CHAPTER 5.1

Question 1

Common Type of Attacks

Answer 1

Network scanner applications that probe systems for unguarded ports, which can used to gain
access to the system.

Question 2

Common Type of Attacks

Answer 2

Trojan horse
* applications that open a connection to a computer on the Internet, enabling
an attacker on the outside to run programs and store/retrieve data.

Question 3

Common Type of Attack

Answer 3

Social engineering
* Attackers obtain passwords by illicit means and then use remote access
technologies to log on to a computer from another location and compromise
its data and programming.

Question 4

Common Type of Attack

Answer 4

Denial of service attacks
* uses authorized access points to bombard a system with traffic, preventing
legitimate traffic from reaching the computer

Question 5

Motivation for Network Attacks

Answer 5

Profit .An individual who wants to hack valuable information for
resale or obtain a ransom to stop an attack

Question 6

Motivation for Network Attacks

Answer 6

Revenge A discontented employee who feels offended by an
organization

Question 7

Motivation for Network Attacks

Answer 7

Publicity A person or team that performs a high-profile attack to
obtain notoriety

Question 8

Motivation for Network Attacks

Answer 8

Espionage A person who spies on government or organizations to
obtain network information

Question 9

Motivation for Network Attacks

Answer 9

Personal satisfaction A person or team that may attack networks as a hobby or
to boost their egos

Question 10

Motivation for Network Attacks

Answer 10

Terrorism A person or group that may impair societal infrastructure
and apply pressure on groups or governments

Question 11

Common Network Vulnerabilities

Answer 11

Account passwords * Password is either too simple or shared among users

Question 12

Audit settings.

Answer 12

. Auditing is not enabled, thus unable to detect or
report an attack that has occurred

Question 13

User rights

Answer 13

User rights are not restricted to the minimum
User rights requirements to perform necessary tasks

Question 14

Service

Answer 14

Any service or application may have flaws, making the
computer vulnerable to attacks

Question 15

Key Security Principles

Answer 15

Defense-in-Depth * Provide multiple layers of protection

Question 16

Key Security Principles

Answer 16

Least privilege
* Grant the least amount of permission necessary to
perform required tasks

Question 17

Key Security Principles

Answer 17

Minimized attack surface
* Reduce the number of vulnerable points on the
network

Question 18

Defense-indepth

Answer 18

Defense-in-depth uses a
layered approach to
security

Question 19

Server Hardening

Answer 19

Server Hardening is the process of enhancing server security through
a variety of means which results in a much more secure server
operating environment.

Question 20

Best practices to increase security:

Answer 20

Stop and/or uninstall unneeded services
* Close unneeded ports
* Minimise software installations
* Keep security patches up to date

Question 21

Vulnerability Scanning

Answer 21

Microsoft Baseline Security Analyzer
* Analyze server security state in accordance with
Microsoft security recommendations

Question 22

It detects

Answer 22

common administrative vulnerabilities
* missing security updates

Question 23

what is security templates

Answer 23

Security templates are files that you use to manage and
configure security settings on Windows-based computers.

Question 24

Areas where security settings can be applied:

Answer 24

Account Policies, Local Policies, * Event Log, Restricted Groups

Question 25

User Account Control (UAC)

Answer 25

Security mechanism that prevents unauthorized changes to the OS without the approval from the administrator

Question 26

User Account Control (UAC)

Answer 26

UAC prompt notifies the user if a program is about to make a system change that requires the approval of an administrator or request for the administrator’s password or pin.

Question 27

Secure Desktop

Answer 27

The secure desktop is an alternative to the interactive user desktop that Windows normally displays

Question 28

what does secure desktop do

Answer 28

When an elevation or credential prompt is generated, the system switches to the secure desktop

Question 29

AppLocker

Answer 29

An application control policy designed to identify software and control its execution.

Question 30

what does applocker do

Answer 30

It control in preventing potentially dangerous applications from running. * Control who is affected by the policies.

Question 30

Creating Rules Manually

Answer 30

Use a wizard-based interface

Question 31

Action

Answer 31

Allow or deny the user or group access to the resource. In AppLocker, explicit deny rules always override allow rules.

Question 31

User or group

Answer 31

Specifies the name of the user or group to which the policy should apply.

Question 32

Conditions

Answer 32

Specifies type of rules : publisher, path, or file hash rule. The wizard generates an additional page to configure the parameter.

Question 33

* Exceptions

Answer 33

Specify exceptions to the rule you create, using any of the three conditions: publisher, path, or file hash.

Question 34

what is firewall

Answer 34

A firewall is a software program that

Question 35

what does firewall do

Answer 35

protects a computer or a network by allowing certain types of network traffic in and out of the system while blocking others.

Question 36

what does firewall do

Answer 36

uses filters to examine the contents of packets and traffic patterns to determine which packets they should allow to pass through the filter.

Question 37

configure the firewall by using

Answer 37

Basic Firewall configuration in Control Panel

Question 38

configure the firewall by using

Answer 38

Windows Firewall with Advanced Security

Question 39

Firewall Settings

Answer 39

IP addresses

Question 40

Firewall Settings

Answer 40

Protocol numbers

Question 41

Firewall Settings

Answer 41

Port numbers: