Lesson 10

Question 1

Name the CIA Triad

Answer 1

Confidentiality
Integrity
Availability

Question 2

Confidentiality

Answer 2

Keeping information private and protecting it from unauthorized use

Question 3

What are some things that maybe confidential

Answer 3

Trade Secrets
Personnel Records
Tax Records
Military Secrets

Question 4

Integrity

Answer 4

Keeping information accurate, free from errors, and unauthorized modifications

Question 5

Availability

Answer 5

Making sure that the resources are available for use by end users

Question 6

How to ensure Integrity

Answer 6

Encryption

Hashing

Question 7

How to ensure Availability

Answer 7

SANS

Redundancy

Question 8

What are the four security factors that most systems rely on

Answer 8

Authorization
Access Control
Accountability
Auditing

Question 9

Authorization

Answer 9

determining what rights and privileges an entity has

Question 10

Access Control

Answer 10

assigning privileges to various resources, objects or data

Question 11

Accountability

Answer 11

Who to hold responsible for a particular activity or even such as a logon

Question 12

Auditing

Answer 12

process of tracking and recording system activities and resources

Question 13

Non repudiation

Answer 13

goal of ensuring that data remains associated with the party that creates it or send a transmission with the data

Question 14

Least Privilege

Answer 14

users or software have only the minimal level of access that is necessary for them to perform their duties

Question 15

Privilege Bracketing

Answer 15

to allow privileges only when needed and then revoke them as soon as the user finishes the task or the need has passed

Question 16

Risk

Answer 16

a concept that indicates exposure to the chance of damage or loss.

Likelihood of a hazard or threat occurring.

Question 17

Risk is often associated with

Answer 17

The loss of power
Loss of a device
Loss of the network
Other physical loss

Question 18

A disgruntled employee is a threat or vulnerability

Answer 18

Threat

Question 19

What is the determining factor when looking at information system security

Answer 19

Risk

Question 20

Unauthorized access

Answer 20

network of data access that is not explicitly approved by an organization

Question 21

Name some acts of unauthorized access

Answer 21

Attack by an outsider

Misuse of privileges

Inadvertent actions

Question 22

Does Unauthorized access result in data loss or damage

Answer 22

No

Question 23

Can unauthorized access lead to network attacks

Answer 23

Yes

Question 24

Data Breach

Answer 24

Sensitive or protected data is copied transmitted viewed stolen or used by individuals unauthorized to do so

Question 25

Attacker

Answer 25

Malicious intruder

Question 26

Hacker

Answer 26

Possess skills to gain access to computers

Question 27

Security controls

Answer 27

safeguards to avoid counteract minimize security risks relating to personal or organizational property

Question 28

Name some physical controls

Answer 28

Fences doors locks fire extinguisher

Question 29

Name some procedural controls

Answer 29

incident response process management oversight security awareness training

Question 30

Name some technical controls

Answer 30

authentication logical access antivirus firewalls

Question 31

Name some legal and regulatory compliance controls

Answer 31

Privacy laws Policies Clauses

Question 32

Security policy

Answer 32

statement that defines how security will be implemented within an organization

Question 33

This describes the means that the organization will take to protect the CIA of data and resources

Answer 33

Security Policy

Question 34

What determines the security policy

Answer 34

needs of the organization

Question 35

Without a formal policy you can only

Answer 35

react to threats instead of anticipating them

Question 36

Which policy may include a consent to monitor clause

Answer 36

Security Policy

Question 37

Consent to monitor banner normally states

Answer 37

You agree to be monitored You are authorized to access or download specific data You and the network owners have a reasonable expectation of privacy You consent to reasonable law enforcement searches

Question 38

What are the components of a Security policy

Answer 38

Policy Statement Standards Guidelines Procedures

Question 39

What outlines the plan for the individual security component

Answer 39

Policy Statement

Question 40

Defines how to measure the level of adherence to he policy

Answer 40

Standards

Question 41

Suggestions recommendation or best practices for how to meet the policy standard

Answer 41

Guidelines

Question 42

Step[ by step instructions that detail how to implement

Answer 42

Procedures

Question 43

Name some common security policy types

Answer 43

Acceptable Use Policy Audit Policy 'Extranet Policy Password Policy Wireless Standards Policy

Question 44

Name a Security Policy Standards Org

Answer 44

SANS

Question 45

pg 258

Answer 45

pg 258

Question 46

What are windows security policies

Answer 46

configuration settings within windows

Question 47

Where are windows security policies found

Answer 47

in a policy object in the computer configuration\windows settings\security settings node

Question 48

Group policies cab be applied to single devices or users, to groups of devices or users, to all devices or users

Answer 48

True

Question 49

Group Policy

Answer 49

centralized account mgmt. for AD

Question 50

Permissions

Answer 50

security setting that determines the level of access a user or group account hat to a resource

Question 51

What are somethings that may have permissions

Answer 51

printers files shared folders directory databases

Question 52

Is it a good practice to assign rights and permissions to individual accts

Answer 52

NO It is better to create group policies

Question 53

NTFS

Answer 53

NT File System file level security NTSF permission on folder are inherited by the files and subfoldrs within it

Question 54

What are the types of permissions

Answer 54

Read Write Read Execute List Folder Contents Modify Full Control Special permissions

Question 55

Name some Linux permissions types

Answer 55

R read W write x execute

Question 56

Can segmenting your network help you secure it

Answer 56

Yes

Question 57

How does segmentation help secure the network

Answer 57

decreasing the attack surface

Question 58

WJy segment the netwrk

Answer 58

Security Compliance rqmts Load balancing

Question 59

Zones are defined by physical or logical boundaries

Answer 59

True

Question 60

Does each zone have a security zone

Answer 60

Yes

Question 61

What allows you to communicate across zones

Answer 61

A conduit

Question 62

What should be segmented

Answer 62

``` SCADA/ICS Legacy Systems Private networks Public Networks Testing lab Honey Net ```

Question 63

Honey Net or Pot

Answer 63

used to detect deflector counteract attempts at unauthorized use

Question 64

Wireless security is any method used to secure a wireless network from unauthorized access or data theft

Answer 64

T

Question 65

Site Survey

Answer 65

technique to determine the coverage area of a network

Question 66

Do WAPS and routers come with default SSIDs

Answer 66

Yes

Question 67

Can an SSID be changed

Answer 67

Yes

Question 68

Does disabling the SSID help secure a wireless network

Answer 68

Yes | The network cannot be seen by a potential attackers

Question 69

Can attackers still attack a network with a disabled SSID

Answer 69

Yes

Question 70

Disaster

Answer 70

Catastrophic loss of functionality that could have been easily prevented

Question 71

Disaster Recovery

Answer 71

Admin function of protecting people and resources

Question 72

What are the disaster recovery priorities

Answer 72

Safety of personnel is first followed ensuring continuity of business functions

Question 73

What are the types of disasters

Answer 73

Natural Data Destruction Hardware failure

Question 74

Data destruction includes

Answer 74

Accidental deletion Malicious destruction Virus attack

Question 75

How do you prevent data destruction

Answer 75

Good backups

Question 76

What is business continuity

Answer 76

planning that is used during serious incidents or disasters to ensure critical business functions

Question 77

What are the three key elements of Business Continuity

Answer 77

Resilience Recovery Contingency

Question 78

What is a single point of failure

Answer 78

if this fails it will break the network

Question 79

How do you combat a single point of failure

Answer 79

Employ redundancy

Question 80

Vulnerability

Answer 80

condition that leaves a device open to attack

Question 81

Can a device be vulnerable if there is no active threat against it

Answer 81

Yes

Question 82

Vulnerability Scanner

Answer 82

Scans network and websites for security risks and generate steps to remediation. Some can even do patching

Question 83

Name the physical security threats

Answer 83

Internal External Natural Man Made

Question 84

Examples of external threats

Answer 84

attackers power failure

Question 85

Name some environmental threats

Answer 85

Fire Hurricanes and Tornadoes Flood Extreme Temperature Extreme Humidity

Question 86

Should you run unnecessary services

Answer 86

No

Question 87

Open port

Answer 87

TCP or UDP port number that is configured to accept packets

Question 88

Unpatched Systems

Answer 88

systems without software updates

Question 89

Legacy Systems

Answer 89

device running an old OS

Question 90

Unencrypted Channels

Answer 90

connections in which the data being sent is not encrypted by using one or more unsecure protocols

Question 91

Clear text credentials

Answer 91

user passwords that are transmitted or stored unencrypted

Question 92

Unsecure Protocols

Answer 92

expose data or credentials in clear text ``` Telnet HTTP SLIP FTP TFTP SNMP v1 and v2 ```

Question 93

RF Emanation

Answer 93

emitting unintentional radio signals

Question 94

TEMPEST

Answer 94

NSA and NATO process to deal with RF emanations

Question 95

Name some threats

Answer 95

Changes to data Interruption of services Interruption of access Damage to hardware Unauthorized access or damage

Question 96

Name some types of attacks

Answer 96

