Part 4 Flashcards by Kj Roberge

When an antivirus program detects a virus an option may be given to an administrator to remove, clean or ____ a file.

Quarentine

How well did you know this?

Not at all

Perfectly

There are occasions when a file or program may exhibit behavior or coding that triggers a signature or behavior alert from an antimalware system often called?

False Positive

How well did you know this?

Not at all

Perfectly

An algorithm or hash that is unique to a specific attack method or virus?

Signature

How well did you know this?

Not at all

Perfectly

What scans continuously inspect files and email data for viruses as they are read from or written to a computer?

Auto Protect

How well did you know this?

Not at all

Perfectly

What does the effectiveness of VSE depend on?

Scanning engine and definition DAT files

How well did you know this?

Not at all

Perfectly

What prevents unwanted changes to your computer by retricting access to specified ports, files, shares etc?

Access Protection

How well did you know this?

Not at all

Perfectly

How often on COMPOSE do Anti Virus scans run?

Daily

How well did you know this?

Not at all

Perfectly

What is real time monitoring for malicious activities?

Behavioral

How well did you know this?

Not at all

Perfectly

What is a program that attaches itself to a file or another program?

Virus

How well did you know this?

Not at all

Perfectly

What is a program that replicates and propogates itself without having to attach itself to a file or program.

Worm

How well did you know this?

Not at all

Perfectly

What are three reasons privilage escalation can occur?

Error by administrator
weak password policy
bad coding in software

How well did you know this?

Not at all

Perfectly

What are additional security settings required?

Account lockout duration
minimum password length
disabling unnecessary services
“Allow administration by” option

How well did you know this?

Not at all

Perfectly

What are 4 types of Trojans?

Remote Access Trojan (RAT) : full or partial access to victim’s system

Data Sending : sends key strokes, passwords, cookies via email or back door

Destructive : deleting files, corrupting the OS, crashing the system, disable AV on the firewall

Proxy : jumping point for an attacker on another system to mask identity

How well did you know this?

Not at all

Perfectly

What is the purpose of Denial of Service attack?

Deny legitimate users from accessing infomation or resources

How well did you know this?

Not at all

Perfectly

What are some signs of Denial of Service attack?

Spam
Unavailable website

“Flood”, slowing or stopping data transfer, consumption of disk space or processor time, disrupting routing info, disrupting physical network components

How well did you know this?

Not at all

Perfectly

What involves exploiting the session between devices?

Session hijacking

How well did you know this?

Not at all

Perfectly

How can you prevent session hijacking?

Use encryption
use secure protocol
limit incoming connections
minimize remote access
strong authentication
using switches over hubs
user training

How well did you know this?

Not at all

Perfectly

How many user accounts should an admin have at minimum?

User and administrator

How well did you know this?

Not at all

Perfectly

What command line run script launches GPO editor?

gpedit.msc

How well did you know this?

Not at all

Perfectly

What provides the configuration setting of RBAC settings for installed applications?

Authorization Manager

How well did you know this?

Not at all

Perfectly

What analyizes system configuration and applies security templates?

Security Configuration and Analysis

How well did you know this?

Not at all

Perfectly

On a windows system, GPO editor seperates the local computer policy into two sections?

Computer configuration

- User configuration

How well did you know this?

Not at all

Perfectly

What provides the options for setting system auditing, rights assigned to groups, and their users and security features such as device settings, log on requirements, account settings, network access etc?

Local Policies

How well did you know this?

Not at all

Perfectly

What provides options for setting password complexity and length requirements as well as account lockout lengths and attempt frequencies?

Account Policies

How well did you know this?

Not at all

Perfectly

Database cryptography must be compliant against what for authentication of DBMS?

FIPS 140-2

How can you protect databases from Denial of Service attacks?

- Limit the number of connections | - Database clustering

What should be implemented to limit exposure?

Role Based Access Control Policy

What are password complexity requirements?

- minimum length - # of upper and lower case letters - # of numeric characters - # of special characters - password history or reuse

How long can an account be inactive before it should be disabled?

35 days

What kind of permissions should a bind account have?

Full administrative access to the database

What type of account is used to connect an application to its database?

Bind account

Where do databases fall under?

Application Core SRG

What are the 4 core SRGs?

- Application - network infrastructure - operating system - policy

What are collections of requirements applicable to a given technology family?

SRG- Security Requirement Guides

What could result in the loss of privacy, corruption of data, breach national security?

Attack on DBMS

What is the default admin account created during a COMPOSE install?

Compinstaller

What determines the service configuration for a computer is controlled by the role the machine will serve on the network?

Core Services Installation stage of install

What are the 4 modules of COMPOSE?

Baseline Configuration Module (BCM) Domain Configuration Module (DCM) Core Services Installation Module (CSIM) Security Configuration Module (SCM)

What sets the policies for the built in IPSec Software?

IP Security Policy on Location Computer

What provides the ability to configure EFS, Bit Locker, and the built in cryptographic capabilities?

Public Key Policies

What are the 4 distributions of Linux?

RedHat Solaris HP UX IBM AIX

What are two ways to interact with Linux?

Command Line Interface (CLI) | Graphic User Interface (GUI)

Linux considers everything a what?

File

What is the file path from the root?

Absolute

What is the file path from present working directory or otherwise?

Relative

How do you find out what directory you are in?

Pwd | Present working directory

What is the format for a command?

What is the command for Top processes?

Top

What shows the top lines?

Head

What shows you the bottom lines?

Tail

What shows you all the files in a directory?

Ls | Lists all the files

What shows you the permission set details of all the files in a directory?

Ls -l Long list Ls -a Long list all

What command is a scripting tool and can be used for an advanced search?

-awk

What command changes ownership of a file?

Chown

What command modifies permissions of a file?

Chmod

What command searches for string following command?

Grep

Ownership

User and group sets

What are 4 digit octal codes?

SUID SGID

What ensures owner cannot delete file from other users?

Sticky bit

What identifies a file serial number?

Inode

What are two types of file serials?

Symbolize - name | Hard link - inode serial #

What is after the user to indicate shadow file in use?

What command changes the password?

Passwd

What command references services?

Daemon

What user id code does root have?

What command is start up and shut down?

Initid

Where are log files stored?

Var

What are the SIU findings priorties?

``` 5- routine action 4- undocumented 3- not found in the fleet 2- yellow 1- red remove immediately ```

Three sub caregories?

New Old Check version

What version of TLS for web servers?

TLS 1.0 or greater

What must be placed so the user knows what they are accessing?

Banner page

Two types of webpages?

Static Dynamic- accept and retrieve from the user

How did Linux start?

As personal computers

Where can linux configurations be found?

/etc

What is the /root

Home directory

What are two text editors?

Nano | Vi editor

Where can you find a linux password has expired?

Shadow file

Where can you start and stop running scripts or start up scripts?

Init.d

How do you make a directory?

mk dir

How do you remove?

How do you read text based files?

More | Cat

How do you search

Find

How do you see what is most cpu intensive?

TOP

What are files that list other files?

Directories

Where are common user shared files?

Bin

Where are start files kernel?

Boot

What are two ownership types?

User | Group

What is used to ensure programs operate within intended use?

Behavior

What is a unique hash?

Signature

What scans emails inspecting for viruses?

Auto Protect

What are 3 things about encryption?

Sensitivity Classification of network Need to know between the user and the data

Threats to webservers?

AV is out of date cross site scripting Instant messaging Lack of back up logs

What is sensitive non approved

Private webserver

What has no need to know

Public webserver

2 defaults

Disable services | Limit # of simultaneous requests from / to web server

Directory + file access controls?

Files directories

Certificates- approved must use

Private

Crl-

Crl checking using ocsp and crls

Auditing

Use attempted use, potential problems, tool | Auditing unusual conditions

Before web authors upload scan for viruses

Mobile code

Dmz

Specific is isolated

What are 4 ways to mitigate threats to web servers?

Permisive router filtering Intrustion detection Firewall protection Connections to internal hosts and support services

Part 4 Flashcards

(102 cards)