Flash Cards Security +.txt

  1. A computer virus is what?
    malicious code
  2. Viruses attack what?
    by attaching to files and folders
  3. Do Viruses replicate?
    Yes - self replicate
  4. How are viruses made?
    Specifically designed to attack systems in a particular way
  5. Whats a resident virus?
    Operates in RAMC (attaching itself to Ram)
  6. Whats a direct action virus?
    An aggressive virus - Triggered by date or even
  7. Whats a overwrite virus?
    Can partially or completely delete info contained in the files it infects.
  8. Whats a macro virus
    Targets applications to replace macros w/ code.
  9. Whats a polymorphic virus?
    Avoids detection by cyclic changes
  10. Whats file infectors?
    Traditional virus that targets .exe
  11. Whats TCSES?
    Trusted computer system eval criteria
  12. Whats TCSEC also known as?
    The orange book
  13. Is TCSES an old or new standard?
  14. Whats ITSEC mean?
    Information technology security Eval Criteria
  15. What is IT (ITSEC)?
    European security criteria based on TCSEC
  16. Whats CTCPEC stand for?
    Canadian Trusted Computer Product Eval Critiera
  17. Whats CTCPEC comparable to?
    TCSEC / Orange book
  18. Whats (CC) mean?
    common criteria
  19. What standard is it (CC) ??
    An international standard
  20. Whats (CC) ISO standard?
    ISO 15408
  21. Does the international community follow CC?
  22. Entry into the security fields begin with what?
    Identifying local system threats
  23. What account is ideal for an attacker?
    Admin account
  24. Whats a privilege escalation attack?
    An attack exploits a configuration error.
  25. Whats a companion virus?
    Typical virus infector once executed
  26. Whats a boot sector virus?
    boot sector virus on storage drives
  27. Whats does worms do that viruses do not do?
    Replicate directly across network media
  28. What does spyware do?
    Harvest personal info, invades privacy & manipulates browser activity
  29. Whats spam?
    unsolicited bulk email messages
  30. Whats adware? No the program
    advertising - support software
  31. What a root kit?
    malware cnsisting of a program - to hide one's presence and activity.
  32. Whats a botnet?
    collection of compromised computers
  33. Whats a logic bomb?
    any malicious code that lies dormant until triggered by some condition
  34. Bios prepares what during booting?
    boot strapping or just booting
  35. Can bios be bypassed?
  36. Whats a common way to secure bios?
    admin password
  37. What should you do for USB drives to ensure security?
    Disable access
  38. Are mobile phones a security threat?
  39. Whats bad about NAS?
    W/out proper permissions, unauthorized users have access to files and data
  40. Whats NAS?
    Network attached storage
  41. Whats system hardening practices?
    Series of proocols, procedures, & policies that define and describe system security
  42. What extra things can you do extra for system hardening?
    Blocking unused ports, removing unnecessary services, deleting unused applications
  43. Whats a hotfix?
    cumulative package that solves problems in software products
  44. A patch management?
    Routine manit and upkeep of application, services, & system patches
  45. FRONT: Why do organizaions utilize group policies?
    • BACK: retain and restrict actions that might pose a security risk
    • ReviewInterval: 86400
  46. What does windows server use to increase network security?
    Predefined security templates
  47. What does Linux systems use for network security?
    policym enforecement
  48. A configuration baseline is what?
    basic principles and best practices
  49. Baselines are ideal for establishing what?
    security templates across several devices
  50. Who developed the active X component object model?
  51. What does COM stand for?
    Component object model
  52. Active X controls are ___ building blocks use to ___ distributed ___ that work over the internet through ___ ___
    SMAIL, Create, applications, web, browsers
  53. Active X Security relies solely upon what?
    End user discretion and judegement
  54. Active X controls are digitally what??
  55. Active X Components are ___ ____?
    behaviorally unrestricted
  56. Malware can redirect your ___ to an untrusted ___ that prevents itself as a ___ ___??
    system, site, trusted party
  57. Java & javascript share a similar what?
    Security model
  58. Scripts are generally permitted access on to data relevant to what?
    current document but not to local file system
  59. Java and Java scripts applets are all considered what?
    Host file
  60. A buffer overflow attack does what?
    By overfilling the boundaries of a stack or memory storage region.
  61. Buffer overflow attakcs what?
    Applications, services & O.S. code (kernel)
  62. Are internet cookies trusted?
  63. An open mail relay is what?
    Any SMTP server permissively configured to allow any unauthorized source from the internet to pass email.
  64. Like MSN Messenger - is often what kind of target for vector attacking the network?
    Potential Target
  65. What does XSS stand for?
    Cross-site scripting
  66. What kind of webpage contents is found in dynamically generated pages?
    Cross-site scripting(XSS)
  67. Redirection and mis-direction are a major component of what?
    XSS attacks
  68. What does HIDS stand for?
    Host-based intrusion Detection System
  69. HIDS work with what?
    local systems
  70. HIDS analyzes & monitors ___ ___ interaction and observe the ___ of the computer at all times.
    internet system, state
  71. Whats the primary purpose of a network firewall?
    Logically segregate public and private networks
  72. What allow admins to enable ACL's & security policies to network traffic?
    Network firewalls
  73. What OSI layer is Apllication level proxy?
    Layer 7 - Apllication Layer
  74. What circuit-level proxy is on the OSI?
    OSI Layer 3 (Network)
  75. Packet filtering is on what layer of the OSI?
    OSI Layer 3 (Network)
  76. Stateful filtering does what?
    advanced packet filtering that maintains connections state
  77. How many different waysare their to identifying viruses and malware?
  78. What methods are used for identifying viruses and malware?
    Signutre-based, behavioral-based, heuristics based detection
  79. Anti-Spam techniques attempt to detect what?
  80. What is DNS blacklist, country/network block filtering?
    Ways to detect spam
  81. Virtualization maximizes what?
    resource utilization
  82. What provides the most efficient use of singular system hardware resources?
  83. What is everynetwork architecturally defined by?
    Apps, connections, equipment, interfaces, protocols, standards, services and topologies
  84. What involved an attacker forcibly gaining control over a legitimate conversaton between a trusted two party connections?
    TCP/IP hijacking
  85. What intercept transmission details between the two sources?
  86. Whats IPC?
    Interprocess communications
  87. What attack targets unprotected windows IPC shares and provides unauthorized remote access?
    Null session
  88. Whats a spoofing attack?
    form of abuse on identity & trust
  89. What forms attacking by sending email under a false identity?
    Spoofing attack
  90. What targets network stacks using bogus protocol information?
    Spoofing attack
  91. What forges parameters in a chanin of messages or communication?
    Spoofing attack
  92. Whats vunerable for MITM attakcs?
    email, ftp, web, and SSH connections
  93. Whats MITM?
    Man In The Middle
  94. What attack reuses captured network packets in modified form against an original partt of some network conversation?
    TCP Replay
  95. What renders individual workstations or server computers unresponsive?
    DOS attacks
  96. What Whats a verison of DOS?
  97. Whats Kitting?
    Check fraud that takes advantage of the time between check neogotiation and clearence @ the account holders account
  98. What occurs when a server receives info that does not originate from an authoritative source?
    DNS cache poisoning
  99. Whats another term for ARP spoofing?
    ARP Cache poisoning
  100. An attack against ethernet (packet) that enables an attacker to sniff frames on a switched network or redirect endpoint traffic through an attacker controlled machine?
    ARP Spoofing/ARP cache poisoning
  101. What OSI layer is a network switch?
    Layer2/Layer3 (sometimes)