``` Physical Security Attacks Network attacks Software attacks Social Engineering attacks Web app attacks ```

Question 97

Data Theft

Answer 97

using unauthorized access to obtain protected network info

Question 98

Data theft attacker often uses what in the attack

Answer 98

Stolen credentials to authenticate or stealing the data in transit by using a sniffer

Question 99

Social Engineering attack

Answer 99

uses deception to convince unsuspecting users to provide information Takes advantage of technically ignorant users

Question 100

Types of Social Engineering attacks

Answer 100

``` Spoofing Inpersonation Phising Vishing Whaling Spam or Spim Hoax ``` Pg 389

Question 101

Insider Threat

Answer 101

Malicious employee

Question 102

Malware attacks

Answer 102

malicious code attacks

Question 103

Name some types of malware

Answer 103

``` Virus Trojan Horses Logic bombs Worm Spyware Adware Rootkit Botnet ```

Question 104

Virus

Answer 104

code that spreads from one computer to another Code must be activated by users

Question 105

code that spreads from one device to another without human intervention

Answer 105

worm

Question 106

Must fool the users into executing it and can pave way for other attacks

Answer 106

Trojan HOrse

Question 107

Sits dormant to a specified time of activation

Answer 107

Logic Bomb

Question 108

Reports system usage without users consent

Answer 108

Spyware

Question 109

Displyas or downloads unwanted advertisiments

Answer 109

Adware

Question 110

Code that takes full or partial control of a system. Hides itself from monitoring and detection. Modifies low level system files. Used to install back doors

Answer 110

Rootkits

Question 111

set of devices that are controlled remotely by a control program/. Used to mount DOS and DDOS attacks

Answer 111

Botnets

Question 112

Goal of a software attack

Answer 112

disable or disrupt software on a users machine

Question 113

Grayware

Answer 113

Spyware and adware are not often malicious in nature but they are unwanted.

Question 114

If gray ware is disclosed in the End User License Agreement is it malware

Answer 114

no

Question 115

Types of viruses

Answer 115

``` Boot Sector Macro Mailer Poly morphic Script Stealth ``` Pg 393

Question 116

Effects of malware

Answer 116

pg 393

Question 117

Compromised system

Answer 117

system infected by malware

Question 118

buffer overflow

Answer 118

targets vulnerability to cause the device OS to crash and reboot.

Question 119

Buffer overflows are caused when

Answer 119

input controls are weak and attacker injects too much in of into the software causing the system to run out of allocated memory or buffer.

Question 120

Buffer overflows allow an attacker to

Answer 120

open connections Spawning shells

Question 121

Do buffer overflows appear in system logs

Answer 121

no

Question 122

Buffer overflows attack what

Answer 122

C programs and variants OS Applications

Question 123

Password attacks

Answer 123

stealing passwords

Question 124

do password attacks show in logs

Answer 124

Audit logs as failed login attempts or attempts at unusual times or locations

Question 125

SAM database

Answer 125

pg 395

Question 126

Types of password attacks

Answer 126

``` Guessing Stealing Dictionary attack Brute force Hybrid attack ```

Question 127

Guessing

Answer 127

Guessing what a password is Not very successful Use acct lockup to thwart this attack

Question 128

Stealing

Answer 128

Sniffing network comms for passwords; reading sticky notes

Question 129

Dictionary attacks

Answer 129

successful lagainist easy and unsophisticated passwords

Question 130

Brute force

Answer 130

Very successful but needs time