C836 Ch. 11

Question 1

Operating system hardening

Answer 1

The process of reducing the number of available avenues through which our operating system might be attacked

Question 2

Attack surface

Answer 2

The total of the areas through which our operating system might be attacked

Question 3

Name the six main hardening categories

Answer 3

1. Removing unnecessary software
2. Removing or turning off unessential services
3. Making alterations to common accounts
4. Applying the principle of least privilege
5. Applying software updates in a timely manner
6. Making use of logging and auditing functions

Question 4

The principle of least privilege

Answer 4

A principle that states we should only allow a party the absolute minimum permission needed for it to carry out its function

Question 5

A particularly complex and impactful item of malware that targeted the Supervisory Control and Data Acquisition (SCADA) systems that run various industrial processes; this piece of malware raised the bar for malware from largely being a virtual-based attack to actually being physically destructive

Answer 5

Stuxnet

Question 6

Anti-malware tool

Answer 6

A type of tool that uses signature matching or anomaly detection (heuristics) to detect malware threats, either in real-time or by performing scans of files and processes

Question 7

Heuristics

Answer 7

The process of anomaly detection used by anti-malware tools to detect malware without signatures

Question 8

Executable space protection

Answer 8

A hardware- and software-based technology that prevents certain portions of the memory used by the operating system and applications from being used to execute code

Question 9

Buffer overflow attack

Answer 9

The act of inputting more data than an application is expecting from a particular input, creating the possibility of executing commands by specifically crafting the excess data

Question 10

Address space layout randomization (ASLR)

Answer 10

A security method that involves shifting the contents of memory around to make tampering difficult

Question 11

Software firewall

Answer 11

This type of firewall generally contains a subset of the features on a large firewall appliance but is often capable of similar packet filtering and stateful packet inspection activities

Question 12

Host intrusion detection system (HIDS)

Answer 12

A system used to analyze the activities on or directed at the network interface of a particular host

Question 13

Scanner

Answer 13

A type of tool that can detect various security flaws when examining hosts

Question 14

Vulnerability assessment tool

Answer 14

A tool that is aimed specifically at the task of finding and reporting network services on hosts that have known vulnerabilities

Question 15

Nessus

Answer 15

A well-known vulnerability assessment tool (it also includes a port scanner)

Question 16

Exploit framework

Answer 16

A group of tools that can include network mapping tools, sniffers, and exploits

Question 17

Exploits

Answer 17

Small bits of software that take advantage of flaws in other software or applications in order to cause them to behave in ways that were not intended by their creators

Question 18

Name three examples of exploit frameworks

Answer 18

Metasploit, Immunity CANVAS, Core Impact