What forms attacking by sending email under a false identity?
What targets network stacks using bogus protocol information?
What forges parameters in a chanin of messages or communication?
Whats vunerable for MITM attakcs?
email, ftp, web, and SSH connections
Man In The Middle
What attack reuses captured network packets in modified form against an original partt of some network conversation?
What renders individual workstations or server computers unresponsive?
What Whats a verison of DOS?
Check fraud that takes advantage of the time between check neogotiation and clearence @ the account holders account
What occurs when a server receives info that does not originate from an authoritative source?
DNS cache poisoning
Whats another term for ARP spoofing?
ARP Cache poisoning
An attack against ethernet (packet) that enables an attacker to sniff frames on a switched network or redirect endpoint traffic through an attacker controlled machine?
ARP Spoofing/ARP cache poisoning
What OSI layer is a network switch?
Network switches are also capable of supporting what?
Routers establish connectivity between what (2) things?
Public and private networks
Deviding line between private and public networks
Whats a VLAN?
A physical network that operate as a locally attached network
What does NAT stand for?
Network address translation
Whats a NAT do?
Reduces need for several public IP's
Whats a NAC stand for?
Network access control
Whats a NAC do?
Takes applicationa dn protocols to describe policies for network access
What does network security tools do?
What does NIDS stand for?
Network Intrusion Detection System
What does NIPS stand for?
Network Intrusion Prevention System
Whats the first line of defense for networks?
Do proxy servers enhance network performance?
What do proxies do?
Internal machines hidden adn anonymous
Fake servers to entice attackers from sensitive information
Mutiple honeypots are called what?
How are networks monitored?
Network protocol analyzers or ethernet sniffers
What can you do against unauthorized analysis?
employing encrypted communications protocols and services
What are the two easy entry ways?
Weak passwords and default accounts
Ehternet protocols were designed w/out what?
Security in mind
Whats a vampire tap?
Connecting a station w/ clamps directly onto the wire and piercing and spike into the inner conductor
Whats the unintensional discolosure of info through acoustical, magnetic or radio frequency energy called?
Data emanation (electronics eavesdropping)
Whats Data emanation like?
unsolicited anonymopus text messages to BT mobile phones
unauthorized access and copy of info
Whats unauthorized wireless installs on a protected network?
Rogue access points
What can wireless ID's do?
Detect rogue access points
Hiding info through encryption
analyzing and deciphering codes, ciphers, & cryptograms
(2) ways defending against cryptanalysis & code breaking attempts?
Algorithm & key strength
Whats Implicit Deny?
Allthings suspicious that are not deemed permissable
Whats Explicitly Deny?
Traffic blocked to certain ports
Whats principle of least privilege?
Lowest amount of privilege possible to perform some task
What selectively assigns access rights focal to a persons requiremenets to complete a given task?
Separation of duties
Whats a MAC?
Mandatory Access Control
Referring to MAC - people, services, & Systems is what? Whats all other resources?
Sujects / objects
MAC uses subject and object labeling called what?
If security labels of subject and objects do not match, whats access set to?
What (2) forms is MAC devided into?
Non-universal & universal
Whats simplistic means of restricting access to objects based on subject, identity, group membership?
Discretionary access control
Whats RBAC stand for?
Role-Based access control
What is RBAC?
Permissions according to job roles that determinea person/groups to access system resources
Whats like RBAC?
Rule-Based access control
The Rule based access control abbreviation is what?
Can ACLS's be assigned and admined by owners?
What forms organizational security?
ACL's, filtering rules & secuirty policies
Whats a basic security checklist?
Access Control List
A group policy is what?
Collection of admin-defined user enviroment settings
Whats a crucial factor in the security equation?
Strong password attributes
What does a password policy establish?
standards by which all passwords are upheld
Domain password polcies govern what?
The entire domain of computers
Win2000 & Win2003 support passwords to how many characters
What are the (5) ways of enforcing a good password policy?
Enforece password history, max password age, min password age, minimum password length, complexity requirements
(2) ways dormant accounts are bad?
Account owner will not be encountered, admin keeps loose watch on accounts (dormant)
(4) types of logical tokens?
RSA secure ID, Proximity cards, Electro key fobs, and others
What does authenticate mean?
Authentic, grant sufficient authority
What does authentication mean?
Factuallyverifying clamied identity
(3) authentication factor categories?
One-factor, two-factor, multi - factor
(3) authentication methods?
What you know, what you have, who you are
What does SSO stand for?
Single sign on
What (3) common SSO configurations use Kerbersos?
Smartcards, token and certificates
What does Radius stand for?
Remote authentication dial in user system