Flashcards in IS3340 CHAPTER 2 Deck (43):
The process of providing and denying access to objects is called ___?
Shared database of domain users, groups, computers, resources, and other information, along with network functionality to centralize and standardize network management and interoperation is called ___?
The collection of all possible vulnerabilities that could provide unauthorized access to computer resources; all of the software a computer runs that is vulnerable to attack is called ___?
Proving that provided identity credentials are valid and correct is called ?
Granting and/or denying access to resources based on the authenticated user is called ___?
A level of sensitivity assigned to an object by its owner. An example object could be assigned as top secret, secret, confidential, restricted, or unclassified and is called ___?
A security level assigned to subjects, authorizing them to access objects with an equal or lower classification. These levels include top secret, secret, and confidential and is called ___?
Any mechanism or action that prevents, detects, or addresses an attack is called ___?
An access control method based on an object's owner and permissions granted by the owner is called ___?
DISCRETIONARY ACCESS CONTROL (DAC)
To take advantage of a specific vulnerability is called ___?
Software layer in the operating system kernel that provides the actual access to physical hardware is called ___?
HARDWARE ABSTRACTION LAYER(HAL)
Providing credentials that claim a specific identity, such as a user name is called ___?
The core part of an operating system that provides the essential services of the operating system is called ___?
An attack in which the attacker is located between a client and a server and intercepts traffic flowing back and forth between the two computers. The attacker can view or modify data that is transmitted in the clear. This is called ___?
Man in the middle Attack
The portion of an operating system's kernel that resides exclusively in memory is called ___?
Authentication process that requires multiple types of authentication credentials is called ___?
A resource to which access is controlled is called ___?
This defines what a user can do to a specific object, such as read or delete the object and is called ___?
User rights define tasks that a user is permitted to carry out, such as take ownership of objects or shut down the computer and is called ___?
An access control method based on permissions defined by a role, e.g., manager, authorized user, guest, as opposed to an individual user, e.g., Michael Solomon. This is called ___?
ROLE BASED ACCESS CONTROL (RBAC)
A unique identifier for each user and group in a Windows environment is called ___?
SECURITY IDENTIFIER (SID)
An entity requesting access to an object is called ___?
The highest privilege at which programs can run, allowing access to the physical hardware and kernel resources. AKA kernel mode and is called ___?
Authentication process that requires two separate types of authentication credentials is called ___?
Authentication based on information only a valid user knows, such as a password or PIN is called ___?
TYPE I AUTHENTICATION
Authentication based on a physical object that contains identity information, such as a token, card, or other device is called ___?
TYPE II AUTHENTICATION
Authentication based on a physical characteristic (biometric), such as a fingerprint, hand print, or retina characteristic is called ___?
TYPE III AUTHENTICATION
Limited privilege for running programs that does not allow direct access to the computer's physical hardware or certain kernel resources is called ___?
1. Which of the following is NOT a goal of a secure environment?
1. All required information is available to authorized users
2. No information is available to unauthorized user
3. All required information is available
4. No classified information is available to unauthorized users
All required information is available
2. Which term describes the central component of an operating system?
3. Hardware Abstraction Layer
3. what are the two run modes for windows programs?
1. supervisor mode and executive mode
2. Kernel mode and supervisor mode
3. User mode and executive mode
4. Kernel mode and user mode
Kernel mode and user mode
4. Which of the following Windows components resides in memory to provide the core operating system services?
4. Hardware Abstraction Layer
5. what is the name of the process which proves you are who you say you are?
6. Which type of authentication is a smart card?
1. Type I
2. Type II
3. Type III
4. Type IV
7. Which access control method relates data classification to user clearance?
8. What value uniquely identifies a user or group in Windows?
9. If the same user is created on three separate Windows computers, which value is the same on all three computers?
2. User code
10. Which Windows feature allows users and groups to be "shared" among machines?
1. Domain control
4. Active Directory
11. What defines the limit of how many computers share users and groups?
12. Which of the following best describes the term "attack surface"?
1. All possible vulnerabilities in application software that could be exploited
2. All possible vulnerabilities that could be exploited
3. The most likely avenues of attack
4. Known vulnerabilities that have not been patched
All possible vulnerabilities that could be exploited
13. When possible, what is the best way to mitigate vulnerability in a specific service?
1. Remove the service
2. Disable the service
3. Block access to the service
4. Patch the service
Remove the service
14. When monitoring a Windows system, with what do you compare current system performance to test for security compliance?
1. The previous monitoring results
2. A normal performance scan
3. A stated baseline
4. A defined security goal
A stated baseline