chapter 17/ Security

Question 1

common prevention methods

779

Answer 1

physical security, digital security, users education, and the principle of the last privilege.

Question 2

your system should have the minimum of how many barriers?

800

Answer 2

Three

Question 3

What are some of the physical security/

800

Answer 3

lock doors, Tailgating, Securing physical documents/ password/ shredding, biometrics, badges, Key fobs, FRID Badges, RSA Tokens, privacy filters, Retinal.

Question 4

Biometrics systems include what?

801

Answer 4

fingerprint, palm, hands canners, retinal scanners

Question 5

Digital security

802

Answer 5

it focuses on keeping harmful data and malware out.

Question 6

Antivirus software?

802

Answer 6

An antivirus program is a software utility designed to protect your computer or network against computer viruses. If and when a virus is detected, the computer displays a warning asking what action should be done, often giving the options to remove, ignore, or move the file to the vault.

Question 7

what can a virus do to a computer with out an Antivirus?

802

Answer 7

If a virus infected a computer without an antivirus program, it may delete files, prevent access to files, send spam, spy on you, or perform other malicious actions.

Question 8

what is a firewall

803

Answer 8

A firewall is a software utility or hardware device that limits outside network access to a computer or local network by blocking or restricting network ports. Firewalls are a great step for helping prevent un-authorized access to a company or home network.

Question 9

packet filter firewall

804

Answer 9

packet filtering is the process of passing or blocking packets at a network interface based on source and destination addresses, ports, or protocols.

Question 10

proxy firewall

804

Answer 10

the proxy firewall provide better security then the packet filter firewall because of the increased intelligence that the proxy firewall offers.

Question 11

stateful inspection firewall

Answer 11

it keep track of how information is routed or used, using a state table that tracks every communication channel.

Question 12

Denial of Service DoS and distributed Denial of Service DDoS

806

Answer 12

Denial of Service, a DoS attack is a method of attacking a networked computer by sending it an abnormally high number of requests, causing its network to slow down or fail. Since a single individual cannot generate enough traffic for a DoS attack, these attacks are usually run from multiple computers infected by worms or zombie computers for a DDoS.

Question 13

antispyware

806

Answer 13

anti-spyware programs help to block and prevent spyware and other malware infections on computers. Anti-spyware programs monitor incoming data from email, websites, and downloads of files and stop spyware programs from getting a foothold in the computer operating system.

Question 14

what is a computer virus.

812

Answer 14

A computer virus is a program, script, or macro designed to cause damage, steal personal information, modify data, send e-mail, display messages, and infect other computers.

Question 15

some of viruses symptoms are.

812

Answer 15

system start to loud slowly.
some of the files disappears from the system.
lose access to the disk, and more.

Question 16

virus tries to accomplish one of two things ?

813

Answer 16

Render the system inoperable and spread to other systems.

Question 17

many viruses today are spread using what ?

813

Answer 17

Email

Question 18

armored virus

814

Answer 18

it make itself difficult to detect or analyze, it cover itself with protective code that stops debuggers or disassemblers from examining it.

Question 19

companion virus

815

Answer 19

it attaches it self to legitimate programs and creates a program with a different file name

Question 20

macro Virus

815

Answer 20

Macro virus is a computer virus that spreads to other computers through software programs that utilize macros. For example, Microsoft Word and Microsoft Excel are two popular and widely used programs that are capable of executing macros. Macro viruses written for these programs can spread by infecting other related documents each time the document is open. Because these files are commonly used and sent through e-mail, a computer network can be quickly infected by these viruses.

Question 21

multipartite virus

815

Answer 21

it attacks the system in multiple ways, it may infect the boot sector, all the files and destroy application files.

Question 22

phage virus

815

Answer 22

it alters other programs and databases, the virus infects all of these files, the only way to remove this virus is to reinstall the program that are infected.

Question 23

polymorphic virus

816

Answer 23

A virus that changes its virus form (signature) every time it replicates and infects a new file in order to keep from being detected by an antivirus program.

Question 24

retrovirus

816

Answer 24

a computer retrovirus is one that actively seeks out an antivirus program on a computer system and attacks it. A retrovirus will attempt to disable and infect the antivirus software in order to avoid detection in the computer system. Also called anti-antivirus virus.

Question 25

Stealth virus

816

Answer 25

it avoid detection by masking itself from application, it may attached to a boot sector of the hard drive

Question 26

worms

817

Answer 26

a worm is a destructive self replicating program containing code capable of gaining access to computers or networks. Once within the computer or network, the worm causes harm by deleting, modifying, distributing, or otherwise manipulating data.

Question 27

Trojans

818

Answer 27

A trojan horse is a program that appears to be something safe, but in is performing tasks such as giving access to your computer or sending personal information to other computers. Trojan horses are one of the most common methods a criminal uses to infect your computer and collect personal information from your computer.

Question 28

Workstation security best practices

818

Answer 28

set strong passwords
required password
restrict user permissions
change default username
disable the guest account
make the screensaver require a password
disable auto run functionality

Question 29

Destruction and disposal methods

821

Answer 29

we should never tossed away a hard drive. we need to be careful with all the data that is in it and for that we need to do Formatting, Sanitation and distraction.

Question 30

Low level format / standard format

821

Answer 30

Low level format is an initial formatting of a hard drive that initializes the physical tracks on the surface or the internal disks. The drive manufacturer performs a low-level format on the hard drive before it is released and is not something an end-user needs to do to their hard drive.

Question 31

hard drive sanitation and sanitation methods

822

Answer 31

some hard drive come with AES advanced encryption standard.
erase the hard drive
if it is a SATA we run HDDERASE
the surefire one the eradicated of the hard drive.

Question 32

overwrite

822

Answer 32

overwrite is a term used to describe when new information replaces old information or data.

Question 33

drive wipe

822

Answer 33

the hard drive does not contain any data that it is clean.

Question 34

Securing a SOHO wireless network

824

Answer 34

changing the default SSID (Service Set Identifier)
disable SSID
Disable the DHCP (Dynamic Host Configuration Protocol)
use MAC filter
Use IP filter
use the strongest security

Question 35

antenna and access point placement

826

Answer 35

we avoid placing access points near metal or near the ground. they should be placed in the center of the area to be served and high enough to get around most obstacles.