  102. Network switches are also capable of supporting what?
    VLAN creation
  103. Routers establish connectivity between what (2) things?
    Public and private networks
  104. Whats DMZ?
    Deviding line between private and public networks
  105. Whats a VLAN?
    A physical network that operate as a locally attached network
  106. What does NAT stand for?
    Network address translation
  107. Whats a NAT do?
    Reduces need for several public IP's
  108. Whats a NAC stand for?
    Network access control
  109. Whats a NAC do?
    Takes applicationa dn protocols to describe policies for network access
  110. What does network security tools do?
    Overlapping protection
  111. What does NIDS stand for?
    Network Intrusion Detection System
  112. What does NIPS stand for?
    Network Intrusion Prevention System
  113. Whats the first line of defense for networks?
    Network firewalls
  114. Do proxy servers enhance network performance?
  115. What do proxies do?
    Internal machines hidden adn anonymous
  116. Whats honeypots?
    Fake servers to entice attackers from sensitive information
  117. Mutiple honeypots are called what?
  118. How are networks monitored?
    Network protocol analyzers or ethernet sniffers
  119. What can you do against unauthorized analysis?
    employing encrypted communications protocols and services
  120. What are the two easy entry ways?
    Weak passwords and default accounts
  121. Ehternet protocols were designed w/out what?
    Security in mind
  122. Whats a vampire tap?
    Connecting a station w/ clamps directly onto the wire and piercing and spike into the inner conductor
  123. Whats the unintensional discolosure of info through acoustical, magnetic or radio frequency energy called?
    Data emanation (electronics eavesdropping)
  124. Whats Data emanation like?
    war driving
  125. Whats bluejacking?
    unsolicited anonymopus text messages to BT mobile phones
  126. Whats bluesnarfing?
    unauthorized access and copy of info
  127. Whats unauthorized wireless installs on a protected network?
    Rogue access points
  128. What can wireless ID's do?
    Detect rogue access points
  129. Whats cryptography?
    Hiding info through encryption
  130. Whats cryptanalysis?
    analyzing and deciphering codes, ciphers, & cryptograms
  131. (2) ways defending against cryptanalysis & code breaking attempts?
    Algorithm & key strength
  132. Whats Implicit Deny?
    Allthings suspicious that are not deemed permissable
  133. Whats Explicitly Deny?
    Traffic blocked to certain ports
  134. Whats principle of least privilege?
    Lowest amount of privilege possible to perform some task
  135. What selectively assigns access rights focal to a persons requiremenets to complete a given task?
    Separation of duties
  136. Whats a MAC?
    Mandatory Access Control
  137. Referring to MAC - people, services, & Systems is what? Whats all other resources?
    Sujects / objects
  138. MAC uses subject and object labeling called what?
    Security label
  139. If security labels of subject and objects do not match, whats access set to?
    Explicity denied
  140. What (2) forms is MAC devided into?
    Non-universal & universal
  141. Whats simplistic means of restricting access to objects based on subject, identity, group membership?
    Discretionary access control
  142. Whats RBAC stand for?
    Role-Based access control
  143. What is RBAC?
    Permissions according to job roles that determinea person/groups to access system resources
  144. Whats like RBAC?
    Rule-Based access control
  145. The Rule based access control abbreviation is what?
  146. Can ACLS's be assigned and admined by owners?
  147. What forms organizational security?
    ACL's, filtering rules & secuirty policies
  148. Whats a basic security checklist?
    Access Control List
  149. A group policy is what?
    Collection of admin-defined user enviroment settings
  150. Whats a crucial factor in the security equation?
    Strong password attributes
  151. What does a password policy establish?
    standards by which all passwords are upheld
  152. Domain password polcies govern what?
    The entire domain of computers
  153. Win2000 & Win2003 support passwords to how many characters
    127 characters
  154. What are the (5) ways of enforcing a good password policy?
    Enforece password history, max password age, min password age, minimum password length, complexity requirements
  155. (2) ways dormant accounts are bad?
    Account owner will not be encountered, admin keeps loose watch on accounts (dormant)
  156. (4) types of logical tokens?
    RSA secure ID, Proximity cards, Electro key fobs, and others
  157. What does authenticate mean?
    Authentic, grant sufficient authority
  158. What does authentication mean?
    Factuallyverifying clamied identity
  159. (3) authentication factor categories?
    One-factor, two-factor, multi - factor
  160. (3) authentication methods?
    What you know, what you have, who you are
  161. What does SSO stand for?
    Single sign on
  162. What (3) common SSO configurations use Kerbersos?
    Smartcards, token and certificates
  163. What does Radius stand for?
    Remote authentication dial in user system
Card Set
Flash Cards Security +.txt
Security +